|
lsass.exe
2 Spyware.com recommends: SpeedUpMyPC Download
Fix lsass.exe Errors: Free Registry Download
lsass.exe is the Local Security Authority Service, which handles the Windows Security Mechanisms.
It verifies the validity of users logging on to your computer and generates the process responsible for authenticating users for the Winlogon service. If authentication is successful, Lsass generates the user's access token, which is used to launch the initial shell.
Other processes that the user initiates inherit this token. lsass.exe is vital to the system and it is not possible to end this process using the Task Manager.
Located in "C:\WINNT\SYSTEM32\" on Windows 2000 and "C:\WINDOWS\SYSTEM32\" on Windows XP.
There are some parasites that uses lsass.exe filename to deceive the user:
Sasser Worm
W32.HLLW.Lovgate.C@mm
Mydoom
W32.Nimos.Worm
When the computer is infected with the parasite it displays a message:
"C:\windows\system32\lsass.exe terminated unexpectedly with status code 128. Your computer will now shut down in 60 seconds..."
Seconds counts to zero and shuts down the computer without user intervention. File lsass.exe is related to OnTarget. File lsass.exe is related to Pexmor. File lsass.exe is related to Rontokbro. lsass.exe also is an executable file that is responsible for launching parasites, loading main components of malicious programs and running a destructive payload. It is a significant part of a dangerous parasite, but can also function as a stand-alone threat. DO NOT run this file! The lsass.exe file is installed and used by Satiloler, Satiloler.b, Satiloler.c, Satiloler.d, Satiloler.e, Crutle.b, Wowcraft.c. The lsass.exe file usually runs the same named process. This process silently works in background and performs harmful actions. It remains active while lsass.exe is present in the system. Removing the file will immediately terminate a process and prevent it from running later. That is why you have to manually delete the lsass.exe file. If you cannot erase it, consider using recommended spyware removers, which will get rid of lsass.exe and associated parasites for you. In some cases a presence of lsass.exe does not mean that your system is infected. The file may actually belong to some fully legitimate applications and therefore must stay intact. If you are in doubt, please scan the lsass.exe file using you regular spyware remover or antivirus program. lsass.exe is an executable file that is responsible for launching parasites, loading main components of malicious programs and running a destructive payload. It is a significant part of a dangerous parasite, but can also function as a stand-alone threat. DO NOT run this file! The lsass.exe file is installed and used by Satiloler.f. You have to delete the lsass.exe file immediately after you have found it. The parasite will continue to violate your privacy and harm your computer unless lsass.exe and all related objects will not be completely removed from the system. If you have difficulties erasing the file consider using an anti-spyware program. Sometimes a presence of lsass.exe does not indicate that your computer is infected. It can be an essential system file or a file installed by harmless legitimate software and therefore may not pose any threat to your privacy and the system. Although such cases are quite rare, you should thoroughly examine lsass.exe before completely deleting or leaving it in the system.
Related files: system.bat, explorer.exe, smss.exe, command.com, service.com, system.com, win.com, csrss.exe, iexplorer.exe, mig2.exe, services.exe, shell.exe, smss.exe, winlogon.exe, mrhelloween.scr, empty.pif, application data.exe, av-prev.exe, controls.exe, exerun.exe, exeserv.exe, ex-plorer.exe, normal.exe, services.exe, 3d soccer.scr, leena.ini, leena.job, bandotbrobot.exe, blaut.exe, ble'e.exe, eminem.exe, exblorer.exe, karyaku.exe, kerne123.exe, servlogin.exe, shiemylova.exe, smahost.exe, smss.exe, winlogon.exe, winlogons.exe, imstrong.dll, comand.com, ghost.com, cmd.pif, regedit.pif, ssmedia.scr, application.exe, csrss.exe, data.exe, documents.exe, folderdata.exe, girls.exe, msinfo.exe, mstordb0.exe, my cv.exe, my data.exe, my girls.exe, pictures.exe, recycled.exe, regedit.exe, temp.exe, winlogon.exe, services.reg, tempservices.reg, cmd.pif, _system~.ini, ~[X].tmp, svchost.exe, msfsr.sys, [X].sys, aupdate.exe, IEXPLORE.EXE, luall.exe, mcupdate.exe, svchost.exe:svchost.exe, msfsr.sys, [X].sys, adobe global hack.exe, aim triton6.0.exe, alg.exe, aluscheduler.exe, cachemanxp.exe, calculator.exe, ccApp.exe, ccProxy.exe, csrss.exe, Dllhost.exe, floppy options.exe, important information.exe, kdb34894234.exe, limewirepro.exe, minesweeper.exe, motivebrowser.exe, msdtc.exe, myspace password cracker.exe, nopde.exe, NPROTECT.EXE, rundll32.exe, services32.exe, smss.exe, Spoolsv.exe, svchost.exe, system.exe, system idle process.exe, readme.exe, taskmanager.exe, virus scanner.exe, winlogon.exe, win32dll.exe, zlclient.exe, 123 copy dvd.exe, avp.exe, server.exe, hsvwer2.dll, md6media.dll, csrss.exe, dalang mistiq.exe, dokument.exe, hp bunga citri lestari.exe, kota p4hlawan.exe, lo5tword.exe, majnun was h3ere.exe, sma negeri 4.exe, smss.exe, Spoolsv.exe, svchost.exe, tugas.exe, windows [X1].exe, w32 wayang.exe, w4y4n9.exe, gatotkaca.scr, smss.exe, pagefile.pif, mm.gif, csrss.exe, services.exe, smss.exe, winlogon.exe, csrss.exe, cvt.exe, idtemplate.exe, inetinfo.exe, kangent.exe, services.exe, a.kotnorb.com, empty.pif, 3d animation.scr, smss.exe, bronstab.exe, eksplorasi.exe, ~dfa861.tmp, sempalong.exe
lsass.exe removal:
|
Described file lsass.exe is not related to the security threats.
However the same or similar file name can be used by spyware or adware programs to decept user. We advice you to scan your computer and eliminate possible threats. |
|
Information added: 19/03/04
Information updated: 13/04/06
Additional resources related to lsass.exe:
Attention: If you
know or you have a website or page about lsass.exe file, feel free
to add a link to this list: add
url
Post Comment:
Attention: Use
this form only if you have additional information about lsass.exe file,
its removal instructions, additional resources or behavior. By clicking
"post comment" button you agree not to post any copyrighted,
unlawful, harmful, threatening, abusive, harassing, defamatory,
vulgar, obscene, profane, hateful, racially, ethnically or otherwise
objectionable material of any kind.
|
Comments from visitors:
1. by Guest. 2005-10-31 21:10:55
1. by Guest. 07/09/2005. 12:09:48
if i use internet , it will shutdown the computer in 60 second
lsass.exe, how can i fix it
2. by Guest. 2005-09-07 12:09:48
if i use internet , it will shutdown the computer in 60 second
lsass.exe, how can i fix it
3. Lsass removal tools by Guest. 2005-07-21 01:07:06
we have a problem about lsass, can you help me? how i remove this virus?
4. Is it possible to determine the virus (and its time of presence in PC) and the exact date and time the lsass.exe was infected? by Guest. 2005-06-21 10:06:07
We have a problem in our company determining what day and time the virus entered the PC, when and how it affects the lsass.exe and what virus affects such file. Is it possible? we have until june 22, 2005, 0900 AM to know this or we will be fined. Pls help us
5. re: comment about file Lsass.exe by jacin ruzano by Guest. 2005-06-14 01:06:53
\"system is shutting down. any unsaved changes will be lost. initiated by NT AUTHORITYSYSTEM
6. lsass.exe by Guest. 2005-06-12 04:06:05
this file is terminate unexpedly and computer restart again and again .
please tell me what to do to resolve this problem.
thanks alot.
7. lsass.exe tries to connect to a remote port? by Guest. 2005-06-11 17:06:58
do I need to allow lsass to connect to the internet?
8. can't download lsass.exe remover by Guest. 2005-06-10 22:06:06
When I try downloading any file it gives me an error that my current security settings do not allow this file to be downloaded..I tried downloading the lsass.exe scanner & remover and am getting the same error..Active x control is enabled also..any one have a fix
9. THIS IS HOW YOU CAN END THE SHUTDOWN by Guest. 2005-06-10 19:06:49
Once the box comes up telling you your system is going to shutdown, go to run, then type in cmd.exe once a black box comes up. Type in "shutdown -a" (without quotes). And this will stop your computer from shutdown. THEN DELETE THE FILE USING lsass.exe its really not that hard. But this is a quick fix to stop the shutdown. ; )
10. I have the same problem as the last one by Guest. 2005-06-01 03:06:20
How can i get in to Windows, an dhow can i get this virus deleted ?
11. Robert, I just posted the last one by Guest. 2005-05-23 10:05:22
We have the same problem. Have you found any solutions?
12. lsass infection by Guest. 2005-05-23 10:05:00
When I turn on my computer it does not allow me to get into windows. It says "Invalid parameter was passed to a service or function" "lsass.exe system error."
How can I fix this problem?
13. REMOVE THE LINK!! by Guest. 2005-05-16 12:05:38
warning! i got a trojan on my system from downloading the free worms virus scan from www.Stop-Sign.com
remove the link!
14. Found lsass.exe in my ... by Guest. 2005-05-04 19:05:20
Hello i need some help here, how to get rid of all the spyware that is on my computer, my homepage has been changed, cant change it back, all the process are running really slow, it gets really anoying to use my computer lately.
Please Help
Thank you
15. lsass.exe, Win XP system will not boot by Guest. 2005-05-04 10:05:55
System will not completely boot, message window appears "lsass.exe - System Error An invalid parameter was passed to a service or function" I have up-to-date Symantec AV and Webrot Spyware. I click OK and it tries to boot abain, never succeeding. Virus? Worm? Anyone else see this or any suggestions to repair?
Robert
16. re: comment about file Lsass.exe by 2005-03-28 02:03:16
what can I do if I accidentaly deleted lsass.exe (while i was on the other OS installed ) . i deleted lsass.exe from XP ... now my computer boots on XP , but after the boot , it displays a black screen . what should i do ?
17. by Jonathan. 0000-00-00 00:00:00
to Jen: hey ur PC is shutting down coz it is a virus or something like tat...i also have tis problem and it may is sasser worm,to stop the shutdown cycle go to Start and run and type cmd and ok...then at the prompt type shutdown.exe -a and enter...
18. re: comment about file Lsass.exe by Fenelon. 2005-03-14 19:03:49
digite shutdown -a na linha de comando para interromper o desligamento.
Use o arquivo Windows-KB890830-V1.2-PTB.exe para remover o virus. Este arquivo serve para o XP, 2000 e 200 server.
19. re: comment about file Lsass.exe by yusuf. 2005-03-14 09:03:56
sir,
I am having problem with my member server its not starting the services of wins and rpc but anyhow i trace the problem and i found the problem in regedit with rpcss service when i change the value of key from 2 to 4 its start wins and rpc but its shows server srivices starting,,but acutally its does not start now any can please help me on the same
20. re: comment about file Lsass.exe by Khushi. 2005-03-11 11:03:36
I have 3 lsass.exe in
C:\Windows\System32
C:\Windows\ServicePackFilesI386
LSASS.exe in C:\I386
Is that safe? Or only one in C:\Windows\System32 is needed .......? Thanks
21. re: comment about file Lsass.exe by gabriela. 2005-03-09 09:03:48
hola soy gabriela y tengo ese grave problema con mi maquina el de este virus me dieron unas heramientas para eliminarlo y no me funcionan ayudenme porfavor es urgente
22. re: comment about file Lsass.exe by jen. 2005-03-09 06:03:33
"system is shutting down. any unsaved changes will be lost. initiated by NT AUTHORITYSYSTEM
Time before shutdown: 59 seconds
the system process 'C:\WINDOWS\system32\lasass.exe' ternimated unexpectedly with status code -1073741819 the system will now shut down and restart
23. re: comment about file Lsass.exe by Siphiwe Ndlovu. 2005-03-08 03:03:23
This file is taking 99%of my process
24. re: comment about file Lsass.exe by Artist. 2005-02-23 11:02:39
You may need to get your recovery CD out and re-install windows. When you reboot you will most likely get an error in lsass.exe not found. The machine will no longer boot if this happens. First go to MicroSoft and get the full instructions on repair/ re-installing WindowsXP. You will then need to boot from the recovery CD and attempt a repair. Press F8 to agree to the licencing agreement. Choose the second repair screen NOT the first one. It will get you nowhere! Just press enter at the first screen, then press R at the second screen. The process will begin. Expect a long haul on this one. Maybe overnight if you plan to download all of the now missing windows updates and crital updates.
25. re: comment about file Lsass.exe by Jeroen. 2005-02-16 03:02:29
i thought that the lsass.exe was a virus and so deleated it form my computer by going into C:\WINDOWS\SYSTEM32 will deleating this file seriosly harm my computer or not?
And if it does is there anywere were i can download a new lsass.exe??
26. re: comment about file Lsass.exe by alexander.riquelma@mainmail.net. 2005-02-11 15:02:49
Alexander, reparte este docuemnto puede ser de interes
|
|
Latest spyware news:
Related discussions:
|
Malware statistics of August 2008 by Kaspersky Security Network
