lsass.exe is the Local Security Authority Service by Microsoft, Inc, which is responsible for security policies enforcement and handles other Windows Security Mechanisms. Lsass.exe also verifies the identification of the user when he is logging on computer and generates the process responsible for his authentication when using Winlogon service. The lsass.exe process mainly operates in the system through its ability to create access tokens.
Note that lsass.exe is legitimate file which is vital to the system and needed for the PC's normal functionality. It is located in "C:\WINDOWS\SYSTEM32\" and can't be ended using the Task Manager.
lsass.exe is a system process, it is a safe file and does not pose any threat.
Some parasites, for example sasser worm, use lsass.exe filename to deceive the user by hiding their processes under the name of this file. Lsass.exe filename is used by OnTarget, Pexmor, Rontokbro, Satiloler, Crutle, Wowcraft and other variants of these malware parasites. So, you may have a virus that runs the same named process and silently works in background and performs harmful actions. In order to check your PC, run a full system scan with reputable anti-malware programs. We recommend using PlumbytesWebroot SecureAnywhere AntiVirus and Reimage.
Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.