What is lsass.exe? Should I remove it?

by Alice Woods - -

lsass.exe is the Local Security Authority Service by Microsoft, Inc, which is responsible for security policies enforcement and handles other Windows Security Mechanisms. Lsass.exe also verifies the identification of the user when he is logging on computer and generates the process responsible for his authentication when using Winlogon service. The lsass.exe process mainly operates in the system through its ability to create access tokens.

Note that lsass.exe is legitimate file which is vital to the system and needed for the PC's normal functionality. It is located in “C:\WINDOWS\SYSTEM32\” and can't be ended using the Task Manager.

lsass.exe is a system process, it is a safe file and does not pose any threat.


Some parasites, for example sasser worm, use lsass.exe filename to deceive the user by hiding their processes under the name of this file. Lsass.exe filename is used by OnTarget, Pexmor, Rontokbro, Satiloler, Crutle, Wowcraft and other variants of these malware parasites. So, you may have a virus that runs the same named process and silently works in background and performs harmful actions. In order to check your PC, run a full system scan with reputable anti-malware programs. We recommend using Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus and Reimage.

verdict - status of the file:
diagnosis required
Advice: If your computer seems sluggish, or you are suffering from unwanted advertisements and redirects to unknown websites, we highly recommend you to scan it with reputable anti-spyware program. Do some FREE scan tests and check the system for unwanted applications that might be responsible for these problems.
We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software you agree to our privacy policy and agreement of use.
do it now!
Problem diagnosis program Happiness
Problem diagnosis program Happiness
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is a recommended tool to scan your system for possible threats and crappy software. The trial version of the product will find harmful applications in your system.

More information about this program can be found in Reimage review.

More information about this program can be found in Reimage review.

About the author

Alice Woods
Alice Woods - Likes to teach users about virus prevention

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Alice Woods
About the company Esolutions

Removal guides in other languages