• FAQs
• Articles
• Tutorials
• Web Tools
• Reference
• Blog
• Proxy
• Software
• Cell Phones

• Malware
• What is malware?
• What are the future trends in malware?
• What is a computer virus?
• What are the types of computer viruses?
• What is the history of computer viruses?
• What is a boot sector virus?
• What is a computer worm?
• What is a trojan horse?
• What is a logic bomb?
• What is tabjacking?
• Where can I download free anti-virus software?
• How to Remove a Virus
• Where can I get an online virus scan?
• How do I protect my computer on the Internet?
• How can I protect myself from viruses?
• Where can I get more information about viruses?
• Why do people write computer viruses?
• What is spyware?
• How do I protect my computer from spyware?
• How do spyware detection programs work?
• What is free spyware removal software?
• What is a free online spyware remover?
• How do I remove spyware manually?
• What is Yahoo Anti-Spyware?
• What is Microsoft Anti-Spyware?
• What is Macintosh spyware removal software?
• How do I remove KaZaA spyware?
• What is adware?
• What is lsass.exe?
• What is SMSS.exe?
• How do I remove Win Fixer?
• How do I remove a trojan adclicker?
• How do I remove CasinoOnNet?
• How do I remove Cydoor?
• How do I uninstall Hotbar?
• How do I remove Zlob?
• How do I remove Begin2Search?
• What is spam?
• How can I improve my Outlook spam filter?
• What is a popup?
• What is a free popup blocker?
• How do I change my Home page?
• What is Aprl.exe and how do I remove it?
• How Do I Delete the Backdoor-CVT Virus?
• How do I remove Mirar?
• How Do I uninstall Virus Protect Pro?
• How Do I uninstall Yahoo! Search Companion?
• What is the Master Blaster Virus?
• What is SmitFraud?
• What is ComboFix?
• What is HijackThis?
• What is rtvscan.exe
• What is g2mdlhlpx.exe?
• What is ucleaner?
• What is SmitFraudFix?
• What is Worm.Win32.Netbooster?
• How Do I uninstall Nero Scout?
• How do I uninstall SysReset?
• How do I uninstall AlmightySearch?
• Detection and Removal of Internet Speed Monitor
• Vundo
• Main Menu
• » Networking
• » Physical Layer
• » Data Link Layer
• » Network Layer
• » Network Security
• » Wireless Networks
• » VoIP
• » Telephony
• » Mobile Telephony
• » Electronics
• » Radio
• » Television
• » Cryptology
• » Passwords
• » Smart Cards
• » Privacy
• » Malware
• » Vulnerabilities
• » Unix
• » Macintosh
• » Microsoft Windows
• » The Web
• » Web Publishing
• » E-mail
• » Instant Messaging
• » Databases
• » Computer Hardware
• » CPU's
• » Memory
• » Storage
• » Video
• » Audio
• » Multimedia
• » Satellite
• » Java
• » IT Management
• » Science
• » Miscellaneous

What is lsass.exe?

LSASS, or local security authority subsystem service, is a function or process that is part of the Microsoft Windows operating system. Essentially, LSASS is part of the process for maintaining and enforcing the security protocols on the operating system. To this end, LSASS performs several important functions to ensure that the system remains free of unauthorized access and is not infected by a wide range of viruses and bugs.

What Does LSASS Specifically Do?

Perhaps the most common task that LSASS oversees is the access to the computer or server. LSASS recognizes any restrictions on access to any information on the hard drive or the server, and will make sure that only recognized access codes or other login credentials will allow persons to interact with those data files. This means that LSASS comes into play each time someone logs into the server, or uses a desktop computer and gains access to password protected files.

LSASS can also allow administrators or any user that is granted the proper privileges to make changes and updates to passwords and user profiles. For example, it is through LSASS that authorized personnel may delete, change, or create new passwords and user files. Any and all changes are noted in the Windows Security Log.

How Does The Sasser Worm Relate To LSASS?

The Sasser Worm was an electronic worm virus that was specifically created to take advantage of a design vulnerability in versions of LSASS that were found in Windows 2000 and Windows XP. Essentially, the worm would make use of LSASS to create what is known as a buffer overflow. This overflow would make it possible for the worm to use the system resources to spread to other machines on the network. Unlike many other worm viruses, the Sasser worm was not spread by email. But once in any one computer, it could quickly spread to any other computers that were connected to the same network.

Can an Infected LSASS be repaired?

Yes, it is possible to remove the Sasser worm from LSASS and restore full functionality without damaging any of the aspects of the process. Because the Sasser worm can cause LSASS to end abruptly, LSASS will flash a timer on the screen, warning users to save work in progress before the operating systems shuts down. Once the system is down, it is possible to reboot the system and use immunizations software to isolate the worm, banish it from the system, and restore the function of LSASS.

Bookmark What is lsass.exe?

Latest Blog Posts

• Acai Berry Spam via MSN

• Obama Seeks Power to Shut Down the Internet

• Help Beta Test Tech-FAQ 2.0!

• Windows 7 Forum

• Boston College: Ability to Use a Command Line is a Sign of Criminal Activity

• Google Hacked?

• Recycle your old phone – Make some money, and save the environment too!

• SourceForge vs. Freshmeat

• Fastest Web Browser: Google Chrome

• New Webmaster Forum