2058:
25:
2069:
357:
42:
337:
234:
2094:
1073:
1088:
330:
201:(capital "i" instead of a lowercase "L") in efforts to trick users into installing or executing a malicious file instead of the trusted system file. The
89:
61:
910:
68:
1944:
323:
75:
2073:
346:
1323:
963:
547:
382:
57:
1495:
1404:
920:
552:
108:
2104:
2099:
1243:
1223:
1186:
1148:
1133:
1989:
1571:
1098:
310:
158:
will result in the system losing access to any account, including NT AUTHORITY, prompting a restart of the machine. Because,
46:
1113:
1954:
1823:
1510:
1500:
1374:
1278:
1138:
495:
450:
82:
2109:
2062:
1430:
1389:
1288:
1143:
940:
655:
605:
305:
143:
on the system. It verifies users logging on to a
Windows computer or server, handles password changes, and creates
1652:
1532:
1238:
737:
377:
370:
365:
35:
1984:
1949:
1379:
1369:
1308:
1218:
1108:
1078:
727:
425:
1349:
1293:
1273:
1118:
887:
772:
190:
662:
1934:
1929:
1773:
1768:
1728:
1688:
1638:
1384:
1128:
1123:
998:
973:
935:
905:
855:
667:
590:
515:
435:
410:
1914:
1878:
1490:
1475:
1233:
1191:
1083:
1013:
930:
915:
510:
202:
2043:
1863:
1808:
1748:
1733:
1542:
1213:
1168:
1025:
978:
167:
2028:
2023:
1868:
1838:
1803:
1693:
1399:
1394:
1298:
1248:
1206:
1176:
1063:
650:
615:
562:
500:
148:
1969:
1828:
1783:
1758:
1713:
1659:
1458:
1313:
1196:
645:
630:
570:
490:
460:
197:. Due to the way some systems display fonts, malicious developers may name the file something like
129:
1974:
1924:
1698:
1617:
1603:
1522:
1228:
1068:
1035:
1008:
1003:
677:
580:
575:
475:
2038:
1964:
1919:
1818:
1813:
1788:
1743:
1708:
1578:
882:
692:
525:
133:
1979:
1888:
1723:
1666:
1624:
1485:
1453:
1409:
1364:
1283:
1043:
840:
717:
707:
470:
465:
300:
194:
136:
2015:
1898:
1873:
1858:
1848:
1798:
1793:
1547:
1181:
897:
762:
752:
697:
682:
540:
430:
206:
140:
1505:
1048:
860:
850:
835:
767:
635:
610:
585:
535:
505:
415:
182:
2088:
1994:
1853:
1753:
1093:
1053:
830:
805:
797:
732:
600:
400:
1763:
1718:
1645:
1610:
1318:
1268:
1058:
810:
757:
722:
640:
620:
440:
420:
214:
144:
1833:
1778:
1683:
1537:
1425:
1303:
1158:
950:
925:
520:
276:
24:
315:
1738:
1562:
1103:
993:
867:
787:
712:
530:
210:
1359:
1354:
988:
877:
825:
595:
255:
1939:
1843:
1703:
1463:
1328:
958:
815:
702:
687:
625:
485:
445:
1959:
1893:
1631:
1517:
1480:
1468:
1153:
872:
845:
820:
782:
480:
405:
186:
2033:
1883:
1552:
1333:
1258:
1999:
1435:
1263:
968:
742:
455:
162:
is a crucial system file, its name is often faked by malware. The
1527:
1201:
1020:
983:
319:
1445:
777:
747:
672:
18:
277:"The Best Way To Remove Lsass.exe Virus - Fix Lsass Process"
2012:
1907:
1676:
1595:
1588:
1561:
1444:
1418:
1342:
1167:
1034:
949:
896:
796:
561:
391:
49:. Unsourced material may be challenged and removed.
177:. If it is running from any other location, that
331:
8:
58:"Local Security Authority Subsystem Service"
2068:
1592:
338:
324:
316:
122:Local Security Authority Subsystem Service
109:Learn how and when to remove this message
256:"Windows 7 Services | Windows CMD"
235:"Configuring Additional LSA Protection"
226:
166:file used by Windows is located in the
139:that is responsible for enforcing the
2095:Microsoft Windows security technology
1945:Next-Generation Secure Computing Base
173:, and the description of the file is
7:
47:adding citations to reliable sources
1074:Distributed Transaction Coordinator
16:Computer operating system component
1405:User Interface Privilege Isolation
14:
279:. Errorboss.com. 23 December 2014
2067:
2057:
2056:
175:Local Security Authority Process
23:
1134:Remote Differential Compression
301:Security Subsystem Architecture
34:needs additional citations for
1990:Windows System Assessment Tool
1:
1279:Open XML Paper Specification
1139:Remote Installation Services
347:Microsoft Windows components
1431:Windows Subsystem for Linux
1390:Mandatory Integrity Control
1144:Windows Deployment Services
941:Wireless Zero Configuration
2126:
1533:Universal Windows Platform
1239:Kernel Transaction Manager
1224:Hardware Abstraction Layer
921:Multimedia Class Scheduler
2052:
1985:Windows Services for UNIX
1370:Data Execution Prevention
1219:Graphics Device Interface
1109:Network Access Protection
728:Remote Desktop Connection
353:
1350:Security and Maintenance
1294:Security Account Manager
888:Windows XP visual styles
205:spreads by exploiting a
154:Forcible termination of
147:. It also writes to the
2105:Access control software
2100:Windows NT architecture
1935:Media Control Interface
1769:Help and Support Center
1385:Kernel Patch Protection
1149:System Resource Manager
1129:Remote Desktop Services
1124:Print Services for UNIX
906:Service Control Manager
516:Windows Error Reporting
436:DirectX Diagnostic Tool
1915:Desktop Cleanup Wizard
1491:COM Structured storage
1192:Desktop Window Manager
1084:Windows Media Services
311:MS identity management
1543:Windows Mixed Reality
1214:Enhanced Write Filter
1064:Roaming user profiles
1824:Mobile Device Center
1774:Health & Fitness
1572:Solitaire Collection
1400:User Account Control
1395:Protected Media Path
1299:Server Message Block
1249:Logical Disk Manager
501:System Policy Editor
486:System Configuration
149:Windows Security Log
43:improve this article
1970:Virtual DOS machine
1314:System Idle Process
1289:Resource Protection
1197:Portable Executable
1089:Active DRM Services
491:System File Checker
461:Performance Monitor
217:operating systems.
2110:Windows components
1975:Windows on Windows
1699:Backup and Restore
1511:Transaction Server
1229:I/O request packet
1069:Folder redirection
738:Speech Recognition
496:System Information
451:Management Console
306:LSA Authentication
2082:
2081:
2008:
2007:
1965:Video for Windows
1920:Games for Windows
1789:Internet Explorer
883:Windows Spotlight
526:Windows Installer
181:is most likely a
171:%WINDIR%\System32
137:operating systems
134:Microsoft Windows
119:
118:
111:
93:
2117:
2071:
2070:
2060:
2059:
1980:Windows SideShow
1759:Food & Drink
1653:Spider Solitaire
1593:
1486:ActiveX Document
1454:Active Scripting
1410:Windows Firewall
1365:Credential Guard
1044:Active Directory
841:Indexing Service
471:Resource Monitor
466:Recovery Console
340:
333:
326:
317:
288:
287:
285:
284:
273:
267:
266:
264:
263:
252:
246:
245:
243:
242:
231:
209:in the LSASS on
200:
180:
172:
165:
161:
157:
114:
107:
103:
100:
94:
92:
51:
27:
19:
2125:
2124:
2120:
2119:
2118:
2116:
2115:
2114:
2085:
2084:
2083:
2078:
2048:
2016:Microsoft Store
2014:
2004:
1950:POSIX subsystem
1930:File Protection
1903:
1874:Program Manager
1859:Phone Companion
1849:Outlook Express
1799:Make Compatible
1729:Desktop Gadgets
1689:Anytime Upgrade
1672:
1584:
1557:
1548:Windows Runtime
1440:
1414:
1380:Family features
1338:
1163:
1119:DFS Replication
1030:
945:
936:Error Reporting
892:
792:
668:Mobility Center
663:Movies & TV
557:
541:Windows Insider
431:Driver Verifier
426:Drive Optimizer
393:
387:
378:Booting process
349:
344:
297:
292:
291:
282:
280:
275:
274:
270:
261:
259:
254:
253:
249:
240:
238:
233:
232:
228:
223:
207:buffer overflow
198:
178:
170:
163:
159:
155:
141:security policy
115:
104:
98:
95:
52:
50:
40:
28:
17:
12:
11:
5:
2123:
2121:
2113:
2112:
2107:
2102:
2097:
2087:
2086:
2080:
2079:
2077:
2076:
2065:
2053:
2050:
2049:
2047:
2046:
2041:
2036:
2031:
2026:
2020:
2018:
2010:
2009:
2006:
2005:
2003:
2002:
1997:
1992:
1987:
1982:
1977:
1972:
1967:
1962:
1957:
1952:
1947:
1942:
1937:
1932:
1927:
1922:
1917:
1911:
1909:
1905:
1904:
1902:
1901:
1896:
1891:
1886:
1881:
1879:Steps Recorder
1876:
1871:
1866:
1861:
1856:
1851:
1846:
1841:
1836:
1831:
1826:
1821:
1816:
1811:
1806:
1801:
1796:
1791:
1786:
1781:
1776:
1771:
1766:
1761:
1756:
1751:
1746:
1741:
1736:
1731:
1726:
1721:
1716:
1711:
1706:
1701:
1696:
1691:
1686:
1680:
1678:
1674:
1673:
1671:
1670:
1663:
1656:
1649:
1642:
1635:
1628:
1621:
1614:
1607:
1599:
1597:
1590:
1586:
1585:
1583:
1582:
1575:
1567:
1565:
1559:
1558:
1556:
1555:
1550:
1545:
1540:
1535:
1530:
1525:
1520:
1515:
1514:
1513:
1508:
1506:OLE Automation
1503:
1498:
1493:
1488:
1483:
1473:
1472:
1471:
1466:
1461:
1450:
1448:
1442:
1441:
1439:
1438:
1433:
1428:
1422:
1420:
1416:
1415:
1413:
1412:
1407:
1402:
1397:
1392:
1387:
1382:
1377:
1372:
1367:
1362:
1357:
1352:
1346:
1344:
1340:
1339:
1337:
1336:
1331:
1326:
1321:
1316:
1311:
1306:
1301:
1296:
1291:
1286:
1281:
1276:
1274:Object Manager
1271:
1266:
1261:
1256:
1251:
1246:
1241:
1236:
1234:Imaging Format
1231:
1226:
1221:
1216:
1211:
1210:
1209:
1204:
1194:
1189:
1184:
1179:
1173:
1171:
1165:
1164:
1162:
1161:
1156:
1151:
1146:
1141:
1136:
1131:
1126:
1121:
1116:
1111:
1106:
1101:
1096:
1091:
1086:
1081:
1076:
1071:
1066:
1061:
1056:
1051:
1046:
1040:
1038:
1032:
1031:
1029:
1028:
1023:
1018:
1017:
1016:
1011:
1006:
1001:
996:
991:
981:
976:
971:
966:
961:
955:
953:
947:
946:
944:
943:
938:
933:
931:Task Scheduler
928:
923:
918:
913:
908:
902:
900:
894:
893:
891:
890:
885:
880:
875:
870:
865:
864:
863:
861:Special folder
858:
853:
848:
843:
833:
828:
823:
818:
813:
808:
802:
800:
794:
793:
791:
790:
785:
780:
775:
773:Voice Recorder
770:
765:
760:
755:
750:
745:
740:
735:
730:
725:
720:
715:
710:
705:
700:
695:
690:
685:
680:
675:
670:
665:
660:
659:
658:
648:
643:
638:
633:
628:
623:
618:
613:
608:
603:
598:
593:
588:
583:
578:
573:
567:
565:
559:
558:
556:
555:
550:
545:
544:
543:
536:Windows Update
533:
528:
523:
518:
513:
508:
506:System Restore
503:
498:
493:
488:
483:
478:
473:
468:
463:
458:
453:
448:
443:
438:
433:
428:
423:
418:
416:Device Manager
413:
408:
406:Command Prompt
403:
397:
395:
389:
388:
386:
385:
380:
375:
374:
373:
368:
360:
354:
351:
350:
345:
343:
342:
335:
328:
320:
314:
313:
308:
303:
296:
295:External links
293:
290:
289:
268:
247:
225:
224:
222:
219:
117:
116:
31:
29:
22:
15:
13:
10:
9:
6:
4:
3:
2:
2122:
2111:
2108:
2106:
2103:
2101:
2098:
2096:
2093:
2092:
2090:
2075:
2066:
2064:
2055:
2054:
2051:
2045:
2042:
2040:
2037:
2035:
2032:
2030:
2027:
2025:
2022:
2021:
2019:
2017:
2011:
2001:
1998:
1996:
1995:Windows To Go
1993:
1991:
1988:
1986:
1983:
1981:
1978:
1976:
1973:
1971:
1968:
1966:
1963:
1961:
1958:
1956:
1953:
1951:
1948:
1946:
1943:
1941:
1938:
1936:
1933:
1931:
1928:
1926:
1923:
1921:
1918:
1916:
1913:
1912:
1910:
1906:
1900:
1897:
1895:
1892:
1890:
1887:
1885:
1882:
1880:
1877:
1875:
1872:
1870:
1867:
1865:
1864:Photo Gallery
1862:
1860:
1857:
1855:
1852:
1850:
1847:
1845:
1842:
1840:
1837:
1835:
1832:
1830:
1827:
1825:
1822:
1820:
1817:
1815:
1812:
1810:
1809:Meeting Space
1807:
1805:
1802:
1800:
1797:
1795:
1792:
1790:
1787:
1785:
1782:
1780:
1779:HyperTerminal
1777:
1775:
1772:
1770:
1767:
1765:
1762:
1760:
1757:
1755:
1752:
1750:
1749:Easy Transfer
1747:
1745:
1742:
1740:
1737:
1735:
1732:
1730:
1727:
1725:
1722:
1720:
1717:
1715:
1712:
1710:
1707:
1705:
1702:
1700:
1697:
1695:
1692:
1690:
1687:
1685:
1682:
1681:
1679:
1675:
1669:
1668:
1664:
1662:
1661:
1657:
1655:
1654:
1650:
1648:
1647:
1643:
1641:
1640:
1636:
1634:
1633:
1629:
1627:
1626:
1622:
1620:
1619:
1615:
1613:
1612:
1608:
1606:
1605:
1601:
1600:
1598:
1594:
1591:
1587:
1581:
1580:
1576:
1574:
1573:
1569:
1568:
1566:
1564:
1560:
1554:
1551:
1549:
1546:
1544:
1541:
1539:
1536:
1534:
1531:
1529:
1526:
1524:
1521:
1519:
1516:
1512:
1509:
1507:
1504:
1502:
1499:
1497:
1494:
1492:
1489:
1487:
1484:
1482:
1479:
1478:
1477:
1474:
1470:
1467:
1465:
1462:
1460:
1457:
1456:
1455:
1452:
1451:
1449:
1447:
1443:
1437:
1434:
1432:
1429:
1427:
1424:
1423:
1421:
1419:Compatibility
1417:
1411:
1408:
1406:
1403:
1401:
1398:
1396:
1393:
1391:
1388:
1386:
1383:
1381:
1378:
1376:
1373:
1371:
1368:
1366:
1363:
1361:
1358:
1356:
1353:
1351:
1348:
1347:
1345:
1341:
1335:
1332:
1330:
1327:
1325:
1322:
1320:
1317:
1315:
1312:
1310:
1307:
1305:
1302:
1300:
1297:
1295:
1292:
1290:
1287:
1285:
1282:
1280:
1277:
1275:
1272:
1270:
1267:
1265:
1262:
1260:
1257:
1255:
1252:
1250:
1247:
1245:
1244:Library files
1242:
1240:
1237:
1235:
1232:
1230:
1227:
1225:
1222:
1220:
1217:
1215:
1212:
1208:
1205:
1203:
1200:
1199:
1198:
1195:
1193:
1190:
1188:
1185:
1183:
1180:
1178:
1175:
1174:
1172:
1170:
1166:
1160:
1157:
1155:
1152:
1150:
1147:
1145:
1142:
1140:
1137:
1135:
1132:
1130:
1127:
1125:
1122:
1120:
1117:
1115:
1112:
1110:
1107:
1105:
1102:
1100:
1097:
1095:
1092:
1090:
1087:
1085:
1082:
1080:
1077:
1075:
1072:
1070:
1067:
1065:
1062:
1060:
1057:
1055:
1052:
1050:
1047:
1045:
1042:
1041:
1039:
1037:
1033:
1027:
1024:
1022:
1019:
1015:
1012:
1010:
1007:
1005:
1004:Reparse point
1002:
1000:
997:
995:
992:
990:
987:
986:
985:
982:
980:
977:
975:
972:
970:
967:
965:
962:
960:
957:
956:
954:
952:
948:
942:
939:
937:
934:
932:
929:
927:
924:
922:
919:
917:
914:
912:
909:
907:
904:
903:
901:
899:
895:
889:
886:
884:
881:
879:
876:
874:
871:
869:
866:
862:
859:
857:
854:
852:
849:
847:
844:
842:
839:
838:
837:
834:
832:
829:
827:
824:
822:
819:
817:
814:
812:
809:
807:
806:Action Center
804:
803:
801:
799:
795:
789:
786:
784:
781:
779:
776:
774:
771:
769:
766:
764:
761:
759:
756:
754:
751:
749:
746:
744:
741:
739:
736:
734:
733:Snipping Tool
731:
729:
726:
724:
721:
719:
716:
714:
711:
709:
706:
704:
701:
699:
696:
694:
691:
689:
686:
684:
681:
679:
676:
674:
671:
669:
666:
664:
661:
657:
654:
653:
652:
649:
647:
644:
642:
639:
637:
634:
632:
629:
627:
624:
622:
619:
617:
614:
612:
609:
607:
604:
602:
599:
597:
594:
592:
591:Character Map
589:
587:
584:
582:
579:
577:
574:
572:
569:
568:
566:
564:
560:
554:
551:
549:
546:
542:
539:
538:
537:
534:
532:
529:
527:
524:
522:
519:
517:
514:
512:
509:
507:
504:
502:
499:
497:
494:
492:
489:
487:
484:
482:
479:
477:
474:
472:
469:
467:
464:
462:
459:
457:
454:
452:
449:
447:
444:
442:
439:
437:
434:
432:
429:
427:
424:
422:
419:
417:
414:
412:
411:Control Panel
409:
407:
404:
402:
401:App Installer
399:
398:
396:
390:
384:
381:
379:
376:
372:
369:
367:
364:
363:
362:Architecture
361:
359:
356:
355:
352:
348:
341:
336:
334:
329:
327:
322:
321:
318:
312:
309:
307:
304:
302:
299:
298:
294:
278:
272:
269:
257:
251:
248:
236:
230:
227:
220:
218:
216:
212:
208:
204:
196:
192:
188:
184:
176:
169:
152:
150:
146:
145:access tokens
142:
138:
135:
131:
127:
123:
113:
110:
102:
91:
88:
84:
81:
77:
74:
70:
67:
63:
60: –
59:
55:
54:Find sources:
48:
44:
38:
37:
32:This article
30:
26:
21:
20:
2029:File Manager
1869:Photo Viewer
1804:Media Center
1764:Groove Music
1694:Address Book
1665:
1658:
1651:
1646:Purble Place
1644:
1637:
1630:
1623:
1616:
1611:Chess Titans
1609:
1602:
1589:Discontinued
1577:
1570:
1269:Ntoskrnl.exe
1253:
1177:Boot Manager
1169:Architecture
1059:Group Policy
951:File systems
851:Saved search
758:Sticky Notes
723:Quick Assist
651:Media Player
621:Feedback Hub
616:Fax and Scan
511:Task Manager
441:Event Viewer
421:Disk Cleanup
281:. Retrieved
271:
260:. Retrieved
250:
239:. Retrieved
229:
215:Windows 2000
174:
153:
125:
121:
120:
105:
96:
86:
79:
72:
65:
53:
41:Please help
36:verification
33:
2044:Minesweeper
2013:Spun off to
1834:MSN Dial-up
1829:Movie Maker
1734:Diagnostics
1684:ActiveMovie
1426:COMMAND.COM
1304:Shadow Copy
1159:Server Core
999:Mount Point
926:Shadow Copy
521:Windows Ink
237:. Microsoft
203:Sasser worm
2089:Categories
2024:DVD Player
1839:NetMeeting
1739:DriveSpace
1604:3D Pinball
1104:SharePoint
868:Start menu
713:Phone Link
576:Calculator
531:PowerShell
392:Management
283:2016-05-24
262:2016-05-24
258:. SS64.com
241:2022-02-04
221:References
211:Windows XP
69:newspapers
1819:Messenger
1814:Messaging
1744:DVD Maker
1714:CD Player
1709:CardSpace
1660:Solitaire
1360:BitLocker
1355:AppLocker
989:Hard link
878:Task View
856:Namespace
826:ClearType
646:Messaging
631:Magnifier
596:Clipchamp
571:3D Viewer
199:Isass.exe
179:lsass.exe
168:directory
164:lsass.exe
160:lsass.exe
156:lsass.exe
99:July 2009
2063:Category
1940:MS-DOS 7
1925:ScanDisk
1844:NTBackup
1724:Contacts
1704:Cardfile
1639:Hold 'Em
1618:FreeCell
1464:VBScript
1375:Defender
1343:Security
1329:Winlogon
1284:Registry
898:Services
831:Explorer
816:AutoPlay
703:Paint 3D
688:OneDrive
678:Narrator
626:Get Help
581:Calendar
476:Settings
446:IExpress
2039:Mahjong
1960:Interix
1894:WinHelp
1794:Journal
1784:Imaging
1632:InkBall
1518:DirectX
1481:ActiveX
1469:JScript
1182:Console
1154:Hyper-V
1049:Domains
873:Taskbar
846:IFilter
821:AutoRun
783:WordPad
778:Weather
693:OneNote
683:Notepad
606:Cortana
481:Sysprep
187:spyware
130:process
128:) is a
83:scholar
2072:
2061:
2034:Hover!
1908:Others
1889:Travel
1884:Syskey
1667:Tinker
1625:Hearts
1553:WinUSB
1538:WinAPI
1523:Native
1334:WinUSB
1259:MinWin
1036:Server
836:Search
748:Sports
718:Photos
708:People
586:Camera
191:trojan
85:
78:
71:
64:
56:
2000:WinFS
1899:Write
1596:Games
1563:Games
1436:WoW64
1264:NTLDR
1254:LSASS
1187:CSRSS
994:links
969:exFAT
798:Shell
763:Store
753:Start
743:Skype
698:Paint
673:Money
601:Clock
548:WinRE
456:Netsh
394:tools
383:Games
183:virus
126:LSASS
90:JSTOR
76:books
2074:List
1955:HPFS
1719:Chat
1677:Apps
1579:Surf
1528:.NET
1496:DCOM
1324:WHEA
1319:USER
1309:SMSS
1099:WSUS
1079:MSMQ
1021:ReFS
984:NTFS
959:CDFS
916:CLFS
911:BITS
811:Aero
788:Xbox
768:Tips
656:2022
641:Maps
636:Mail
611:Edge
563:Apps
358:APIs
213:and
195:worm
62:news
1854:Pay
1754:Fax
1501:OLE
1476:COM
1459:WSH
1446:API
1207:DLL
1202:EXE
1114:PWS
1094:IIS
1054:DNS
1026:UDF
1014:EFS
1009:TxF
979:FAT
974:IFS
964:DFS
553:WMI
193:or
132:in
45:by
2091::
371:NT
366:9x
189:,
185:,
151:.
339:e
332:t
325:v
286:.
265:.
244:.
124:(
112:)
106:(
101:)
97:(
87:·
80:·
73:·
66:·
39:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.
