English | Deutsch
Try  Security
Task Manager

Inspect the lssas.exe on your PC!
www.neuber.com

How to remove lssas error


The free file information forum can help you find out if lssas.exe is a virus, trojan, spyware, adware which you can remove, or a file belonging to a Windows system or an application you can trust.

lssas.exe file information

The process belongs to the software LSSAS.EXE or AcroRdWin by MS.

Description: lssas.exe is located in the folder C:\Windows\System32 - typically c:\windows\ or C:\WINDOWS\system32\. Known file sizes on Windows XP are 424960 bytes (34% of all occurrence), 136704 bytes, 142848 bytes, 197632 bytes, 49523 bytes, 90624 bytes, 51712 bytes, 161792 bytes, 6277773 bytes, 206848 bytes, 50184 bytes, 95232 bytes, 260690 bytes, 41984 bytes, 112128 bytes, 201728 bytes, 81920 bytes, 55603 bytes, 197120 bytes, 196070 bytes, 102619 bytes, 123904 bytes, 58536 bytes.
The process has no file description. lssas.exe is not a Windows system file. The program has no visible window. The file is located in the Windows folder, but it is not a Windows core file. The process uses ports to connect to LAN or Internet. lssas.exe is able to hide itself, monitor applications, connect to Internet. Therefore the technical security rating is 90% dangerous, however also read the users reviews.

If lssas.exe is located in a subfolder of C:\Windows\System32 then the security rating is 74% dangerous. File size is 434176 bytes (62% of all occurrence), 466944 bytes. Program has no file description. The program has no visible window. lssas.exe is an unknown file in the Windows folder. Program starts upon Windows startup (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Runonce). lssas.exe is not a Windows system file. lssas.exe is able to record inputs, hide itself, manipulate other programs.

If lssas.exe is located in the folder C:\Windows then the security rating is 91% dangerous. File size is 31232 bytes (25% of all occurrence), 19456 bytes, 24064 bytes, 45568 bytes. There is no information about the maker of the file. The program is not visible. It is an unknown file in the Windows folder. The program starts when Windows starts (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Runonce). It is not a Windows system file. lssas.exe is able to monitor applications.

If lssas.exe is located in a subfolder of C:\Windows then the security rating is 86% dangerous. File size is 57414 bytes (66% of all occurrence), 38982 bytes.

External information from Paul Collins:
There are different files with the same name:

  • "lssass" definitely not required. Added by the AGOBOT.RL WORM!
  • "Microsoft Management Console" definitely not required. EasySearch adware

Important: Some malware camouflage themselves as lssas.exe, particularly if they are located in c:\windows or c:\windows\system32 folder. Thus check the lssas.exe process on your pc whether it is pest. We recommend Security Task Manager for verifying your computer's security. It is one of the Top Download Picks of 2005 of The Washington Post and PC World.

Score

User Comments

Rate
It has been flagged the "sober worm" by many websites. It duplicates itself into several other directories and uses FTP to upload data of your activities to a webserver, hence the port 21 lockup. I consider it dangerous as i logged it uploading all data i entered into forms and all the websites i visited. If you have Mozilla Firefox and you find that the process is always running, this is a sure sign you have the "sober" worm.
  Necrotising Fasciitis  
Rate
Only thing I know about, it is give me 50 sec after connect to net via Win2003, then closing PC, restart. After re-connect to net, the same countdown message appears...
  Abu Salem  
Rate
to remove it from my computer
  girmay  
Rate
probably a virus / key logger. Do not confuse with lsass.exe. Check in windows/system32 for this file and a seperate file of same name without extension.
   
Rate
Bewirkt ständig über 95% CPU-Auslastung, verunmöglicht Internet-Zugang
  Jocke  
Rate
cause that reboot "blue text...it said need upgrade ati driver or Bios upgrade "
  crashed to blue text  
Rate
I cloned a (failing) drive last week and everything on the transfer was good. After, my neice downloaded several free screensavers and my new system started working differently. The hidden file LSSAS.EXE isn't on the old drive. If I turn the computer off, it restarts on its own within a few minutes. Now, there are a few other files trying to get past my firewall and I get a few pop-ups during the day. Several times when the computer was supposed to be idle, the DSL modem showed activity. Each time I disconnected the modem the computer went into a (countdown) shutdown mode.
  Fred  
Rate
W32.AGOBOT.RL Trojan. Disable/Delete.
  Kisara  
Rate
Without closing lssas.exe I can't run a ftp-server. I think it uses the same port 21
  BeerLover  
Rate
I can not get on internet when it is running. When I "kill" it I can acces the internet.
  Phil  
Rate
adds pop up ads related to the adware.easysearch browser hijacker which is a variant of the coolwebsearch and about:search hijacker. Very annoying and hard to get rid of!
  MagiDrum   (further information)
Rate
On my system it (lssas.exe) locks up port 21 with a "Listening" status upon boot.
   
Rate
If you end task it, it auto restarts. LSSAS is malware, meant to be confused with the legitimate LSASS, pay attention!
  DaveMc  
Rate
I started to investigate what I have in the computer since I saw a non stop stream of information going out and coming in even when all progs were closed. No program I have could identify it (yet).
  Barak G.  
Rate
Possibly a virus as the real one is Lsass.exe
  Darren O'Brien   (further information)
Rate
Windows NT4/2000/XP/2003 only. It verifies the validity of user logons to your PC/Server (in technical jargon : it generates the process that is responsible for authenticating users for the Winlogon service). An integral part of the operating system, leave alone provided that its full path as shown is either C:\WinNT\System32\LSASS.exe (Windows 2000) or C:\Windows\System32\LSASS.exe (Windows XP/2003). If the path is anything else then you may have a virus.
  Camilo Quemedigas Medaigual  
Rate
This file can be closed without dammage
  geo909  

Summary: 1 user think lssas.exe is essential for Windows or an installed application. 4 users think it's neither essential nor dangerous. 5 users suspect danger. 9 users think lssas.exe is dangerous and recommend to remove it.. 2 users doesn't grade lssas.exe ("not sure about it").

Do you have additional information?
What do you know about lssas.exe:
How do you rate it:
Link for more info's:
Your Name:

lssas scanner


image

Security Task Manager shows all running Windows tasks including embedded hidden functions (e.g. keyboard or browser monitoring, autostart entry). A unique security risk rating indicates the likelihood of the process being potential spyware, malware, keylogger or a Trojan.

Spyware Doctor detects and removes sleeping spyware, adware, trojans, keyloggers, malware and tracking threats from your hard disk. Ideal supplement to Security Task Manager.

Registry Booster free scans, cleans, repairs and optimizes your system.

Other processes


lssas.exe [all]