XP Process Question

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

hi guys


just wondering if someone could tell me what the the lsass.exe does... im running xp pro and it attempted to get and outbound port and nortons blocked it anyone know what this process does? or if it even is a process

thanks

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Here you go. PS. Google is your friend.

http://www.liutilities.com/products/wintaskspro/processlibrary/lsass/

EDIT: I thought a little more info might be helpful:

http://www.iamnotageek.com/a/lsass.exe.php

 

According to google newsgroups

lsass.exe = LSA Shell (Export Version) or Local Security Authority Service


lsass - lsass.exe - Process Information
Process File: lsass or lsass.exe
Process Name: Local Security Authority Service


Description:
lsass.exe is a system process of the Microsoft Windows security mechanisms.
It specifically deals with local security and login policies, and is NOT to be confused with the lsas.exe virus.


Author: Microsoft Corp.
Part Of: Microsoft Windows Operating System
--------------


Local Security Authentication Server


What does it do?
It generates the process responsible for authenticating users for the Winlogon service. This process is performed by using authentication packages such as the default Msgina.dll. If authentication is successful, Lsass generates the user's access token, which is used to launch the initial
shell. Other processes that the user initiates inherit this token.


You will not be able to end this through task manager!
---


Note: The lsass.exe file is located in the c:\windows\System32 folder. In other cases, lsass.exe is a virus, spyware, trojan or worm!

 

in other words guys it should not be there and it should not ask for access to outbound ports therefore I NEED TO REMOVE IT?

 

its always there, cant say i know if it needs outbound access or not, im sure your norton would of detected it as a virus if it wasnt the true version, although, being norton, it might of missed it! lol

 

well i just updated nortons... clean up my registry... and ill scan with nortons.. otherwise everything looks okay to me!

 

Have you just run windows update, or installed anything related to logon or security policies? If you have the file may have been changed and that's why Norton is now asking permission for it. Also, make sure what you're reading as lssass.exe is actually a small cap L and not a Capital I (i). They are almost impossible to tell apart on the computer screen.

Do a search for issass.exe and see if anything shows up. It's a virus.

 

tell me what you think from the screen shot... yeah i did some updates i think cause i reinstalled windows XP...

and i did a search for that using hidden files included and nothing came up... scan with nortons 2005 after just updating and im clean (HOPEFULLY!!)

 

Where is that?

 

sorry the image was big and it didnt upload... there now..

 

Sure looks like lsass.exe to me.

 

trip is that an L or I ????

 

Lower case "L".

 

phew so its normal...