Help! Lsass.exe eats 80% of my memory

Dear all,

I just installed a Windows 2003 Standard Edition (R2) and promote it as a Domain Controller, at the very beginning, it works perfectly.  However, few days later, I found that it is very slow and only 200MB ram left (total 1GB), when I open task manager, it indicates lsass.exe consumes around 600MB of memory, now I would like to know is it possilbe to disable it or remove it.  Thanks in advance.

PS.  I also installed DHCP, IIS on that machine but they are not in use.
LVL 1
towo2002Asked:
Who is Participating?
 
r-kConnect With a Mentor Commented:
Yes, I also think scanning for a worm is the best bet. A good way to start would be to run HijackThis (http://www.hijackthis.de/) and post the log back to that web site, then click "analyze" and see what it shows as suspicious.

Here are some suggestions I posted in another similar thread:

This could be due to number of reasons. Among them:

(1) Hardware malfunction

(2) Malware or rootkit

(3) Corrupted user profile

(4) Misbehaving AV or other service or driver.

I would suggest the following:

(a) log-in as a different user - does the problem persist, if so then rule out  option (3) above.

(b) Disable any AV program or anything else unnecessary and see if that helps.

(c) Run Process Explorer from http://www.sysinternals.com/Utilities/ProcessExplorer.html 
    It shows a lot more detail then Task Manager. In particular, if it shows CPU
    time being used by "Interrupts" then there might be a hardware problem.

(d) Scan your system for malware. At the very least, run the following two programs:

 (d.1) RootkitRevealer from: http://www.sysinternals.com/Utilities/RootkitRevealer.html
 (d.2) Download and run HijackThis from http://www.hijackthis.de/
       Copy-and-paste the resulting log back to that same web site (not here)
       Click on "Analyze", and then click on "Save Analysis" at the bottom of the next page.
       Review for anything unusual.
0
 
victornegriCommented:
You can't disable lsass.exe it's the program that handles all the security for your files and folders. Have you updated the computer with all the critical security patches? There was a worm going around that made it so lsass took up a chunk of RAM and CPU time. I think it was the Sasser worm. You may want to scan your computer for that.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.