For most Windows processes Constant high CPU utilization is not typical, especially for system components like lsass.exe. Its usual completion in this situation does not help, so users have a question - how to solve this problem?

First, a few words about the process itself: the lsass.exe component appeared in Windows Vista and is a part of the security system, namely the user authorization check service, which makes it related to WINLOGON.exe.

This service is characterized by a CPU load of about 50% during the first 5-10 minutes of system boot. A constant load over 60% indicates the presence of a failure, which can be eliminated in several ways.

Method 1: Install Windows Updates

In most cases, the problem is caused by an outdated version of the system: in the absence of updates, the Windows security system may malfunction. The OS update process is not difficult for an ordinary user.

Method 2: Reinstall Browser

Sometimes lsass.exe does not load the processor all the time, but only when the web browser is running - this means that the security of one or another component of the program is violated. The most reliable solution to the problem would be complete reinstallation browser, which should be done like this:

As a rule, this manipulation fixes the crash with lsass.exe, but if the problem is still observed, read on.

Method 3: Cleaning from viruses

In some cases, the cause of the problem may be a virus infection of the executable file or the substitution of a third-party system process. You can determine the authenticity of lsass.exe as follows:

If any other directory opens instead of the specified directory, you are faced with viral attack... We have on the site detailed manual actions in such a case, therefore we recommend that you familiarize yourself with it.

Conclusion

Summing up, we note that most often problems with lsass.exe are observed on Windows 7. We draw your attention to the fact that official support for this version has been discontinued by the OS, therefore we recommend that you upgrade to current Windows 8 or 10 if possible.

Today I will continue to talk about processes and in this moment I want to talk about the lsass.exe process. If you open Task Manager and display the processes for all users, you will see the same lsass.exe process.

LSASS takes its origin from the English Local Security Authority Subsystem Service, which can be translated as "local security authentication server". This is part of the operating room Windows systems which is responsible for authorization local users separate computer... This is an extremely important service because without it, local users will not be able to log in to the system.

What does this process do? It checks the data for authorization, and upon successful authorization, the service sets the logon flag. In the event that the authorization was started by the user, the flag for launching the user shell is also set. When authorization is initialized by an application or service, the application is granted the rights of the specified user.

The lsass.exe file is located in the C: \ Windows \ System32 folder, and the most common size for windows, including versions XP, 7 and 8, is 13,312 bytes. lsass.exe is not malicious in the vast majority of cases. And yet the authors malware sometimes they call their viruses and Trojans exactly by their name this process to avoid detection. Of course, if specified file is located outside the C: \ Windows \ System32 directory, then this is clearly a virus or malware.

If lsass.exe is loading the processor

As for the processor load, if lsass.exe loads it, then by very insignificant amounts. Some users say that lsass.exe loads the processor by 50-70%. If this happens, then we are most likely talking about a virus or Trojan. Try using an antivirus, and free utilities type Dr. Web Cureit to search for malware.

There are a lot of situations with the appearance of an increased load on the system resources of a computer. One of the services that is most commonly seen in these situations is LSASS.exe. Not everyone knows what this process is. Some try to terminate it immediately, others assume it is a virus and scan the system. But what is it really? Let's figure it out.

LSASS.exe: what is this process?

Yes, indeed, the appearance of a virus of the same name in the system is not excluded. But first, let's talk about the original LSASS.exe component. What is this process?

It is believed that this system tool is a kind of intellectual tool that constantly monitors all actions. Windows user and independently decides to enable or disable some protective equipment. Naturally, the functioning of this service implies a load on resources, but in the standard version it should be short-term (this module is activated within a maximum of ten minutes), and the peak load should not exceed 40-70%. Not a hundred.

If the use of system resources is higher than the specified values, and there are several identical processes in the list of processes, you can be sure that this is a virus, and the virus is quite dangerous, belonging to the class of spyware and rootkits. However, you can get rid of it quite simply (attention will be focused on this separately).

Why is LSASS.exe loading the processor in Windows 7?

But even the original system component is capable of delivering excessive loads. Why is this happening? Yes, only because the above values ​​apply, so to speak, for ideal cases of system downtime.

If a lot of user programs are running in Windows, and even background components from startup that start together with the operating system are running, the user gets a situation when the use of the processor or random access memory goes off scale, and even there is a huge number of svchost.exe processes that are connected with this service only indirectly.

But you should not get upset, because you can apply a fairly simple and universal solution, which consists in deactivating this system process and the service responsible for it. This can be done quite simply, and this, by and large, will not particularly affect the stability of the operating system.

How do I disable the default service?

So, let's assume that the standard LSASS.exe process is overloading the processor too much. The situation can be corrected by the most simple disconnection of this component, although it is not recommended to deactivate system services. Nevertheless, with a weak processor, this option will become the only means of reducing the load:

• First, you need to use the "Run" console and write the services.msc line in it to enter the services section.
• On the right in the list, you need to find the Credential Manager service (the LSASS.exe service loads the processor just in case it is in an active state and starts automatically).
• Double-click to open the menu for editing parameters, press the button to stop the process (this is required), set the startup type to "Disabled", save the changes and reboot the system. Reboot to in this case is an a prerequisite to apply new custom settings.

Note: In some cases, you may need to first terminate the lsass.exe process in the "Task Manager" or stop again after disabling the service in the above section.

What if it's a virus?

But sometimes the load may not be connected specifically with the system component LSASS.exe. What is this process in this case? As you probably already guessed, this is a real virus disguised as a system process.

You can make sure that it is a virus by the presence of several identical processes in the "Task Manager". You can also go through the RMB menu to the location of the file (the original object is in the System32 directory and nowhere else).

When a threat is identified, we do the following:

1. Recommended first in user folder find the AppData directory. It may have an attribute of hidden, so you first have to enable the display of such objects in the "Explorer" view menu.
2. In the specified folder, through the Local directory, you need to get to the Temp directory and completely clear its contents.
3. After that, it is recommended to check the system with some anti-adware utility like AdwCleaner, and also use a special applet UnHackMe (a program for detecting spyware and rootkits) to scan the system again.
4. Upon completion of the removal of threats, it is advisable to clean the system, for which you can use at least universal application CCleaner.

Short summary

In principle, it is not recommended to disable the above-described service, like any other system component of this plan. But if the load increases to such an extent that it becomes impossible to work at the computer, then, alas, you will have to work without it, relying on other means of protection, including system services, and third party programs(at least the same standard antivirus).

The further into the forest, the more firewood. This proverb fully describes the consequences of the renewal operating systems Windows family... Since Vista, the developers have added a "smart verification" user function, which increases the level of data protection. But if you are reading this, then lsass.exe loads the processor and is unstable. Let's take a look at how to deal with this.

What is lsass.exe?

Lsass.exe is a process used by the Local Security Authority Process service. It determines the authenticity of the logged in user using artificial intelligence systems. The detailed operating principle is unknown, but the developers claim that the peak load on the processor is 50-60% and lasts up to 10 minutes. Therefore, if lsass.exe loads the system at 100% and does not allow working normally at the computer, there is a serious violation of the security service.

How to solve the problem?

The reason for such a high resource consumption lies in two reasons: damage system files or a virus infection. Let's consider each aspect in detail.

Removing virus software

In 90% of cases, the problem lies in the virus software. The infected file is disguised as a standard lsass.exe and secretly does its dirty deeds. When system damage manifests itself, the abuser impersonates an increased use of hardware resources.

A number of steps are taken for treatment:

1. Close open applications.
2. Delete the content from the C: \ Users \ Administrator \ AppData \ Local \ Temp directory.
3. Remove recently installed programs.
4. Install the following applications: AdwCleaner, and CCleaner.
5. Launch AdwCleaner and click the Scan button. After the end of the procedure, click "Cleanup".
   
6. Launch UnHackMe and click "Check Me Now". After the end of the procedure, select "Clean".
   
   
7. Reboot your computer.
8. Clean your registry with CCleaner.
   
   

Disable service

If the "antivirus" utilities did not give any result, then the only way out is to force the service to be disabled.

For this you need:

Attention! Three users reported fixing an issue after factory reset and browser reinstallation Google chrome... Perform these manipulations if there is no effect from the previous methods.

Now you know why lsass.exe loads the processor in Windows 7. Please note that this problem has been reported on newer versions of the OS, but the solutions remain the same. Good luck treating your computer!