<div>
<div class="content wysiwyg-content">
Hi all,<br />
<br />
We experience sporadic high LSASS threads on our 3 DCs. Running perfmon does not help much because the incidents are sporadic. Should I just let perfmon run without stopping it? Is there a way to do this without sacrificing the space on the server? On a side note, I ran poolmon and saw that MFEO driver is the top (and has a significant high non paged allocation compared to the rest). And after digging firther, that driver is linked to McAfee. Can someone please advise what is the best way to tackle this issue?
</div>
</div>


Hi all,

We experience sporadic high LSASS threads on our 3 DCs. Running perfmon does not help much because the incidents are sporadic. Should I just let perfmon run without stopping it? Is there a way to do this without sacrificing the space on the server? On a side note, I ran poolmon and saw that MFEO driver is the top (and has a significant high non paged allocation compared to the rest). And after digging firther, that driver is linked to McAfee. Can someone please advise what is the best way to tackle this issue?

High LSASS Threads on 3 of our 2008 R2 DCs

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.