Article ID: 307547 - Last Review: October 27, 2006 - Revision: 3.1

Sysmon.exe May Hang with 8-Character Entry in the Registry

View products that this article applies to.
System TipThis article applies to a different operating system than the one you are using. Article content that may not be relevant to you is disabled.
This article was previously published under Q307547
Expand all | Collapse all

SYMPTOMS

When you attempt to add a counter, System Monitor may stop responding (hang), and CPU utilization may increase to 100 percent. This problem can occur only if a disk upper-filter driver is installed, where the driver name is 8 characters long, and is not equal to "diskperf".
Back to the top

CAUSE

This behavior is caused by a problem in Diskperf.dll that causes the program to enter an infinite loop.

In order for this problem to occur, an 8-characters long filter driver must be listed in the following registry REG_MULTI_SZ value, and it must be listed before diskperf, if diskperf is listed:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}\UpperFilters
Back to the top

WORKAROUND

Use a different number of characters for the name of the filter driver, and note that any number other than 8 works.
Back to the top

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
Back to the top

MORE INFORMATION

For additional information about a related problem, click the article number below to view the article in the Microsoft Knowledge Base:
278662  (http://support.microsoft.com/kb/278662/EN-US/ ) Diskperf.exe May Hang with 8-Character Entry in the Registry
Back to the top
APPLIES TO
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Professional Edition
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Home Edition
Back to the top
Keywords: 
kbenv kbprb KB307547
Back to the top