Article ID: 152513 - View products that this article applies to.
This article was previously published under Q152513
NoticeThis article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center
(https://support.microsoft.com/?scid=http%3a%2f%2fsupport.microsoft.com%2fwin2000)is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy
The Performance Monitor utility Perfmon.exe may not display valid counter objects. Below are some troubleshooting methods that can be used to resolve the issue.
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
(https://support.microsoft.com/kb/322756/ )How to back up and restore the registry in Windows
You could check the strings in the 009 key under the key described below and look for any garbled entries, entries that have two numbers, or entries that have two strings in succession (you should see ### string ### string, and so on in the multi-sz editor). This may not explain the different behavior between the local and remote cases because they both access the same registry values.
Perfmon does the following with the registry:
Usually this type of failure is the result of one of the network related extensible counter DLLs. Another possibility could be the permissions enabled on the local machine are insufficient to allow the remote account access to the performance counter registry keys. The minimum permissions needed for each instance of the following registry subtree
Everyone - Read (Query Value, Enumerate Subkeys, Notify, Read Control).
System - Full Control
Administrators - Full Control
As always check the security, application or system event logs for any "interesting" entries. To try and narrow it down you could try to disable the extensible counter DLLs to prevent them from being loaded. If this solves the problem, enable the extensible counter DLLs one at a time to see when it breaks again.
To disable one or more extensible counter DLL(s):
(https://support.microsoft.com/kb/164018/EN-US/ )Controlling Remote Performance Monitor Access to Windows NT Servers
Article ID: 152513 - Last Review: February 21, 2007 - Revision: 2.5