Event ID - 1001

Event Id1001
SourcePerflib
DescriptionThe buffer size returned by a collect procedure in Extensible Counter DLL "<path to dll>" for the "<service name>" service was larger than the space available. Performance data returned by counter DLL will be not be returned in Perf Data Block. Overflow size is data DWORD 0.
Event InformationWhen using Performance Monitor or some tool that queries performance data, the system may post an event ID 1001 for the Perflib source in the Application Event Log.
CAUSE:
Windows NT checks if the buffer amount used for performance data collection is equal or greater than the buffer supplied. If so it posts the event. However, it should post the event if the buffer amount used only exceeds the buffer amount supplied.
For more information about the resolution steps click on the link given below.
Reference LinksPerflib Event 1001 Posted Erroneously

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh