Hi,
We have issues on some Multi-User Server Systems (TerminalServer, Citrix, VDS). Sysmon is blocking closing threads, so processes hang up and user can't connect / logon to the servers.
MS support investigated this issue and confirmed this.
So, I have two questions: If I send you (Sysmon Devs) the Tracking ID, ticket content and the memory dump, can you check why Sysmon is blocking threads?
In addition, the operating team reports that with Sysmon 10.42 they don't have this issue. What have changed between this old version and the latest, which could effect the mentioned issue?
Thanks in advance.
KR
Manuel