Sysmon not installing
Getting error when trying to install Sysmon on Windows 11 Enterprise 23H2. See attached error. Devices are Entra joined only, they do have a WDAC policy applied to them which we think could be causing this issue, but are unable to find out what exactly…
![](https://cdn.statically.io/img/techprofile.blob.core.windows.net/images/pxpvXcfHUkGs_31NHERBiA.png?8D83C7)
How to remove or unload PROCMON24.SYS, because it blocks games from running
Hello folks, this is a really frustrating problem. I'll take FIFA 23 as an example. The game has a new anticheat software implemented that apparently checks the C:\Windows\system32\drivers content for PROCMON23.SYS and PROCMON24.SYS. The game…
How do I install install process explorer? Which version of the installer should I use and why?
Background / Context (or see TLDR below) I am trying archive deeply nested directories and need a work around for the 260 character limit for path file names in Windows. I've modified the following registry…
![](https://cdn.statically.io/img/techprofile.blob.core.windows.net/images/_5e-jRvlCkWlkMrV8cdbJg.png?8D8365)
process explorer v17.06 flagged as malicious / virus on virus total
process explorer v17.06 flagged as malicious / virus on virus total https://www.virustotal.com/gui/file/75af473dad96a1237231059f64bbba92692560b2724a56687c1f9d91d3326239/details
How to securely use PSEXEC with a remote user and password from a batch file?
I use PSEXEC to administer many embedded Windows systems (no KVM) that are not part of our domain. (Think of a thermostat or freezer.) They use their own user/password that does not exist in our domain or locally. I use "PSEXEC -u user -p…
![](https://cdn.statically.io/img/techprofile.blob.core.windows.net/images/_5e-jRvlCkWlkMrV8cdbJg.png?8D8365)
Where the heck is the bug tracker? (serious Autoruns issue)
Autoruns has a serious issue in v14.11 (the most recent version as of this writing). If you use the Analyze Offline System option the remote registry hives will not be unmounted when autoruns exits. This can lead to corruption rendering the offline…
You need to launch Sysmon as an Administrator.
You need to launch Sysmon as an Administrator.
![](https://cdn.statically.io/img/techprofile.blob.core.windows.net/images/pxpvXcfHUkGs_31NHERBiA.png?8D83C7)
BGinfo position for remote servers
I am maintaining some remote servers (windows server 2016 - located at the customer sites) from my home and now configuring BGinfo. The problem is....the 'position' button seems not work properly within remote desktop connection (due to monitor…
Sysinternals - ZoomIt v8.01 - Multi Screen Support - Feedback
Hello, I am a bit surprised by how difficult it is to find good/simple windows screen zooming tools. In a multiple monitor scenario I want zoom one monitors screen. I don't want scale, I don't want a magnifier window gobbling more screen space,…
tcpvcon.exe does not show portnumbers
I wanted to use tcpvcon.exe to get a list of all listening processes and was wondering that it doesn't show the port numbers? Is there any reasons? Could such a feature added?
![](https://cdn.statically.io/img/techprofile.blob.core.windows.net/images/pxpvXcfHUkGs_31NHERBiA.png?8D83C7)
Update for BGinfo in Windows 11
Hello, Do you know if/when BGinfo will be updated for Windows 11?
BGInfo doesn't recognize Windows 11
I just upgraded to Windows 11. BGInfo 4.28 is showing the OS as being Windows 10 Build 22000. Can this be remedied?
Process Monitor Not Picking Up Any Events When "Drop Filtered Events" is toggeled?
I am trying to troubleshoot an issue with Sever 2022 becoming unable to RDP into it after some time, and I'm trying to use Process Monitor to monitor the key HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\fDenyTSConnections. However, when I toggle…
How can I limit or delete the folder content of Sysmon folder?
I have Sysmon installed in all of our Servers 2019 and 2022. It piles up the logs in C:/Sysmon folder. The folder is owned by TrustedInstaller so generally I cannot delete the content. I have used PSexec but whenever I try to run that it gives an error…
Sysmon 15 is not able to start service in timely manner?
Sysmon v15.0 installation failed during StartService operation and it tried to clean up machine by uninstalling it automatically, but uninstall operation failed as well and left the System in bad state so reinstallation is not working either. System…
Sysmon 13.01 Prevent ArchiveDirectory creation and file delete backup
Is there a way with Sysmon 13.01 to prevent the creation of the Archive Directory (default is C:\Sysmon) and prevent file deletions from saving the file to the local filesystem?
Process Explorer does not respond when starting
On many windows servers I have when I start Process Explorer x64, the screen shows the list of processes but Process Explorer is not responding (for example scrolling down the process list does not do anything). The status bar continues to update showing…
Sysmon - Non-ASCII character in the ParentUser and ParentCommandLine field
Has anyone seen this behavior with Sysmon: getting non-ASCII characters in the ParentUser, and ParentCommandLine fields? Sometimes it looks like another language character set, other times it is WingDings or some other non-sensical characters. …
verified signer
In Process Explorer I clicked Options > Verify Image Signatures. Several show no signer and "The system cannot find the specified file". If I attempt to kill the process it reports "Error Opening process: Access is denied'". If I…
![](https://cdn.statically.io/img/techprofile.blob.core.windows.net/images/DB4ZihbIN0K-VqqjaihLRA.png?8DC809)
How to remove (none) from BGInfo output?
Computers these days have so many network connection options the BGInfo is providing useless info for network adapters that are not being used. As seen here this PC is only using one network connection but because it has a WiFi adapter, Ble and…