Process Explorer "run at logon" set in admin mode prevents user mode task tray icons
Windows 11 23H2 with all updates Process Explorer 17.05 (64-bit) At one point I had to launch ProcessExplorer in admin mode, and while in the instance I set "Start at logon". Since then, it launches at startup but prevents the task tray…
PSTools Error
I have a win11 computer with no access to the internet. cmd is run as administrator. After trying to open a task scheduler via the PSTools on my desktop (psexec.exe -i -s %windir%\system32\mmc.exe /s taskschd.msc) I am getting the following error:…
How to make videoconferences work on Linux with Chrome and Teams PWA?
I'm using Fedora 40, which uses pipewire to manage audio services (instead of the legacy pulseaudio app), with Linux kernel 6.8 (using Intel SOF drivers). My company is now upgrading to Teams v2. With such configuration combination, Teams PWA (Google…
Can we focus furthermore to the results of upgrading a non-qualified device to Windows 11?
Given that the only prerequisites not met are CPU and TPM (MoSetup), and that a WIM file will be deployed with a 'DISM apply image' command after locating the file (version matched with index source); predictably on the reboot there will be on-screen…
Why can't I get sysmon to run on my windows 11 machine?
Hi all, I downloaded sysinternals suite and unzipped all. I tried to run sysmon by right clicking the sysmon.exe > run as administrator. When that didn't work I opened Powershell as administrator, navigated to the folder that contained sysmon and…
How to remove or unload PROCMON24.SYS, because it blocks games from running
Hello folks, this is a really frustrating problem. I'll take FIFA 23 as an example. The game has a new anticheat software implemented that apparently checks the C:\Windows\system32\drivers content for PROCMON23.SYS and PROCMON24.SYS. The game…
Sysmon Configuration Entries - DriverName has no effect
I am running Sysmon v15.14 and have the following config entries: <Sysmon schemaversion="4.90"> <DnsLookup></DnsLookup> <DriverName>AudiusSv</DriverName> <EventFiltering> <RuleGroup…
Is it known that AutoLogon.exe does not remove the DefaultPassword from the LSA Secrets store / Registry?
I was playing with AutoLogon.exe for the first time today and was testing the security around the DefaultPassword. I have found tools that can easily decrypt the password, but that weak security is known. What I wonder though, is if it is known that…
EOL,EOS,EEOS Dates for Sysinternals products
Hii All I wanted to know the End of life (EOL), End of Support (EOS), Extended End of Support (EEOS) dates for the below mentioned sysinternals products. Handle 4Bg Info 4Handle 5Sysinternals Process Monitor 3PsExec 2Process Explorer 17PsGetSid 1PsPing…
Sysmon V15.14: Servers going to "hung state" randomly
Hello, We deployed sysmon V15.14 and facing issues like random servers going into "hung state". I see a ton of "<unknown process> " in the process_path field of Event ID #3 ( Network connection) in sysmon log. Just curious if…
procmon leaves something in place that anti hack software detects
I have licensed software that checks for hacking sw somehow. It got upset when it saw that procmon was running ('monitoring sw running'...) and shut down. When I shutdown procmon and restarted the app it still complained, I had to reboot. Seems like…
RDCMan v2.90 Doesn't honor 'Desktop background'
I am using RDCMan v2.90 and find that when connecting to Windows Server 2012, 2012R2, 2016 or 2019 the desktop background is shown even when RDCMan Experience settings have the Desktop background option disabled. I have also tried setting connection…
Adjust Wallpaper Diferent Resolutions
In my company some users has a monitor to use as a second screen of your notebook. The screen resolutions of this monitors are different than the notebook resolution and the wallpaper that was set by BGInfo appears deformed. There is a way to setup…
RDCman must support webauthn to stay relevant!
RDCMan from sysinternals does not support webauthn and can't use FIDO2 keys or Passkeys which are in preview for Entra ID now. Without this feature RDCman is basically useless going forward. Can someone at Microsoft/Sysinternals PLEASE look into this? Or…
Sysmon 15.12 - high cpu utilization & stops logging certain events
Running sysmon 15.12 with a pretty robust config that's a combination of open source (swiftonsecurity, etc) and my own rules. I am noticing a peculiar behavior in 15.12 where after running normal/stable for a while, sysmon decides to consume an entire…
bginfo 4.28 - bug in saving and/or loading complex user defined fields detected
Hi all, I think I detected a bug in bginfo when saving and loading a more complex user defined wmi query. My situation: I am saving my settings in a bgi file, not in the registry I wanted to shorten the network output of bginfo, so I tried to…
I am unable to find msi for RDCMAN V2.90
I am unable to find set up file for remote connection desktop manager V 2.90. The one available on the below link is not the correct one. https://download.sysinternals.com/files/RDCMan.zip Please assist me in finding the correct one.
EOL,EOS,EEOS Dates for sysinternals
Hi All I Want to know the EOL, EOS, EEOS dates for the Sysinternals products. e.g. handle4, Bg info4, handle5, process monitors, process explorer, psexec2,
System.BadImageFormatException
Hello, I wanted to ask about an error that happened to me lately and that is that when I start the computer I get this message
Output of GFlags "Show Loader Snaps" not visible in DebugView
"Show Loader Snaps" is a very useful GFlag to investigate dependency issue of an application. When using it, I will get the debug output of this flag in the Debug Output windows of Visual Studio 2022 - that is nice. But when using the famous…