Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
1 answer
Bug in <Snapshot Time> field
It seems that I have found a "bug" in the BGInfo 4.28 Built 2019/9/19 program. The <Snapshot Time> field is only updated once (in fact, the first time) when you have making changes or modifications with the program open. Once all the…
Sysinternals
asked 2020-12-25T07:24:05.687+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 27%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELE%3C/text%3E%3C/svg%3E)
Lluis Enric Bonjorn
1
Reputation point
answered 2020-12-30T10:33:19.333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 78%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
mariora
376
Reputation points
3 answers
Application performance Issues
Hi all Hope you lovely people can help. The problem We have an application called EROS which is supported by a company called IDOX, that used to take 4-5 mins to load, now is taking 30+mins to run. Also, when moving from field to field…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-11-27T00:43:45.12+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 43%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAN%3C/text%3E%3C/svg%3E)
ASIF NASAR
1
Reputation point
answered 2020-12-30T10:16:44.25+00:00
mariora
376
Reputation points
1 answer
Error communicating with PsExec service on PC0236206
For the first time, I could able to run the application remotely using PsExec utility tool. A day after, the same application could not able to run remotely using PsExec Utility tool. Then i tried to get some answers and followed few steps sc.exe…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-12-09T05:03:00.723+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 46%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Sujith Kinayath
1
Reputation point
answered 2020-12-30T09:59:14.317+00:00
mariora
376
Reputation points
1 answer
Autoruns broken rendering on HDPI screen
Autoruns, when started on my 4K screen zoomed at 200%, looks like this:
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 48%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
1 answer
COM question, how to corelate a COM server(EXE) created by a client request.
I have a COM server(EXE) and when I access the object first time using CoCreateInstance/Ex the EXE starts running. However the parent for this process seems to be svchost.exe , not the client application that asked for the Object Activation. I verified…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-11-23T13:36:23.953+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 28.999999999999996%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
GHANASHYAM SATPATHY
301
Reputation points
commented 2020-12-29T16:22:08.96+00:00
RLWA32
40,946
Reputation points
2 answers
One of the answers was accepted by the question author.
ProcMon does not show executable
Hello, When executing ProcMon not all executables are showing up in the activity window. The executable I am interested in shows up in TaskMgr but not ProcMon. I've ensured all filters are off. Please advise. Thank you. Randall Princeton
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-12-01T14:37:02.843+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 77%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Randall Princeton
96
Reputation points
accepted 2020-12-28T19:12:08.78+00:00
Randall Princeton
96
Reputation points
1 answer
Autoruns does not search for menu handlers in all locations
Hello. I came up with a problem with possibility to disable an explorer menu handler for one of my apps. The app is called "chomikbox" - here is the link do download: https://chomikuj.pl/chomikbox. It's an app to download files from…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-12-06T14:17:46.133+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 25%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEE%3C/text%3E%3C/svg%3E)
Elvis EFTV
1
Reputation point
answered 2020-12-28T17:00:10.36+00:00
mariora
376
Reputation points
1 answer
How to troubleshoot interoperability issues using process monitor
How to troubleshoot interoperability issues using process monitor Issues such as, application (Edge, Chrome, Adobe, etc.) slow, application hung, when a security software is running. It works fine if the security software is disabled (security…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-12-03T09:07:53.617+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 24%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPD%3C/text%3E%3C/svg%3E)
Prakash Dhanasekaran
1
Reputation point
answered 2020-12-28T16:35:16.42+00:00
mariora
376
Reputation points
1 answer
One of the answers was accepted by the question author.
Sysmon 12.03 not logging EventID:2 (file creation time modified)
Hello, I just made a test with Sysmon 9.1.0 on a VM and I was able to get file creation time modification events. Upgrading to 12.03 with the same configuration allows to get all the other events except this one. Test was made using a ps1 script that…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-12-18T14:34:54.287+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 93%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
Julien Bachmann
96
Reputation points
commented 2020-12-24T02:30:57.05+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 35%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
dstaulcu
351
Reputation points
2 answers
AaaS (Antivirus as a service/ Virustotal) in Process Explorer and Autoruns from Microsoft Sysinternals suite is not functioning for 2-3 days !!! Kindly resolve this issue please.
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-12-21T13:15:23.073+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 19%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
Aneeq Ahmad
6
Reputation points
commented 2020-12-23T14:32:29.227+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 32%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Michael Taylor
49,246
Reputation points
0 answers
Is it safe to defragment an in-use file with Contig?
Greetings, I'm wondering if I should expect issues when running Sysinternals' Contig on an SQLite database that's concurrently being written to and read from. I think I may be running into an issue with an extremely fragmented SQLite file and I'm…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-12-22T13:55:11.527+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 12%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMO%3C/text%3E%3C/svg%3E)
Mislav Čovran
1
Reputation point
asked 2020-12-22T13:55:11.527+00:00
Mislav Čovran
1
Reputation point
1 answer
VirusTotal
Recently, the VirusTotal column always shows Unknown. What's up?
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-12-18T05:01:55.4+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 50%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
好野 飄
1
Reputation point
answered 2020-12-21T18:24:42.39+00:00
Michael Taylor
49,246
Reputation points
0 answers
s.exe and chinese characters in sysmon log
We came across a puzzling process called s.exe and chinese characters in the logs as seen below, which we have never seen before across any system. We use sysmon version 8.4.0.0. Is this a case of the sysmon driver causing trimming of data or a bug or…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 90%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
0 answers
Client is not communication with MP SCCM 2012
I have installed SCCM 2012 client on one machine, installation was successful but it not communicating to MP. There are only two options(Machine policy & user policy) under action tab in configuration manage and CCM Notification Agent is also…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 95%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECN%3C/text%3E%3C/svg%3E)
0 answers
Autoruns looks bad in 4K
Try running Autoruns on a 4K monitor, or any other HDPI display. You will almost not be able to read the entries.
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
0 answers
CoreInfo shows wrong output
Hello Microsoft Team, while playing with the GetLogicalProcessorInformation function and comparing the output with the coreinfo (32bit & 64bit) tool, I discovered some inconsistencies in the Cache Map output. Running on: Intel(R) Core(TM) i7-7700…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 7.000000000000001%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFC%3C/text%3E%3C/svg%3E)
0 answers
Remote Kernal Debug Mode Network
If setting up remote kernel debugging using rdnet, on the host is the network connection named 'NETWORK 20' and can be seen in the available WiFI networks? Is it not disconnectable?
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-12-10T16:37:53.73+00:00
Marc George
21
Reputation points
asked 2020-12-10T16:37:53.73+00:00
Marc George
21
Reputation points
0 answers
Sysmon 10.42
Hello. We are using Sysmon 10.42 and faced the problem of a long launch of published applications from Citrix. We also use antivirus McAfee Endpoint Security 10.7. Sysmon has been added to exceptions, but there are suggestions that blocking occurs. …
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-12-02T12:54:47.417+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 24%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEK%3C/text%3E%3C/svg%3E)
Evgeny Kuzmin
1
Reputation point
commented 2020-12-08T16:24:33.67+00:00
dstaulcu
351
Reputation points
1 answer
Sysmon - not logging "Pipe created" events (Event 17)
Hello! We have tried to generate/reproduce Event 17: <event name="SYSMON_CREATE_NAMEDPIPE" value="17" level="Informational" template="Pipe Created" rulename="PipeEvent"…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 16%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
0 answers
Inquiry about nesting Sysmon rule groups
This is in reference to your comment on the above topic at the below link about possible support for nesting of Sysmon rule groups: https://github.com/MicrosoftDocs/sysinternals/issues/222 My particular use case is to exclude multiple classes of…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,102 questions
asked 2020-12-03T00:41:28.183+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 74%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKB%3C/text%3E%3C/svg%3E)
Kevin Branch
1
Reputation point
commented 2020-12-06T18:17:37.363+00:00
dstaulcu
351
Reputation points