Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
0 answers
INACCESSIBLE BOOT DEVICE - after WinPE-installed Windows 11 on Qemu-KVM
Hi guys. I have winpe-deployed - over iPXE - win11 pro 24H2, whose installation works a ok, meaning installer reports no issues and then - very first time installer reboots - win11 fails to boot with the error as per title. WinPE is rendered wholly on…
Sysinternals
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 12%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
1 answer
How to delete HKEY_LOCAL-MACHINE\Software\wow6432node\avast without re installing windows
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-10-26T03:19:00.78+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 99%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Brendon Semenzin
0
Reputation points
answered 2025-10-26T04:38:24.6766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 13%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Aashok Kumar Sharma
0
Reputation points
0 answers
How to fix Security Health Systray.exe - bad image
Hi I have had this error For a couple of days, I haven't downloaded anything weird recently. Yesterday I had my laptop go into bit locker mode, which i eventually fixed with a system restore. This error persists. I have tried almost every fix I can…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 77%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EG%3C/text%3E%3C/svg%3E)
5 answers
Procexp152.sys Driver cannot load due to security setting
Can anyone at Sysinternals please help? I am suddenly getting a Program Compatibility Assistant error which states, "A driver cannot load on this device" and points at the ProcExp152.sys driver, saying that a security setting has detected this…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
Windows for business | Windows Client for IT Pros | User experience | Other
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 75%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXL%3C/text%3E%3C/svg%3E)
0 answers
CLR profiling: Trying to understand how to fetch variables.
I have been experimenting with a .NET CLR profiler for the purposes of building a powershell monitoring AV tool. I wanted to intercept powershell code (IL) using the profiler right before it is JIT compiled using API functions like JITCompilationStarted,…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-10-21T06:22:40.61+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 28.000000000000004%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVS%3C/text%3E%3C/svg%3E)
Vivek Saini
0
Reputation points
commented 2025-10-21T06:39:00.4533333+00:00
Vivek Saini
0
Reputation points
0 answers
SYSMON and Windows Event ID
I am looking for data on specific Windows Event IDs in SYSMON data. Is there any way to get the Windows Event ID from SYSMON data?
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-10-20T16:05:22.0233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 82%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Matsko, Michael
0
Reputation points
asked 2025-10-20T16:05:22.0233333+00:00
Matsko, Michael
0
Reputation points
0 answers
What are the SYSMON codes above 255?
I am looking at SYSMON data and it is grouped by SYSMON event code. However, there is Other data that has event codes above 255. Where can I find documentation on these codes and what they mean?
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-10-20T16:03:38.5433333+00:00
Matsko, Michael
0
Reputation points
asked 2025-10-20T16:03:38.5433333+00:00
Matsko, Michael
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Autorun Search on line option not working
I am not able to use the Search Online feature in the drop-down box in Autorun from Sysinternals. nothing happens been laid up a while do not know when problem started Edition Windows 11 Home Version 24H2 Installed on 1/12/2025 OS…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-10-07T00:56:20.92+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 57.00000000000001%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ1%3C/text%3E%3C/svg%3E)
johnwozniak-1217
20
Reputation points
commented 2025-10-19T17:40:18.8633333+00:00
johnwozniak-1217
20
Reputation points
1 answer
how to us sysinternal DU along with doskey or findstr?
how to use sysinternal DU along with doskey or findstr?
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-10-17T13:42:43.4666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 27%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDL%3C/text%3E%3C/svg%3E)
Dilawar Lambay
0
Reputation points
answered 2025-10-18T22:04:21.2+00:00
MotoX80
36,816
Reputation points
0 answers
Systernals ZoomIt vs Power Toys ZoomIt
I know that Power Toys ZoomIt came from Sysinternals Zoom It. However I am not sure they now have feature/bug parity. I saw Power Toys had an update for ZoomIt that did a few things and Sysinternals had an update with the screen smoothing that the other…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-10-17T16:38:55.8433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 2%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Alan S. Jones
1
Reputation point
asked 2025-10-17T16:38:55.8433333+00:00
Alan S. Jones
1
Reputation point
1 answer
RDCMan 3.1 - Recent folder does not populate
I recently updated RDCMan from 2.81.1408 to 3.1.0. The Recent folder no longer populates with servers I connect to. I have it enabled/showing and set to keep 5 recent entries. Is this a known issue? Besides this minor issue, I am loving the new version…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-09-16T15:36:32.3033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 5%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBM%3C/text%3E%3C/svg%3E)
Barnes, Mike
20
Reputation points
answered 2025-10-15T13:56:19.1166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 98%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
AlexisPERR
0
Reputation points
0 answers
Sysmon EventCode 15 records content of the primary data stream
I recently installed Sysmon version 15.15 on multiple Windows 11 machines using a custom configuration file with no filtering on EventCode 15. From my understanding, EventCode 15 should be generated whenever an alternate data stream (ADS) of a file is…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-10-15T10:43:13.4866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 93%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAZ%3C/text%3E%3C/svg%3E)
Angelo Zinna
0
Reputation points
asked 2025-10-15T10:43:13.4866667+00:00
Angelo Zinna
0
Reputation points
4 answers
PsExec: Logon failure: the user has not been granted the requested logon type at this computer.
Hello, I am trying to run the following command within a domain using an account with Domain Admin on to computers within the domain: psexec64 @Anonymous .txt -u domain\adminaccount "\server\share\file.cmd" I enter the password…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2021-01-17T00:00:42.41+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 70%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETY%3C/text%3E%3C/svg%3E)
Theo Yianni
31
Reputation points
commented 2025-10-12T05:31:25.33+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 72%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
albert gharbi
0
Reputation points
7 answers
ZoomIT Live zoom Missing Cursor after Windows 11 upgrade
Hi, I've never had any problem with ZoomIT before, but after Windows 11 upgrade the cursor is missing in Live Zoom mode which makes it very hard to navigate.. Anyone else have the same issue? Im running lates official build of Windows 11…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2021-10-08T11:17:49.077+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 69%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJN%3C/text%3E%3C/svg%3E)
Jesper Nilsson
91
Reputation points
answered 2025-10-05T22:28:05.76+00:00
rpodric
96
Reputation points
0 answers
Procdump not work with custom dump option (-mc)
Hi, With WER, I can use with dumpType = 0, and CustomDumpFlags = 0, to generate small crash dump file enough to trace (1~2MB). When use procdump -e -mc 0, it doesn't work, it generates ~30MB crash dump size, then I test with procdump -e -mc 2 (for full…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2023-06-09T15:03:31.4933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 1%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKB%3C/text%3E%3C/svg%3E)
Khoa Bui
56
Reputation points
edited a comment 2025-10-12T10:15:40.2266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 63%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDK%3C/text%3E%3C/svg%3E)
Dennis Kuznik
0
Reputation points
0 answers
How to fix “An administrator has restricted sign in.”
I got my microsoft account hacked and now i got the account back but when i try to log into my laptop it just shows this. now i don’t know what to do. I tried to get into recovery mode by holding shift and pressing restart but it doesn’t work and if i…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 79%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAC%3C/text%3E%3C/svg%3E)
1 answer
sysinternals/sdelete
The DOD 5220.22-M method is considered deprecated -- will sdelete be update using current standards?
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-09-28T16:07:53.04+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 12%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EF%3C/text%3E%3C/svg%3E)
fpefpe
21
Reputation points
commented 2025-10-08T02:58:09.47+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 62%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETT%3C/text%3E%3C/svg%3E)
Tom Tran (WICLOUD CORPORATION)
1,920
Reputation points Microsoft External Staff
0 answers
Network driver missing during reboot
Hi, I’m reinstalling Windows 11 Pro on an HP ZBook Power 15.6 G9 using a USB installer. The setup says I’m not connected to a network, and I can’t connect because no network drivers are found. I downloaded HP’s network drivers: 23H2 version → Windows…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-09-30T08:48:46.4233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 43%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJJ%3C/text%3E%3C/svg%3E)
Joel Johnson
0
Reputation points
asked 2025-09-30T08:48:46.4233333+00:00
Joel Johnson
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Logonsessions.Exe - Sysinternals
I had downloaded Sysinternals, never used it or opened it, and then deleted it. I noticed it was in the trash bin in OneDrive. I then decided to find out what the file was and if it could be deleted. I came across this article that says: "No,…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-09-30T15:22:12.79+00:00
LGLDSR73-6492
470
Reputation points
commented 2025-09-30T20:42:18.0733333+00:00
LGLDSR73-6492
470
Reputation points
1 answer
Event id 2511 in Windows Server 2016 Standard
My Server have 8TB, 32GB RAM but prolong the time of load the data existing. At times some files or folder are missing and the people cry. I share a file or folder with another users but they don't found the file or folder: I must share the path of…
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,270 questions
asked 2025-10-08T14:53:52.6033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 92%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELC%3C/text%3E%3C/svg%3E)
Leonardo Corea
0
Reputation points
edited an answer 2025-10-09T12:02:38.47+00:00
MotoX80
36,816
Reputation points