Skip to main content
Stack Overflow
  1. About
  3. For Teams
Filter by
Sorted by
Tagged with
2 votes
0 answers
80 views

AIM: Log a file creation event if Notepad creates a file in location whose directory path contains either Downloads or Documents After going through the Sysmon's documentation, what I was able to ...
4 votes
0 answers
128 views

It seems that Sysinternals Process Monitor (version 4.01) does not capture any file system access events (like QueryOpen) on Windows Dev Drives (or more generally on ReFS drives?) by default. Is there ...
0 votes
1 answer
215 views

I was given a task to put 2 filters in Procmon. 1) Process name is "test.exe" (a WinAPI createFile, readFile, closeHandle project written in Visual Studio in C) 2)Operation is read file. ...
0 votes
1 answer
49 views

My execution on multiple remote computers as follows. Kill Java process Copy files to specific location Run application specific batch Below script works as expected. How can I run it in parallel. ...
Swamy's user avatar
  • 11
1 vote
1 answer
214 views

I have a C# application that creates a remote runspace, creates a powershell instance inside the runspace and executes a perl script using ps.AddScript($"perl.exe {perlScriptPath} {perlScriptArgs}...
0 votes
1 answer
354 views

I'm trying to get the system security permission for a specific user on a remote system using SysInternals AccessChk. If I login to a computer as adminstrator, copy SysInternals tools to my ...
0 votes
0 answers
313 views

I can find: #define CTL_CODE( DeviceType, Function, Method, Access ) ( \ ((DeviceType) << 16) | ((Access) << 14) | ((Function) << 2) | (Method) \ in winioctl.h. ...
1 vote
0 answers
103 views

Seeing an operation called "QueryDeviceInformationVolume" in a SysInternals Process Monitor log when I start a desktop application. Simply trying to get some details about this operation and ...
1 vote
0 answers
144 views

I tried to schedule a movefile (using the sysinternals tool movefile) operation to delete "C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup" but I forgot the quotes and ...
1 vote
0 answers
753 views

Shrink Disk and Defragmentation I'm trying to shrink a disk. The volume is about 1 To large, and only 200 Go are curretly used. It is a virtual disk. When i ask to the disk management tool to shrink ...
3 votes
1 answer
307 views

Disclaimer: I'm asking specifically on Stackoverflow because I want to know how to re-implement this feature. We recently noticed that the Sysinternals tool pskill can kill an elevated process from a ...
0 votes
1 answer
1k views

There is a picture on the Microsoft site which represent a USB device driver stack (in other word, the list of all drivers which applys for the device work). What software shall I use to get this ...
0 votes
1 answer
361 views

On a fresh install of Windows 11, running Strawberry perl, I'm debugging a script that parses the output of du64 (disk usage). It worked on Win 10 with ActiveState perl. To debug, I first checked du, ...
0 votes
0 answers
288 views

We are trying to create an IIS infrastructure. Because of the application's infrastructures (they are many types of applications from old school to SPA) we thought that Active-Passive infrastructure ...
0 votes
2 answers
190 views

Hey guys I am working on a project currently where I am trying to run Autorunsc64.exe from the sysinternals suite and, unlike other executables I have tried, I can't get it to give me the output in a ...

15 30 50 per page
1
2 3 4 5
...
12

AltStyle によって変換されたページ (->オリジナル) /