Quantcast
Channel: Sysinternals Forums
Viewing all 10386 articles
Browse latest View live

Troubleshooting : High Cpu Usage - ntoskrnl & System Interupt

February 1, 2018, 12:34 pm
$
0
0
Author: Splurgeworthy
Subject: High Cpu Usage - ntoskrnl & System Interupt
Posted: 01 February 2018 at 8:34pm

I've got the answer now, after days of struggle, but it's a damn weird one.

I've done multiple restarts, even formatted the drive and done a clean Windows install to try and eliminate driver issues... however I found a thread online where someone in comments mentioned in passing they'd gone into Sleep mode, then woken the PC up and that cleared it.

And... it did. Somehow my computer has carried a broken Power setting through multiple installs of Windows...? But I can't see how, unless something went wrong with the BIOS, or maybe there's a loose wire in the case somewhere?

It was recommended I reset the power configurations, which I did via CMD.

1.) Click Search
2.) Type CMD
3.) Right click "Command Prompt" and select "Run as Administrator"
4.) Copy and paste "powercfg -restoredefaultschemes" and hit enter.

And now, I've got full performance back again! As I say, weird...
Search

BgInfo : (BGInfo 4.25) Popup Window Size

February 1, 2018, 1:06 pm
$
0
0
Author: Gaz2600
Subject: (BGInfo 4.25) Popup Window Size
Posted: 01 February 2018 at 9:06pm

Is there anyway to change the size of the window popup?  It seems to be locked to one size and cuts off any text that does not fit inside the box.

Edited by Gaz2600 - 14 minutes ago at 9:07pm

BgInfo : Windows 10 users does not show BGinfo

February 2, 2018, 7:28 am
$
0
0
Author: Gaz2600
Subject: Windows 10 users does not show BGinfo
Posted: 02 February 2018 at 3:28pm

Check your group policies, specifically the one allowing users to change their wallpaper.  BGInfo takes a snapshot of your current wallpaper, overlays the info and saves it as a new image then applies it.

Disk2vhd : Vhd2disk

February 2, 2018, 7:55 am
$
0
0
Author: Zexks
Subject: Vhd2disk
Posted: 02 February 2018 at 3:55pm

To all those who find this from google, and get the:

Can't write on physical drive. It's probably mounted.
You need to put it off line before to be able to write on it.
Microsoft choose this way for security reason...
It's nice for us and avoid to overwrite a non wanted drive.

Message. I think I have figured out how to get this working. First my setup.
Used Disk2VHD to (accidentally create a vhdx) backup a drive.
Used Powershell to convert the VHDX to a VHD, thanks to this post.
From an elevated PS prompts:
Convert-VHD –Path c:\test\MY-VM.vhdx –DestinationPath c:\test\MY-NEW-VM.vhd

Next I hooked up my physical 500GB SSD to my physical disk 1 slot (this replaced my CDROM for this test)

In Windows (10 for me) use Disk Management to clear it off. 
Remove all volumes. 
Create 1 new volume 
full size, 
no drive letter, 
don't format.

Right click on the disk and set it to offline.
Open an elevated CMD prompt. Type: diskpart
Hit enter, this will put you into another kind of prompt that should look like:

Microsoft DiskPart version ##.#.#####

Copyright (C) Microsoft Corporation
On computer: #ComputerName#

DISKPART> _

Now enter: list disk
You should see the target disk listed as offline
Now enter: select disk #NumberForDiskToWriteTo#
eg: select disk 1

Now enter: attributes disk clear readonly
It should report: Disk attributes cleared succesfully

Now try to run the VHD2Disk utility selecting your VHD file and the offline physical disk (disk 1 for me)
Click start ("Vhd to disk"), acknowledge the warning and you should be good to go now.

There may be a better way to check/set the readonly property on the drives that I wasn't able to find. It seems odd that the drive came in as readonly even through I had thoroughly wiped it, over and over and over again,....repeatedly wiped it. I would imagine these same steps should hold true back through windows XP as they all should have Disk Management and DiskPart but I can't guarantee it. If someone has a more user friendly way to handle that last part, as I couldn't find a way through Disk Management, it would be helpful if they posted it here for others in the future.

PsTools : how does psgetsid get computer’s sid?

February 2, 2018, 4:39 pm
$
0
0
Author: sredna
Subject: how does psgetsid get computer’s sid?
Posted: 03 February 2018 at 12:39am

Originally posted by molotov molotov wrote:

Not necessarily what psgetsid does, but perhaps useful?
 


That code appends $ to the computer name and when you do that it does not actually work.

Q136867 does say
Quote A computer account name always has a trailing dollar sign ($). Any APIs used to manage computer accounts must build the computer name such that the last character of the computer account name is a dollar sign ($).


but maybe that only applies to NT4 or maybe just the Net* functions.


Edited by sredna - 3 hours 45 minutes ago at 12:39am

BgInfo : IPv4 address only

February 3, 2018, 12:33 pm
$
0
0
Author: rpelletier
Subject: IPv4 address only
Posted: 03 February 2018 at 8:33pm

Has anyone come up with a method for displaying just the IPv4 address?
I have found a number of posts elsewhere with VB Scripts to strip off the IP address, but every one I have found just errors out - Invalid Character at Line n Character n.   The invalid characters are invariably located in the center of perfectly legitimate commands.
VB Script errors are generally useless.
 
I'd really like to display the IPv4 addresses without the IPv6 address.   Is anyone else doing this?
 
How?
 
Thx

Malware : Gpu based paravirtualization rootkit, all os vulne

February 3, 2018, 1:52 pm
$
0
0
Author: Tink03
Subject: Gpu based paravirtualization rootkit, all os vulne
Posted: 03 February 2018 at 9:52pm

Let me start by saying I am not a computer tech and a lot of what was said was over my head, but...from reading all of these posts, I believe I have been infected for at least 8 years. I can't even count the number of PC's and laptops I've been through. I've taken them to the best repair techs I know and it doesn't matter. Within hours of having a new pc, I'm infected again. My ex husband is convinced I ruin the computers by changing security permissions, but of course, that doesn't have anything to do with it. The only time I change permissions is if I can't access something. When they get into my computers, they somehow activate Active Directory and once that happens, it's all over. They change the computer into a domain and take it over. They allow me to access certain things, but if they can see that I'm trying to get fix it, they make it inaccessible. I'm a single mom raising 3 kids and I don't have the money to keep getting them repaired, and I certainly can't afford to keep buying new ones. My son is in school for music production and has to have a computer. He spent all his money on a new build and before he even connected to the internet, it was infected. He couldn't install any drivers because the computer said it couldn't find the driver's (all the.inf and necessary files are there). I tried running MSCONFIG.msc, but it said it couldn't find it (it's sitting in System32). I don't know what to do anymore. My youngest needs a laptop for school homework and I don't know what I can do to help her. I'm so tired of this! The people at the repair shops think I go to sites and click on something that adds the virus. No one believes me and if I ask to use someone's computer for a little while, they go into panic mode and try to find a reason why I can't. I wish to God someone could find a way to stop this from happening! Has anyone made any progress?

BgInfo : IPv4 address only

February 3, 2018, 7:53 pm
$
0
0
Author: WindowsStar
Subject: IPv4 address only
Posted: 04 February 2018 at 3:53am

I posted this script years ago for Windows 7. I just tested it on my Windows 10 machines and it works.
 
' Special BGInfo Script
' Only IPv4 Address v1.7
' Programmed by WindowsStar - Copyright (c) 2009-2011
' --------------------------------------------------------
strComputer = "."
On Error Resume Next
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colSettings = objWMIService.ExecQuery ("SELECT * FROM Win32_NetworkAdapterConfiguration where IPEnabled = 'True'")
For Each objIP in colSettings
   For i=LBound(objIP.IPAddress) to UBound(objIP.IPAddress)
      If InStr(objIP.IPAddress(i),":") = 0 Then Echo objIP.IPAddress(i)
   Next
Next
Search

PsTools : Psexec: Logon failure

February 4, 2018, 7:42 am
$
0
0
Author: d.armstrong
Subject: Psexec: Logon failure
Posted: 04 February 2018 at 3:42pm

I've normally been using a "master"vbscript, to push out another vbscript, from one computer, to many others, allof which are running on the default "Administrator" account, and alluse the same password (don't ask!). Here's a sample command line from themaster vbscript:

%comspec% /c C:\Temp\psexec.exe -accepteula \\remotePC -u remotePC\Administrator -ppassword  %comspec% /c "cscript \\localPC\C$\Temp\scriptToDistribute.vbs"

 

This works great.

 

Now, I'm facing a situation, where some ofthe target PCs now have a different password - let's call it"password2". If I rerun exactly the same command as above(with the unchanged "password"), I get this expectederror result, because the credentials of the target machine aren't known:

 

Couldn't access remotePC:
The user name or password is incorrect.

 

 

But if I then correct the command to reflectthe new password:

 

%comspec% /c C:\Temp\psexec.exe -accepteula \\remotePC -uremotePC\Administrator -p password2  %comspec% /c "cscript \\localPC\C$\Temp\scriptToDistribute.vbs"

 

. . . I get this error:

 

Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.

CScript Error: Loading script "\\localPC\C$\Temp\scriptToDistribute.vbs"failed (Logon failure: unknown user name or bad password. ).
C:\Windows\system32\cmd.exe exited on remotePC with error code 1.

 

I don't get it. Why, if I'm supplying the newpassword for the target machine, would this not work? Surely, psexec can workbetween machines having completely different credentials, can't it, as long asyou supply the credentials of the remote machine, right?

 

Thanks,

 

David

Disk2vhd : Disk2VHD not running in Scheduled Task

February 5, 2018, 5:30 am
$
0
0
Author: HamsterPunk
Subject: Disk2VHD not running in Scheduled Task
Posted: 05 February 2018 at 1:30pm

hi!
Can you show your script?


Edited by HamsterPunk - 45 minutes ago at 1:31pm

Troubleshooting : Need help with Ntoskrnl thread causing high CPU

February 5, 2018, 12:16 pm
$
0
0
Author: Fabio465
Subject: Need help with Ntoskrnl thread causing high CPU
Posted: 05 February 2018 at 8:16pm

@MagicAndre1981
AS many other have done over the years, I'm also asking you for help about the "system" process taking up a lot of my CPU (25%). USing process Explorer I found out that this is the faulty thread --> "ntoskrnl.exe!ExQueryDepthSList+0x158.
I also ran the Xperf command, and here is the file it created https://1drv.ms/u/s!AoV509MNDwSieMmPRhaOB9IFg1M
I really hope you are able to find out what is the cause

BgInfo : IPv4 address only

February 5, 2018, 2:27 pm
$
0
0
Author: cpremo
Subject: IPv4 address only
Posted: 05 February 2018 at 10:27pm

Try creating a custom fields for “IPAddress”, “MAC Address” or “Subnet Mask” using this parameter

SELECT IPAddress FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled=TRUE and IPConnectionMetric=25

SELECT MACAddress FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled=TRUE and IPConnectionMetric=25

SELECT IPSubnet FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled=TRUE and IPConnectionMetric=25


Worked for me.

BgInfo : Personalized Settings

February 5, 2018, 2:30 pm
$
0
0
Author: cpremo
Subject: Personalized Settings
Posted: 05 February 2018 at 10:30pm

Can the BigInfo application be use when the user sets their Background to "Slideshow"? My configuration seems to reset the Background setting to "Picture".

PsTools : Psexec causing batch file anomalies

February 5, 2018, 2:57 pm
$
0
0
Author: Modify_inc
Subject: Psexec causing batch file anomalies
Posted: 05 February 2018 at 10:57pm

Does psexec not work correctly when executing a batch file that requires input from the user like menu selections or other types of input? I'm asking because I have a batch file that works great when executed locally on the server, but when I try to execute it from my laptop remotely, the batch file does strange things like, the menu will often repeat multiple times, when I need to type a word such as menu to exit out of a choice, it doesn't even recognize that I type it, and so, will repeat the same question over and over.

If this is a limitation of psexec, what alternative do you recommend to execute this type of batch file remotely?

BgInfo : JET4.0 or later be installed

February 5, 2018, 5:11 pm
$
0
0
Author: JerryMa1971
Subject: JET4.0 or later be installed
Posted: 06 February 2018 at 1:11am

When i try to run Bginfo on Win7 64bit system, and connect to database of excel table, it prompt me that "Database support requires that JET 4.0 or later be installed" , how to resolveit? thanks!
Search

BgInfo : IPv4 address only

February 5, 2018, 5:35 pm
$
0
0
Author: dabomb311
Subject: IPv4 address only
Posted: 06 February 2018 at 1:35am

I cannot get this to work. Any one else?  Windows 7 x64   BGInfo 4.25

BgInfo : v4.25 VBScript files crash the x64 version

February 5, 2018, 5:37 pm
$
0
0
Author: dabomb311
Subject: v4.25 VBScript files crash the x64 version
Posted: 06 February 2018 at 1:37am

I also have this problem.  Any one else?  Their a fix yet?

BgInfo : IPv4 address only

February 5, 2018, 8:10 pm
$
0
0
Author: WindowsStar
Subject: IPv4 address only
Posted: 06 February 2018 at 4:10am

Fired up my old Windows 7 64bit machine, and after taking an hour of updates and 5 reboots. I tried the script I posted above and it works perfectly. How is it not working? -WS

BgInfo : JET4.0 or later be installed

February 5, 2018, 8:12 pm
$
0
0
Author: WindowsStar
Subject: JET4.0 or later be installed
Posted: 06 February 2018 at 4:12am

I don't want to be rude, but the software gave you the answer, install JET 4.0.

Troubleshooting : Outlook 2016 Rules are not working

February 5, 2018, 11:52 pm
$
0
0
Author: patroo
Subject: Outlook 2016 Rules are not working
Posted: 06 February 2018 at 7:52am

Maybe you should run the Inbox Repair tool, commonly known as the scanpst.exe utility. It can scan PST file for errors and repair the file. After that, maybe you can get your rules backup. There's no harm in trying. Refer to this article to know how to use the scanpst.exe utility - Repair PST File by using Inbox Repair Tool (scanpst.exe)
Viewing all 10386 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>