Skip to content

DEV Community

jdrch

Posted on Apr 12, 2021 • Edited on Dec 15, 2022

How to uninstall Sysmon

#sysmon #windows #diagnostics #documentation

Sysmon is great until you need to uninstall it, in which case the documented instructions don't work. If you get an odd the service sysmon64 is already registered message, do this:

Stop the Sysmon service in Services.msc.
Open an elevated PowerShell prompt in the folder containing sysmon64.exe
Run sysmon64.exe -u or sysmon64.exe -u force (if the 1st command doesn't work)

That should uninstall Sysmon completely. I've created a corresponding Microsoft Docs PR.

Top comments (0)

Subscribe

Read next

A Little Bit of a Disaster, A Lot of Motivation: Building a CLI Secret Manager

Saif Mahmud - Nov 21

Week 12: Release 0.3 pull request 2

mpa-LHutchinson - Nov 21

Revolutionizing Customer Engagement: The Power of CPG Chat https://www.cloudastra.co/blogs/revolutionizing-customer-engagement-the-power-of-cpg-chat

Swati Gupta - Nov 21

The Multiple Dimensions of Spuriousness in Machine Learning

Nina Baghdasaryan - Nov 21

He/Him/His. Engineering manager by day, home sysadmin by night. Thoughts here are mine only & do not represent those of my employer or any group of which I am a member.

Location

Quad Cities
Education

ABET-accredited Bachelor & Master of Science degrees in Mechanical Engineering
Work

Engineering Manager
Joined

Dec 28, 2019

How to adjust camera settings for any Windows webcam without admin rights

#windows #howto #teams #newteams

Can't find Process Explorer after installing it via winget? Do this

#windows #winget #wingetui #packages

How to set up Syncthing with a tray icon on a Windows PC you don't have admin rights to

#syncthing #windows #enterprise #hacks