Sysmon 15 is not able to start service in timely manner?

Question

Sysmon v15.0 installation failed during StartService operation and it tried to clean up machine by uninstalling it automatically, but uninstall operation failed as well and left the System in bad state so reinstallation is not working either.

System Monitor v15.0 - System activity monitor
By Mark Russinovich and Thomas Garnier
Copyright (C) 2014-2023 Microsoft Corporation
Using libxml2. libxml2 is Copyright (C) 1998-2012 Daniel Veillard. All Rights Reserved.
Sysinternals - www.sysinternals.com

Loading configuration file with schema version 4.81
Sysmon schema version: 4.90
Configuration file validated.
Sysmon64 installed.
SysmonDrv installed.
Starting SysmonDrv.
SysmonDrv started.
StartService failed for Sysmon64:
The service did not respond to the start or control request in a timely fashion.
Failed to start the service:
The service did not respond to the start or control request in a timely fashion.

Stopping SysmonDrv.
SysmonDrv stopped.
SysmonDrv removed.
Stopping the service failed:
The system cannot find the file specified.
DeleteService failed:
Access is denied.
. Stderr: 
. ExitCode: 1053 

Retrying install command will complain about it's already install, as I see that Sysmon64 service is installed but C:\Windows\Sysmon64.exe was deleted so it can't be started.

Answer 1

There is a chance this happens due to wrong version/unsigned DLLs in the path. To check, run Event Viewer after a Sysmon installation failure, go to Applications and Service Logs -> Microsoft -> Windows -> CodeIntegrity -> Operational.

There should be no errors of the form:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Sysmon64.exe) attempted to load \Device\HarddiskVolume3\Windows\oleaut32.dll that did not meet the Custom 3 / Antimalware signing level requirements.