Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New Sysinternals application available.


  • Please log in to reply
10 replies to this topic

#1 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:08:46 PM

Posted 24 August 2014 - 06:00 PM

 

System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log. It provides detailed information about process creations, network connections, and changes to file creation time. By collecting the events it generates using Windows Event Collection or SIEM agents and subsequently analyzing them, you can identify malicious or anomalous activity and understand how intruders and malware operate on your network.

 

http://technet.microsoft.com/en-us/sysinternals/dn798348



BC AdBot (Login to Remove)

 


#2 Scoop8

Scoop8

  • Members
  • 326 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas TX
  • Local time:05:46 AM

Posted 25 August 2014 - 06:57 AM

Thanks for posting.  Looks like another great Sysinternals tool to add to the PC.



#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:46 AM

Posted 25 August 2014 - 08:12 AM

It's also available as part of Sysinternals Suite of Utilities.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 palerider2

palerider2

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:46 PM

Posted 29 August 2014 - 01:53 PM

I may have a use for this tool. Thanks.

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:46 AM

Posted 30 August 2014 - 12:50 PM

The entire suite is full of useful tools to have in your toolkit.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 palerider2

palerider2

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:46 PM

Posted 31 August 2014 - 05:08 PM

I had a look, expecting to see 8 or 9 tools. But there are dozens ! Worth browsing over those slowly...

#7 Scoop8

Scoop8

  • Members
  • 326 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas TX
  • Local time:05:46 AM

Posted 31 August 2014 - 05:38 PM

They are some of the best, if not best home PC utilities available.

 

I use these on my 2 Win 7 PCs at home:

 

 

- Process Explorer    Probably the one I use the most.  It's a great way to check "Desktop Idle" process, after closing browsers, e-mail clients, other activities.  I like to look at it occasionally to see if something looks unusual.

 

- TCPView.    Same idea for me, I take a look at Desktop-idle mode.

 

- Autoruns.   A great way to check Startup items and keep the PC's startup streamlined.

 

- Process Monitor.   I haven't spent a lot of time with this one, need to get up to speed there.
 



#8 TsVk!

TsVk!

    penguin farmer

  • Topic Starter

  • Members
  • 6,233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:08:46 PM

Posted 31 August 2014 - 05:47 PM

The PSTools collection is most useful on my network... I use them all the time.



#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:46 AM

Posted 01 September 2014 - 02:31 PM

- Process Monitor.   I haven't spent a lot of time with this one, need to get up to speed there.


About Process Monitor

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more.


Using Process Monitor Tutorial
Using Process Monitor to capture system events
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Scoop8

Scoop8

  • Members
  • 326 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas TX
  • Local time:05:46 AM

Posted 02 September 2014 - 07:03 AM

↑  Thanks for the links.    It's amazing to see that Process list when this is launched....many processes.  Reading time this week :) 



#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:46 AM

Posted 02 September 2014 - 09:21 AM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users