Defrag Tools — Season 1, Episode 108: Sysinternals SysMon - Mark Russinovich

Episode synopsis

Mark Russinovich and Thomas Garnier join Andrew Richards in this episode of Defrag Tools. We talk about their new tool - Sysinternals System Monitor. System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log. It provides detailed information about process creations, network connections, and changes to file creation time.

About Defrag Tools

Andrew Richards, Chad Beeder and Larry Larsen host this deep dive into the tools used on the tech support show Defrag. Each Defrag Tools show focuses on a specific tool, going deep into a tool's features, explaining when and why you should use the tool, and provides experience based tips to get the most out of the tool.

More episodes from Season 1

• E1Building your USB thumbdrive
• E2Process Explorer
• E3Process Monitor
• E4Process Monitor - Examples
• E5Autoruns and MSConfig
• E6RAMMap
• E7VMMap
• E8Mark Russinovich
• E9ProcDump
• E10ProcDump - Triggers
• E11ProcDump - Windows 8 & Process Monitor
• E12TaskMgr and ResMon