English | Deutsch

What is sysmon.exe?

Sysmon.exe is a executable file (a program) within Windows. The filename extension .exe denotes an executable file. You should only run executable files from publishers you trust, because executable files can potentially change your computer settings or harm your computer. The free file information forum can help you determine if sysmon.exe is a virus, trojan, spyware, or adware that you can remove, or a file belonging to a Windows system or to an application you can trust.

Sysmon.exe file information

The process known as MS System Monitor appears to belong to software sysmon by Microsoft (www.microsoft.com).

Description: Sysmon.exe is not essential for Windows and will often cause problems. sysmon.exe is located in the folder C:\Windows\System32. Known file sizes on Windows 7/XP are 7,200 bytes (31% of all occurrences), 4,640 bytes and 5 more variants. http://www.file.net/process/sysmon.exe.html 
Sysmon.exe is not a Windows system file. There is no description of the program. The program has no visible window. The sysmon.exe file is an unknown file in the Windows folder. The program starts when Windows starts (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell). Therefore the technical security rating is 75% dangerous, however also read the users reviews.

Recommended: Identify sysmon.exe related errors

External information from Paul Collins:
There are different files with the same name:

  • "sysmon" definitely not required. Added by the BIZEX WORM!
  • "System Monitor" can run at start up. Comes with some Aopen motherboards. Monitors CPU temp, voltage and fan speed. Warns if any become abnormal

Important: Some malware camouflages itself as sysmon.exe. Therefore, you should check the sysmon.exe process on your PC to see if it is a threat. We recommend Security Task Manager for verifying your computer's security. This was one of the Top Download Picks of The Washington Post and PC World.


User Comments

zeigt nur die CPU-Auslastung, den Batteriestand (Ladezustand) und den belegten RAM an.
There is a SYSMON.EXE which installs itself in the Documents and Settings\All Users\Application Data\Sysmon folder of its own. It also may insinuate itself into the .INI file of your default JPG viewer. It then stores hundreds of screen shots of your card data entry pages. Yes, it is very dangerous and is a stealth keylogger.
it creats copies of usb or cd drives and stores in system32\mui directory
  rojer jim  

Summary: Average user rating of sysmon.exe: based on 3 votes with 3 user comments.
One user thinks sysmon.exe is essential for Windows or an installed application. One user suspects danger. One user thinks sysmon.exe is dangerous and recommend removing it.

Do you have additional information? Help other users!
What do you know about sysmon.exe: 
How do you rate it: 
Link for more info's: 
Your Name: 

Sysmon scanner

Security Task Manager shows all running Windows tasks including embedded hidden functions (e.g. keyboard or browser monitoring, autostart entry). A unique security risk rating indicates the likelihood of the process being potential spyware, malware, keylogger or a Trojan.

Malwarebytes Anti-Malware detects and removes sleeping spyware, adware, trojans, keyloggers, malware and tracking threats from your hard disk. Ideal supplement to Security Task Manager.

SpeedUpMyPC scans, cleans, repairs and optimizes your computer.

Other processes

sysmon.exe [all]