Event Monitor Svc is a service-only software application that monitors in real-time important system events to help in the detection of malware activity. It monitors for file creations, file deletions, PE files dropped to disk, created processes, loaded modules, loaded drivers and registry changes. Each event is logged
to a file saving all important details, such as date/time, process name, parent
process, filename and much more.
For Windows XP, Vista, 7, 8, 10 (32\64-bit)
This tool tracks what happens in the system, useful to detect suspicious or malware activity on a PC and simplify the work of the Incident Response team. After creating a good list of safe events to exclude you can reduce
the logs file size, reducing the work of analysts to detect suspicious activities. The events are saved in
a readable way, you can easily integrate them on Splunk or SIEM systems.
Log files createdmodifieddeleted, registry changes, processes, DLLs, etc.
Write custom rules to excluded a specific event from being logged.
Via a simple INI file you can configure the logs path, exclusion rules, and more.
Via the INI configuration file you can enable the XML logging.
Via the INI configuration file you can enable logging to Windows Event Log.
Save many useful details about each event that is logged.
The software application uses only a few MBs of memory, you will not even notice it.
The program is free from spyware, adware or other pests, nothing extra is installed.
Service-only application that runs in the background, without a GUI.
Here there are some screenshots of the application.
Version | 1.6 |
---|---|
Last Updated | July 13, 2017 |
Operating System | For Windows XP, Vista, 7, 8, 10 (32\64-bit) |
Category | Malware Analysis Tools |
License Type | |
File Size | 2 MB |