NoVirusThank Event Monitor Service

Service that monitors system processes for malware activity and various events such as file creation and deletion, dropped PEs, and loaded modules.

Download Now

NoVirusThank Event Monitor Service Description

NoVirusThank Event Monitor Service is a service designed to watch system processes for suspicious activity that might compromise your entire computer, namely malware agents. It’s capable of logging events when it comes to creating and deleting files, creating processes, loading drivers, copying PE files from external sources to the disk, and making modifications to the registry.

Before proceeding any further, you should know that the service is not made to block malicious activity. Its sole purpose is to create log files of all the previously mentioned events taking place on your computer. These log files can be later inspected to figure out if malware agents have infiltrated your PC. It also comes in handy for keeping a close eye on what’s going on when sharing your PC with other people.

Monitors the system and logs events

The program doesn’t feature a graphical interface, an aspect which is likely to put off casual users looking for a straightforward and intuitive tool. Instead, it can be installed with administrative privileges to run as a stealth service in the background, which doesn’t display any notification messages or trigger audio alerts on any events.

Running the .bat installation file as admin sets up NoVirusThank Event Monitor Service as a service that automatically runs at every Windows startup. If the service fails to properly install itself in C: and you don’t see the “EMSvc” service in Task Manager, it’s necessary to manually fix this problem by creating a folder called “EMSvc” in C:\ and moving the “Service” subfolder to this location (the subfolder that contains the “EMSvc.exe” file and associated .dlls), in order to create the C:\EMSvc\Service\EMSvc.exe path.

View logs and exclude any events, folders or registry locations

Logs can be separately investigated for each day and each type of event when it comes to driver events, file creations, file deletions, loaded DLLs, PE image drops, process terminations, and process creations.

Settings can be configured from the “Config.ini” file. You can instruct NoVirusThank Event Monitor Service to stop monitoring any group of supported events, exclude events by file and registry location, and delete old logs (by number of days).

Get the service up and running using a workaround on Windows 10

We’ve encountered a problem when attempting to install NoVirusThank Event Monitor Service on Windows 10 in our tests. The setup failed and we had to manually copy the files to C:\ (as previously described). From that point on, though, the service ran smoothly and recorded all system events to logs.

All aspects considered, NoVirusThank Event Monitor Service may not be user-friendly but it offers a practical solution for advanced users looking for a simple and stealth solution to keep an eye on what’s happening on the computer.

Leave a Reply

Your email address will not be published. Required fields are marked *