NoVirusThanks Event Monitor Service will monitor system events like creations, file deletions, PE files dropped to disk, created processes, loaded modules/drivers and registry changes in real-time to specifically assist in malware detection and general software troubleshooting.
It will log each event's date/time, process name, parent process, filename, etc., into a file allowing for easy analysis. You can also create custom exclusion rules to ignore certain events, and it does support wildcards.
NoVirusThanks Event Monitor Service is a service-only software application with no GUI - it simply runs in the background quietly aiding in malware and suspicious activity detection and important system event logging.
To install this simply copy the folder "EMSvc" on C: and open the folder, then right-click on "install.bat" and select Run as administrator to install the service. You will need to wait a few seconds for the service to be started then you can close the command-prompt window.