eventcreate.exe

Remove eventcreate.exe

MD5:	7abe906939eca722b950884006d54148
SHA1:	9b547366506fea5ca30588a8f977bfd9c002a1ba

Overview

eventcreate.exe executes as a process with the local user's privileges typically within the context of its parent sysmon.exe. The assembly utilizes the .NET run-time framework (which is required to be installed on the PC). This particular version is usually found on Windows 7 Home Premium (6.1.7601.65536).

Details

File name:	eventcreate.exe
Typical file path:	C:\users\user\appdata\roaming\microsoft\windows\eventcreate.exe
Size:	190.31 MB (199,552,512 bytes)
Build date:	10/10/2013 9:49 PM
Digital DNA
File packed:	No
Code language:	Microsoft Visual C# / Basic .NET
.NET CLR:	Yes
.NET NGENed:	No

More details

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

CPU
Total CPU:	0.00021042%	0.028634%
Kernel CPU:	0.00004942%	0.013761%
User CPU:	0.00016100%	0.014873%
Kernel CPU time:	16,138,459,451 ms/min	100,923,805ms/min
CPU cycles:	30,537,486/sec	17,470,203/sec
Memory
Private memory:	19.76 MB	21.59 MB
Private (maximum):	21.97 MB
Private (minimum):	3.71 MB
Non-paged memory:	19.76 MB	21.59 MB
Virtual memory:	344.77 MB	140.96 MB
Virtual memory (peak):	491.5 MB	169.69 MB
Working set:	7.23 MB	18.61 MB
Working set (peak):	23.28 MB	37.95 MB
Page faults:	17,071,941/min	2,039/min
I/O
I/O read transfer:	20 Bytes/sec	1.02 MB/min
I/O read operations:	1/sec	343/min
I/O other transfer:	147 Bytes/sec	448.09 KB/min
I/O other operations:	1/sec	1,671/min
Resource allocations
Threads:	6	12
Handles:	209	600
GUI GDI count:	9	103
GUI GDI peak:	11	142
GUI USER count:	1	49
GUI USER peak:	4	71

Process properties

Integrety level:	High
Platform:	64-bit
Command line:	"C:\users\user\appdata\roaming\microsoft\windows\eventcreate.exe"
Owner:	User
Parent process:	sysmon.exe

Distribution by Windows OS

OS version	distribution
Windows 7 Home Premium	100.00%

Distribution by PC manufacturer

PC Manufacturer	distribution
MSI	100.00%

"Should I Block It?" client app is coming soon

We are still in the final stages of development and will hopefully have our 100% free client app available soon. The app will work in conjunction with your existing anti-virus program to quickly help you block potentially unwanted software from taking control of your PC.

In the meantime, if you would like to run our award winning software, "Should I Remove It?", which is designed to quickly purge your PC from unwanted programs, please download it it here, it's 100% FREE!

Featured on The Kim Komando Show, USA Today, Tom's Guide, CNET, Softonic and many more.

Remove Adware and Spyware Programs, FREE Download!

Should I block it?

Relationships