Should I block it?

No, this file is 100% safe to run.

Additional versions

6.14.11.1173	0.11%
6.14.11.1169	2.63%
6.14.11.1165	0.11%
6.14.11.1164	1.48%
6.14.11.1164	1.03%
6.14.11.1161	0.11%
6.14.11.1159	1.60%
6.14.11.1159	1.60%
6.14.11.1159	0.34%
6.14.11.1159	0.11%
6.14.11.1154	0.11%
6.14.11.1143	0.34%
6.14.11.1143	0.57%
6.14.11.1143	0.11%
6.14.11.1143	3.42%
6.14.11.1143	0.11%
6.14.11.1143	0.11%
6.14.11.1143	0.34%
6.14.11.1143	0.11%
6.14.11.1143	0.34%
6.14.11.1143	0.11%
6.14.11.1143	0.11%
6.14.11.1143	0.11%
6.14.11.1143	0.11%
6.14.11.1143	0.11%
View more
6.14.11.1137	4.22%
6.14.11.1137	0.57%
6.14.11.1137	0.57%
6.14.11.1137	0.34%
6.14.11.1131	5.82%
6.14.11.1131	1.03%
6.14.11.1131	0.11%
6.14.11.1131	0.11%
6.14.11.1131	0.11%
6.14.11.1131	0.11%
6.14.11.1126	0.11%
6.14.11.1126	0.34%
6.14.11.1126	3.20%
6.14.11.1126	1.03%
6.14.11.1126	1.03%
6.14.11.1126	0.80%
6.14.11.1126	0.34%
6.14.11.1126	0.57%
6.14.11.1126	0.34%
6.14.11.1126	0.68%
6.14.11.1126	0.11%
6.14.11.1126	0.11%
6.14.11.1126	0.34%
6.14.11.1126	0.11%
6.14.11.1126	0.11%
6.14.11.1122	1.03%
146 other versions

Relationships

Parent process

services.exe (Services and Controller app by Microsoft)

Child process

atieclxx.exe (AMD External Events by AMD)

Related files

PE file structure

Show functions

Import table

advapi32.dll

StartServiceCtrlDispatcherA, RegQueryValueExA, RegisterEventSourceA, ReportEventA, InitializeSecurityDescriptor, OpenProcessToken, CreateProcessAsUserA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, DeleteService, OpenServiceA, SetServiceStatus, RegisterServiceCtrlHandlerExA, RegCloseKey, RegSetValueExA, RegCreateKeyExA, RegDeleteValueA, RegGetValueA, RegOpenKeyExA, RegDeleteKeyA, RegOpenCurrentUser, SetSecurityDescriptorDacl, RevertToSelf, ImpersonateLoggedOnUser, RegSetValueExW, RegGetValueW

kernel32.dll

CompareStringA, CompareStringW, SetEnvironmentVariableA, GetCommandLineA, GetLocaleInfoW, GetProcessHeap, SetEndOfFile, GetTimeZoneInformation, VirtualQuery, GetSystemInfo, VirtualProtect, RaiseException, LoadLibraryA, InterlockedExchange, FreeLibrary, SetConsoleCtrlHandler, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetModuleHandleW, InitializeCriticalSection, IsValidCodePage, IsValidLocale, EnumSystemLocalesA, lstrcmpiA, WaitForSingleObject, MapViewOfFile, CreateFileMappingA, OpenProcess, GetLastError, GetModuleFileNameA, WTSGetActiveConsoleSessionId, OutputDebugStringA, GetLocalTime, CloseHandle, Sleep, GetVersionExA, GetSystemDirectoryA, CreateProcessA, CreateMutexA, OpenMutexA, ReleaseMutex, CreateEventA, OpenEventA, WaitForMultipleObjects, SetEvent, ResetEvent, CreateThread, SetThreadPriority, CreateNamedPipeA, ConnectNamedPipe, DisconnectNamedPipe, ReadFile, WriteFile, FlushFileBuffers, CreateFileA, LocalFree, HeapAlloc, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, HeapFree, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, GetProcAddress, GetModuleHandleA, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThreadId, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, RtlUnwind, WideCharToMultiByte, GetConsoleCP, GetConsoleMode, DeleteCriticalSection, FatalAppExitA, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, ExitProcess, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, VirtualAlloc, HeapReAlloc, SetFilePointer, LCMapStringA, MultiByteToWideChar, LCMapStringW, GetStringTypeA, GetStringTypeW, GetTimeFormatA, GetDateFormatA, GetUserDefaultLCID, GetLocaleInfoA, ReadConsoleW, HeapSize, LoadLibraryExA, InitializeCriticalSectionAndSpinCount, IsProcessorFeaturePresent, LoadLibraryExW

powrprof.dll

PowerGetActiveScheme, PowerSetActiveScheme, PowerWriteACValueIndex, PowerWriteDCValueIndex, PowerEnumerate, PowerSettingAccessCheck, PowerReadACValueIndex, PowerReadDCValueIndex

psapi.dll

GetModuleBaseNameA, EnumProcessModules

user32.dll

UnregisterDeviceNotification, PostMessageA, RegisterDeviceNotificationA, PostThreadMessageA, RegisterPowerSettingNotification, UnregisterPowerSettingNotification, SystemParametersInfoA

userenv.dll

LoadUserProfileA, UnloadUserProfile

wtsapi32.dll

WTSEnumerateProcessesA, WTSQueryUserToken, WTSQuerySessionInformationA, WTSFreeMemory

ATIESRXX.exe

AMD External Events by AMD

Remove ATIESRXX.exe

Version:	6.14.11.1114
MD5:	d1fe13ccd444a17d3365dc56233d86ba
SHA1:	f7632260c48c22f9a130fd90a665703f1fd6a039

What is ATIESRXX.exe?

The files atiesrxx.exe and atieclxx.exe are both associated with the AMD External Events Service Module, which is part of the ATI display driver package. The function of atieclxx.exe is to give ATI Graphic card better performance so it just plays a subsidiary role.

Overview

atiesrxx.exe runs as a service under the name AMD External Events Utility (SYSTEM\CurrentControlSet\Services\AMD External Events Utility) with extensive SYSTEM privileges (full administrator access).

Details

File name:	atiesrxx.exe
Publisher:	AMD
Product name:	AMD External Events
Description:	AMD External Events Service Module
Typical file path:	C:\Windows\System32\atiesrxx.exe
File version:	6.14.11.1114
Size:	159.5 KB (163,328 bytes)
Digital DNA
Entropy:	6.353569
File packed:	No
.NET CLR:	No

More details

Behaviors

Service

Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)

'AMD External Events Utility'

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

CPU
Total CPU:	0.00002024%	0.028634%
Kernel CPU:	0.00000660%	0.013761%
User CPU:	0.00001364%	0.014873%
Kernel CPU time:	16 ms/min	100,923,805ms/min
Memory
Private memory:	1024 KB	21.59 MB
Private (maximum):	2.84 MB
Private (minimum):	2.8 MB
Non-paged memory:	1024 KB	21.59 MB
Virtual memory:	26.9 MB	140.96 MB
Virtual memory (peak):	28.9 MB	169.69 MB
Working set:	2.84 MB	18.61 MB
Working set (peak):	3.36 MB	37.95 MB
Resource allocations
Threads:	6	12
Handles:	123	600

Process properties

Integrety level:	System
Platform:	32-bit
Command line:	C:\Windows\System32\atiesrxx.exe
Owner:	SYSTEM
Windows Service
Service name:	SYSTEM\CurrentControlSet\Services\AMD External Events Utility
Display name:	AMD External Events Utility
Type:	Win32OwnProcess
Parent process:	services.exe (Services and Controller app by Microsoft)

Distribution by Windows OS

OS version	distribution
Windows 7 Home Premium	41.00%
Windows 8.1	16.50%
Windows 7 Ultimate	15.00%
Windows 7 Professional	7.00%
Windows 8	6.50%
Windows 8.1 Pro	6.00%
Windows 8.1 Enterprise	2.00%
Windows 8 Single Language	1.50%
Windows Seven Black Edition	1.00%
Windows 7 Starter	1.00%
Windows 7 Home Basic	1.00%
Windows 8.1 Pro with Media Center	0.50%
Windows 8 Pro	0.50%
Windows Vista Home Premium	0.50%

Distribution by country

United States installs about 47.50% of AMD External Events.

Distribution by PC manufacturer

PC Manufacturer	distribution
Hewlett-Packard	27.47%
Acer	19.31%
Dell	15.45%
Toshiba	13.73%
ASUS	8.58%
Lenovo	5.15%
Samsung	3.86%
GIGABYTE	2.15%
Medion	1.72%
Gateway	1.72%
MSI	0.86%

Remove Adware and Spyware Programs, FREE Download!