Unknown Process/Service: eventm (Event Manager)

Subject: Unknown Process/Service: eventm (Event Manager)
Posted by:  Alergy
Date: Thu, 24 May 2007


We had a security breach on a server yesterday.  Looking through the
processes, the following process caught my eye: c:\windows\system32\eventm.exe

It's properties call it the "Services and Controller app" and it runs as a
Service called "Event Manager".  The Service is a dependency for Event Log.

It all looks ok, but the following things concern me:

- I cannot find any information from Google or the Microsoft site on the
service or the process.
- I have never seen Event Log being dependent on another Service, especially
not this service.

As I can't find any relevant info, I was wondering if anyone knwos anything
about this process/service and whether it is genuine.

Many Thanks in advance,