Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

2001.12.9330.0 (winmain_win8rc.120518-1423) 0.10%
2001.12.9330.0 (winmain_win8rc.120518-1423) 0.10%
2001.12.9180.0 (winmain_win8beta.120217-1520) 0.05%
2001.12.9032.0 (winmain_win8m3.110823-1455) 0.10%
2001.12.8530.16385 (win7_rtm.090713-1255) 43.54%
2001.12.8530.16385 (win7_rtm.090713-1255) 25.48%
2001.12.8530.16385 (win7_rtm.090713-1255) 0.05%
2001.12.8530.16384 (win7_rtm.090710-1945) 0.05%
2001.12.6932.18005 (lh_sp2rtm.090410-1830) 1.50%
2001.12.6932.18005 (lh_sp2rtm.090410-1830) 6.33%
2001.12.6931.18057 (vistasp1_gdr.080417-1550) 0.47%
2001.12.6930.16677 (vista_gdr.080418-1950) 0.36%
2001.12.6930.16386 (vista_rtm.061101-2205) 0.05%
2001.12.4720.4282 (srv03_sp2_gdr.080429-1914) 0.05%
2001.12.4720.3959 (srv03_sp2_rtm.070216-1710) 0.05%
2001.12.10530.16384 (winblue_rtm.130821-1623) 4.46%
2001.12.10530.16384 (winblue_rtm.130821-1623) 0.10%
2001.12.10361.0 (winmain_bluemp.130615-1214) 0.21%
2001.12.10361.0 (winmain_bluemp.130615-1214) 0.05%
2001.12.10130.16384 (win8_rtm.120725-1247) 2.65%
2001.12.10130.16384 (win8_rtm.120725-1247) 14.22%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegNotifyChangeKeyValue, ConvertStringSidToSidW, LookupAccountSidW, ConvertSidToStringSidW, GetTokenInformation, EqualSid, CheckTokenMembership, FreeSid, AllocateAndInitializeSid, RegisterEventSourceW, SetThreadToken, OpenThreadToken, OpenProcessToken, SetServiceStatus, AdjustTokenPrivileges, LookupPrivilegeValueW, RegGetValueW, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegCloseKey, SetNamedSecurityInfoW, GetSecurityDescriptorDacl, RegCreateKeyExW, RegisterServiceCtrlHandlerW, RegUnLoadKeyW, RegLoadKeyW, RegOpenKeyExW, RegQueryValueExW, RegDeleteTreeW, RegEnumKeyExW, RegSetKeyValueW, RegDeleteValueW, RegEnumValueW, RegSetValueExW, RegQueryInfoKeyW, DeregisterEventSource, ReportEventW, GetLengthSid, CryptReleaseContext, CryptGenRandom, CryptAcquireContextW
api-ms-win-core-com-l1-1-0.dll
StringFromGUID2, CoGetObjectContext, CoRegisterClassObject, FreePropVariantArray, CLSIDFromString, PropVariantClear, CoCancelCall, CoUninitialize, CoSetProxyBlanket, CoCreateInstance, CoEnableCallCancellation, CoUnmarshalInterface, CoMarshalInterface, CoInitializeEx, CoDisableCallCancellation, StringFromCLSID, CoDisconnectContext, CoTaskMemFree, IIDFromString, CoRevertToSelf, CoReleaseMarshalData, CoImpersonateClient, CoRevokeClassObject, CoTaskMemAlloc, CreateStreamOnHGlobal, CoGetClassObject, PropVariantCopy, CoCreateGuid, CoCopyProxy
api-ms-win-core-debug-l1-1-1.dll
OutputDebugStringW, IsDebuggerPresent, DebugBreak, OutputDebugStringA
api-ms-win-core-delayload-l1-1-1.dll
ResolveDelayLoadedAPI, DelayLoadFailureHook
api-ms-win-core-errorhandling-l1-1-0.dll
UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetLastError
api-ms-win-core-errorhandling-l1-1-1.dll
UnhandledExceptionFilter, GetLastError, RaiseException, SetUnhandledExceptionFilter
api-ms-win-core-file-l1-1-0.dll
GetFileAttributesW
api-ms-win-core-file-l1-1-1.dll
FindClose, CreateDirectoryW, FindNextFileW, DeleteFileW, SetFileAttributesW, GetFileAttributesW, FindFirstFileW
api-ms-win-core-file-l1-2-0.dll
FindClose, CreateDirectoryW, SetFileAttributesW, FindNextFileW, FindFirstFileW, GetFileAttributesW, DeleteFileW
api-ms-win-core-file-l1-2-1.dll
DeleteFileW, GetFileAttributesW, CreateDirectoryW, SetFileAttributesW, FindClose, FindNextFileW, FindFirstFileW
api-ms-win-core-handle-l1-1-0.dll
DuplicateHandle, CloseHandle
api-ms-win-core-heap-obsolete-l1-1-0.dll
GlobalFree, GlobalUnlock, GlobalAlloc, GlobalLock, LocalFree, LocalAlloc
api-ms-win-core-interlocked-l1-1-0.dll
InterlockedDecrement, InterlockedCompareExchange, InterlockedExchange, InterlockedIncrement
api-ms-win-core-interlocked-l1-1-1.dll
InterlockedCompareExchange64, InterlockedExchangeAdd, InterlockedIncrement, InterlockedDecrement, InterlockedCompareExchange, InterlockedExchange
api-ms-win-core-interlocked-l1-2-0.dll
InterlockedDecrement, InterlockedCompareExchange, InterlockedExchange, InterlockedExchangeAdd, InterlockedIncrement, InterlockedCompareExchange64
api-ms-win-core-io-l1-1-1.dll
CreateIoCompletionPort, GetQueuedCompletionStatus, PostQueuedCompletionStatus
api-ms-win-core-kernel32-legacy-l1-1-0.dll
GetComputerNameW
api-ms-win-core-kernel32-legacy-l1-1-1.dll
GetComputerNameW
api-ms-win-core-libraryloader-l1-1-0.dll
LoadLibraryExW, GetProcAddress, LoadLibraryExA, DisableThreadLibraryCalls, FreeLibrary
api-ms-win-core-libraryloader-l1-1-1.dll
FindResourceExW, LoadResource, LoadStringW, LockResource, FreeLibraryAndExitThread, GetProcAddress, GetModuleFileNameW, GetModuleHandleExW, GetModuleHandleW, FreeLibrary, LoadLibraryExW, DisableThreadLibraryCalls
api-ms-win-core-libraryloader-l1-2-0.dll
FindResourceExW, LoadLibraryExW, LoadStringW, GetModuleFileNameW, LoadResource, GetModuleHandleExW, LockResource, DisableThreadLibraryCalls, FreeLibrary, FreeLibraryAndExitThread, GetProcAddress, GetModuleHandleW
api-ms-win-core-localization-l1-1-0.dll
GetUserDefaultLCID
api-ms-win-core-localization-l1-1-1.dll
FormatMessageW, GetUserDefaultLCID
api-ms-win-core-localization-l1-2-0.dll
FormatMessageW, GetUserDefaultLCID
api-ms-win-core-localization-l1-2-1.dll
GetUserDefaultLCID, FormatMessageW
api-ms-win-core-localregistry-l1-1-0.dll
RegCloseKey, RegOpenKeyExW, RegLoadKeyW, RegUnLoadKeyW, RegCreateKeyExW, RegGetValueW, RegQueryValueExW
api-ms-win-core-memory-l1-1-1.dll
VirtualQuery, VirtualAlloc, VirtualProtect
api-ms-win-core-memory-l1-1-2.dll
VirtualQuery, VirtualAlloc, VirtualProtect
api-ms-win-core-misc-l1-1-0.dll
FormatMessageW, Sleep, LocalFree, lstrlenW
api-ms-win-core-processenvironment-l1-1-0.dll
SearchPathW
api-ms-win-core-processenvironment-l1-1-1.dll
SearchPathW, ExpandEnvironmentStringsW
api-ms-win-core-processenvironment-l1-2-0.dll
ExpandEnvironmentStringsW, SearchPathW
api-ms-win-core-processthreads-l1-1-0.dll
GetCurrentProcess, TerminateProcess, GetCurrentProcessId, OpenProcessToken, SetThreadToken, GetCurrentThread, OpenThreadToken, GetCurrentThreadId, CreateThread
api-ms-win-core-processthreads-l1-1-1.dll
SetThreadToken, OpenThreadToken, GetCurrentThreadId, SetThreadStackGuarantee, GetThreadContext, GetCurrentThread, GetCurrentProcess, GetCurrentProcessId, OpenProcessToken, SetThreadPriority, CreateThread, TerminateProcess, GetExitCodeProcess, CreateProcessW, IsProcessorFeaturePresent
api-ms-win-core-processthreads-l1-1-2.dll
SetThreadPriority, GetCurrentProcess, OpenProcessToken, GetCurrentThreadId, GetCurrentThread, SetThreadStackGuarantee, SetThreadToken, OpenThreadToken, GetThreadContext, GetExitCodeProcess, CreateThread, TerminateProcess, GetCurrentProcessId, CreateProcessW
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter, QueryPerformanceFrequency
api-ms-win-core-registry-l1-1-0.dll
RegNotifyChangeKeyValue, RegCreateKeyExW, RegQueryInfoKeyW, RegQueryValueExW, RegEnumValueW, RegSetValueExW, RegCloseKey, RegEnumKeyExW, RegDeleteValueW, RegUnLoadKeyW, RegLoadKeyW, RegOpenKeyExW, RegGetValueW, RegDeleteTreeW
api-ms-win-core-string-l1-1-0.dll
CompareStringW
api-ms-win-core-string-obsolete-l1-1-0.dll
lstrlenW
api-ms-win-core-synch-l1-1-0.dll
DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, WaitForSingleObject, ResetEvent, CreateEventW, SetEvent, InitializeCriticalSectionAndSpinCount
api-ms-win-core-synch-l1-1-1.dll
InitOnceExecuteOnce, LeaveCriticalSection, EnterCriticalSection, ResetEvent, InitializeCriticalSection, SetEvent, InitializeCriticalSectionAndSpinCount, WaitForSingleObject, DeleteCriticalSection, WaitForSingleObjectEx, Sleep, ReleaseSemaphore, CreateSemaphoreExW, CreateEventW
api-ms-win-core-synch-l1-2-0.dll
EnterCriticalSection, InitializeCriticalSectionAndSpinCount, ResetEvent, WaitForSingleObjectEx, LeaveCriticalSection, InitializeCriticalSection, CreateEventW, InitOnceExecuteOnce, SetEvent, WaitForSingleObject, DeleteCriticalSection, ReleaseSemaphore, CreateSemaphoreExW, Sleep
api-ms-win-core-sysinfo-l1-1-0.dll
GetTickCount, GetSystemTimeAsFileTime, GetTickCount64
api-ms-win-core-sysinfo-l1-1-1.dll
GetTickCount64, GetTickCount, GetLocalTime, GetSystemTimeAsFileTime, GetSystemInfo
api-ms-win-core-sysinfo-l1-2-0.dll
GetSystemTimeAsFileTime, GetSystemInfo, GetTickCount, GetTickCount64, GetLocalTime
api-ms-win-core-sysinfo-l1-2-1.dll
GetSystemTimeAsFileTime, GetSystemInfo, GetLocalTime, GetTickCount64, GetTickCount
api-ms-win-core-threadpool-l1-1-0.dll
CreateTimerQueueTimer, DeleteTimerQueueTimer
api-ms-win-core-threadpool-l1-1-1.dll
WaitForThreadpoolWaitCallbacks, SetThreadpoolWait, CreateTimerQueueTimer, CreateThreadpoolWait, DeleteTimerQueueTimer, CloseThreadpoolWait
api-ms-win-core-threadpool-l1-2-0.dll
SetThreadpoolWait, WaitForThreadpoolWaitCallbacks, CreateThreadpoolWait, CloseThreadpoolWait
api-ms-win-core-threadpool-legacy-l1-1-0.dll
DeleteTimerQueueTimer, UnregisterWaitEx, CreateTimerQueueTimer, ChangeTimerQueueTimer
api-ms-win-core-threadpool-private-l1-1-0.dll
RegisterWaitForSingleObjectEx
api-ms-win-core-version-l1-1-0.dll
VerQueryValueW
api-ms-win-obsolete-kernelbase-l1-1-0.dll
lstrlenW, LocalFree
api-ms-win-security-base-l1-1-0.dll
AdjustTokenPrivileges, GetSecurityDescriptorDacl, FreeSid, AllocateAndInitializeSid, CheckTokenMembership, GetTokenInformation, EqualSid, GetLengthSid
api-ms-win-security-base-l1-2-0.dll
EqualSid, AllocateAndInitializeSid, FreeSid, CheckTokenMembership, AdjustTokenPrivileges, GetSecurityDescriptorDacl, GetTokenInformation, GetLengthSid
kernel32.dll
OutputDebugStringW, RegNotifyChangeKeyValue, RegisterWaitForSingleObject, GetModuleHandleExW, InitializeCriticalSection, VirtualProtect, VirtualAlloc, VirtualQuery, GetVersion, IsDebuggerPresent, GetThreadContext, GetLocalTime, CreateDirectoryW, CreateProcessW, GetExitCodeProcess, FindFirstFileW, FindNextFileW, SetFileAttributesW, DeleteFileW, FindClose, GetModuleHandleW, FindResourceW, LoadResource, LockResource, OutputDebugStringA, SetThreadPriority, GetQueuedCompletionStatus, FreeLibraryAndExitThread, CreateIoCompletionPort, QueryPerformanceFrequency, InterlockedExchangeAdd, PostQueuedCompletionStatus, ChangeTimerQueueTimer, LoadLibraryW, InterlockedCompareExchange64, LocalAlloc, ReleaseSemaphore, CreateSemaphoreW, GetSystemInfo, GetModuleFileNameW, RaiseException, DelayLoadFailureHook, UnregisterWait, RegDeleteTreeW, RegEnumKeyExW, RegDeleteValueW, GetComputerNameW, RegEnumValueW, RegSetValueExW, ExpandEnvironmentStringsW, RegQueryInfoKeyW, DebugBreak, InitOnceExecuteOnce, GlobalMemoryStatusEx, GetTickCount, CreateThread, DuplicateHandle, SearchPathW, InterlockedExchange, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, VirtualFree, DeleteTimerQueueTimer, CreateTimerQueueTimer, InitializeCriticalSectionAndSpinCount, LocalFree, Sleep, LoadLibraryA, GetProcAddress, FormatMessageW, FreeLibrary, LoadLibraryExW, GetFileAttributesW, InterlockedCompareExchange, GetCurrentProcess, DisableThreadLibraryCalls, CreateEventW, ResetEvent, WaitForSingleObject, GetCurrentThreadId, GetCurrentThread, GetLastError, SetEvent, CloseHandle, GetUserDefaultLCID, InterlockedDecrement, CompareStringW, InterlockedIncrement, lstrlenW, LeaveCriticalSection, EnterCriticalSection, DeleteCriticalSection, SetThreadStackGuarantee, UnregisterWaitEx, RegisterWaitForSingleObjectEx, GlobalLock, GlobalAlloc, GlobalUnlock, GlobalFree
msvcrt.dll
DllMain
ntdll.dll
NtOpenEvent, RtlInitUnicodeString, NtQueryEvent, RtlImageNtHeader, RtlAllocateHeap, RtlFreeHeap, RtlDelete, RtlSplay, RtlDllShutdownInProgress, RtlInitializeCriticalSectionAndSpinCount, RtlDeleteCriticalSection, RtlCreateServiceSid, RtlNtStatusToDosError, RtlInitAnsiString, RtlOemStringToUnicodeString, RtlApplicationVerifierStop
ole32.dll
CoUnmarshalInterface, CoCreateGuid, CoDisconnectContext, CoUninitialize, PropVariantClear, FreePropVariantArray, CoRegisterClassObject, CoGetObjectContext, StringFromCLSID, CoGetMalloc, CoRevokeClassObject, IIDFromString, CoGetInterceptorFromTypeInfo, CLSIDFromString, CoGetObject, StringFromGUID2, CoCreateInstance, CoEnableCallCancellation, CoDisableCallCancellation, CoSetProxyBlanket, CoCancelCall, CoTaskMemFree, CoTaskMemAlloc, CoRevertToSelf, CoImpersonateClient, CoMarshalInterface, CreateStreamOnHGlobal, PropVariantCopy, CoCopyProxy, CoGetClassObject, CoInitializeEx
propsys.dll
PropVariantToVariant, VariantToPropVariant
rpcrt4.dll
CStdStubBuffer_Connect, CStdStubBuffer_AddRef, CStdStubBuffer_QueryInterface, NdrStubCall2, NdrStubForwardingFunction, IUnknown_Release_Proxy, IUnknown_AddRef_Proxy, IUnknown_QueryInterface_Proxy, NdrOleFree, NdrOleAllocate, CStdStubBuffer_Invoke, CStdStubBuffer_IsIIDSupported, CStdStubBuffer_CountRefs, CStdStubBuffer_DebugServerQueryInterface, CStdStubBuffer_DebugServerRelease, NdrCStdStubBuffer2_Release, NdrCStdStubBuffer_Release, NdrDllCanUnloadNow, NdrDllGetClassObject, CStdStubBuffer_Disconnect, I_RpcOpenClientProcess, I_RpcBindingInqLocalClientPID, I_RpcBindingInqTransportType
user32.dll
OpenWindowStationW, GetThreadDesktop, GetProcessWindowStation, CloseDesktop, CloseWindowStation, SetDlgItemTextW, EndDialog, DialogBoxParamW, SetProcessWindowStation, OpenDesktopW, SetThreadDesktop, GetDesktopWindow, GetWindowRect, GetClientRect, MapWindowPoints, SetWindowPos, LoadStringW, PeekMessageW, MsgWaitForMultipleObjectsEx, PostThreadMessageW
Export table
DllCanUnloadNow
DllGetClassObject
LCEControlServer
NotifyLogoffUser
NotifyLogonUser
ServiceMain
SvchostPushServiceGlobals

ES.dll

COM+ by Microsoft

Remove ES.dll
Version:   2001.12.6932.18005 (lh_sp2rtm.090410-1830)
MD5:   67058c46504bc12d821f38cf99b7b28f
SHA1:   db306627bd7f285f4deb5d005a5a9464438f4d47
SHA256:   e8d19f305f78bca1da8425315f2c77a377cd51e3cc54323dc2ff355120ea097d
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is ES.dll?

COM+ is an evolution of Microsoft Component Object Model (COM) and Microsoft Transaction Server (MTS). COM+ builds on and extends applications written using COM, MTS, and other COM-based technologies. COM+ handles many of the resource management tasks that you previously had to program yourself, such as thread allocation and security.

About ES.dll (from Microsoft)

COM+ also makes your applications more scalable by providing thread pooling, object pooling, and just-in-time object activation. COM+ also helps protect the integrity of your data by providing transac

DetailsDetails

File name:es.dll
Publisher:Microsoft Corporation
Product name:COM+
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\es.dll
File version:2001.12.6932.18005 (lh_sp2rtm.090410-1830)
Product version:6.0.6002.18005
Size:262.5 KB (268,800 bytes)
Digital DNA
PE subsystem:Windows Console
File packed:No
Code language:Microsoft Visual C# / Basic .NET
.NET CLR:Yes
.NET NGENed:No
More details

BehaviorsBehaviors

Hosted services
Runs as a shared service under the Windows svcHost
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'
  • Shared name is 'EventSystem'

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 30.50%
Windows 8.1 18.00%
Windows 7 Ultimate 15.50%
Windows 8.1 Pro 7.50%
Windows 7 Professional 5.50%
Windows 8 4.50%
Windows 8.1 Single Language 3.50%
Windows 8 Pro 3.00%
Windows 8 Single Language 2.50%
Windows 8.1 Pro with Media Center 2.00%
Windows Vista Home Premium 2.00%
Windows 7 Home Basic 1.50%
Windows 8 Enterprise N 1.00%
Windows 8.1 N 0.50%
Windows Seven Black Edition 0.50%
Windows 8.1 Enterprise Evaluation 0.50%
Windows 8 Enterprise 0.50%
Windows 7 Starter 0.50%
Windows 8.1 Enterprise 0.50%

Distribution by countryDistribution by country

United States installs about 46.73% of COM+.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 19.46%
Hewlett-Packard 17.90%
ASUS 17.12%
Acer 11.67%
Toshiba 10.89%
Lenovo 10.12%
Sony 4.67%
Intel 2.33%
GIGABYTE 1.95%
Samsung 1.56%
Alienware 1.17%
Medion 0.78%
Sahara 0.39%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE