Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

1, 5, 395, 0 7.41%
1, 5, 395, 0 3.70%
1, 5, 393, 22 25.93%
1, 5, 393, 22 7.41%
1, 5, 393, 18 18.52%
1, 5, 393, 18 14.81%
1, 5, 388, 0 11.11%
1, 5, 388, 0 3.70%
1, 5, 350, 0 3.70%
1, 5, 350, 0 3.70%

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
RegSetValueExW, RegQueryValueExW, RegOpenKeyExW, RegDeleteValueW, RegEnumValueW, RegCreateKeyExW, OpenThreadToken, DuplicateTokenEx, LookupAccountNameW, SetKernelObjectSecurity, GetAce, GetSecurityInfo, InitializeAcl, EqualSid, GetTokenInformation, AddAccessAllowedAce, LookupPrivilegeValueW, AdjustTokenPrivileges, OpenProcessToken, ConvertStringSidToSidW, MakeAbsoluteSD, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, GetSecurityDescriptorSacl, SetSecurityInfo, RevertToSelf, RegCloseKey, ImpersonateLoggedOnUser, ImpersonateNamedPipeClient, ConvertSidToStringSidW, CryptAcquireContextW, CryptGenRandom, CryptReleaseContext
gdi32.dll
GetPixel
kernel32.dll
InitializeCriticalSection, UnmapViewOfFile, MapViewOfFile, CreateFileMappingW, EnterCriticalSection, ReadProcessMemory, GetModuleFileNameW, GetEnvironmentStringsW, SetEnvironmentVariableW, QueueUserWorkItem, DeleteCriticalSection, LoadLibraryExW, CreateRemoteThread, GetWindowsDirectoryW, GetTempPathW, CreateDirectoryW, Sleep, GetTickCount, CreateMutexW, SetLastError, ProcessIdToSessionId, WaitForSingleObject, GetCurrentProcessId, CreateToolhelp32Snapshot, Process32FirstW, PulseEvent, OpenProcess, GetModuleHandleW, GetProcAddress, Process32NextW, TerminateProcess, GetLastError, CreateProcessW, CreateEventW, InterlockedCompareExchange, CloseHandle, CreateNamedPipeW, GetProcessTimes, LoadLibraryW, GetVersion, DuplicateHandle, GetCurrentProcess, FreeLibrary, FindFirstFileW, FindClose, SetEvent, ResetEvent, GetCurrentThreadId, IsBadCodePtr, GetCommandLineW, OpenMutexW, InterlockedExchange, QueryPerformanceCounter, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, WaitForMultipleObjects, GetThreadPriority, GetCurrentThread, SetThreadPriority, FlushFileBuffers, DisconnectNamedPipe, ConnectNamedPipe, GetComputerNameW, GetShortPathNameW, GetFileSize, GlobalUnlock, GlobalAlloc, OpenFileMappingW, VirtualQuery, GlobalSize, GlobalLock, CopyFileW, VirtualAlloc, VirtualFree, GetCurrentDirectoryW, OutputDebugStringW, WideCharToMultiByte, GlobalDeleteAtom, GlobalAddAtomW, ResumeThread, SuspendThread, ReleaseMutex, GetFileSizeEx, GetLongPathNameW, HeapDestroy, HeapCreate, HeapAlloc, HeapFree, GetSystemDirectoryW, SwitchToThread, QueryPerformanceFrequency, WaitForSingleObjectEx, SetEndOfFile, MoveFileExW, WriteProcessMemory, QueueUserAPC, SetFilePointerEx, CompareFileTime, ExitThread, GetLocalTime, DeleteFileW, LocalAlloc, LoadLibraryA, RaiseException, GetPrivateProfileStringW, GetPrivateProfileIntW, GetSystemTimeAsFileTime, lstrcmpiA, GetVersionExW, VirtualProtect, FormatMessageW, lstrcmpA, SystemTimeToFileTime, GetSystemTime, IsBadWritePtr, IsBadReadPtr, VerLanguageNameW, lstrcpynW, InterlockedIncrement, InterlockedDecrement, OpenEventW, GetEnvironmentVariableW, OpenThread, GetProcessAffinityMask, TlsAlloc, TlsFree, TlsGetValue, TlsSetValue, GlobalFree, CreateFileW, WaitNamedPipeW, WriteFile, ReadFile, MultiByteToWideChar, CompareStringA, CompareStringW, GetFileAttributesW, SearchPathW, LocalFree, LeaveCriticalSection, CreateThread, GetExitCodeThread
msvcp80.dll
DllMain
msvcr80.dll
DllMain
ntdll.dll
ZwQuerySymbolicLinkObject, ZwQueryFullAttributesFile, ZwOpenSection, ZwMapViewOfSection, ZwAreMappedFilesTheSame, ZwUnmapViewOfSection, RtlNtStatusToDosError, ZwSetInformationFile, RtlAcquirePebLock, RtlReleasePebLock, ZwProtectVirtualMemory, ZwAllocateVirtualMemory, ZwWriteVirtualMemory, ZwWaitForSingleObject, ZwQueryInformationThread, ZwDelayExecution, ZwYieldExecution, ZwOpenSymbolicLinkObject, ZwOpenDirectoryObject, RtlInitUnicodeString, RtlImageDirectoryEntryToData, RtlGetVersion, ZwResetEvent, ZwReleaseMutant, ZwCreateMutant, ZwQueryVirtualMemory, ZwReadVirtualMemory, ZwFlushInstructionCache, ZwCreateKey, ZwWaitForMultipleObjects, ZwOpenKey, RtlFreeUnicodeString, ZwOpenFile, ZwCreateFile, ZwQueryInformationFile, ZwQueryValueKey, ZwSetValueKey, ZwFlushBuffersFile, ZwQueryInformationToken, ZwSetInformationProcess, ZwSetEvent, ZwQueryInformationProcess, NtSuspendProcess, ZwAccessCheckByType, ZwDuplicateObject, ZwWriteFile, RtlFormatCurrentUserKeyPath, ZwReadFile, ZwQueryKey, ZwCreateEvent, ZwOpenEvent, ZwClose, ZwOpenMutant, ZwOpenThread
ole32.dll
CoInitialize, CoUninitialize
user32.dll
MessageBoxW, ReleaseDC, GetDC, GetWindowRect, wsprintfW, CharLowerW, FindWindowW, GetWindowThreadProcessId, CharLowerBuffW, FindWindowExW, FindWindowExA, GetClassNameW, GetClassInfoW, FindWindowA, CharUpperBuffW, CharUpperBuffA, CharLowerBuffA, SetWindowLongW, CreateWindowExW, RegisterClassW, PostMessageW, SendMessageTimeoutW, FreeDDElParam, UnpackDDElParam, DefWindowProcW, GetWindowLongW, DestroyWindow, GetWindowTextW, EnumThreadWindows, GetQueueStatus, GetMessageW, PostThreadMessageW, RegisterWindowMessageW, OpenInputDesktop, SetThreadDesktop, GetThreadDesktop, OpenDesktopW, PeekMessageW, TranslateMessage, DispatchMessageW, MsgWaitForMultipleObjects, CallNextHookEx, IsWindow, DdeQueryStringW, DdeGetData, DdeCreateDataHandle, DdeInitializeW, DdeCreateStringHandleW, DdeNameService, DdeGetLastError, SetWindowsHookExW, UnhookWindowsHookEx, DdeFreeStringHandle, DdeUninitialize, AllowSetForegroundWindow, SendMessageW, CharUpperW, GetUserObjectInformationW, GetDesktopWindow, CloseDesktop, LoadStringW
wintrust.dll
WinVerifyTrust, WTHelperProvDataFromStateData, WTHelperGetProvSignerFromChain, CryptCATAdminReleaseContext, CryptCATAdminReleaseCatalogContext, CryptCATAdminEnumCatalogFromHash, CryptCATCatalogInfoFromContext, CryptCATAdminAcquireContext, CryptCATAdminCalcHashFromFileHandle
Export table
_GetISWPlugin@8
_InitHooks@4
_IswDllCanUnloadNow@0
_IswLog_FlushThread@4
_priviledged_deinit@0
_priviledged_init@0
_TrustedDllEntry@4
InjectCallout
IswProtectProcess
single_unprotected_launch
unprotected_launch

iswshex.dll

ZoneAlarm Browser Security by Check Point Software Technologies Ltd. (Signed)

Remove iswshex.dll
Version:   1, 5, 393, 22
MD5:   b9fba1ed752877dcaeb15c525583aefe
SHA1:   87525873eb5b6cb7109f77f0e1a48f7ff3316713
SHA256:   92d1663b721c9c101a393254919aede7bc5efcd831596a5e2adc57ae3b407476

What is iswshex.dll?

Check Point's ZoneAlarm ForceField is designed to secure Web browsing sessions through the use of browser virtualization, inline download scanning and DNS validation services.

About iswshex.dll (from Check Point Software Technologies Ltd.)

Get ZoneAlarm ForceField for your browser. ForceField works hard at Web safety so you don't have to, but you should continue to browse with common sense in mind.

Overview

iswshex.dll is loaded as dynamic link library that runs in the context of a process. The file is digitally signed by Check Point Software Technologies Ltd. which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:iswshex.dll
Publisher:Check Point Software Technologies
Product name:ZoneAlarm Browser Security
Typical file path:C:\Program Files\checkpoint\zaforcefield\plugins\iswshex.dll
File version:1, 5, 393, 22
Size:1 MB (1,050,280 bytes)
Certificate
Issued to:Check Point Software Technologies Ltd.
Authority (CA):VeriSign
Expiration date:Monday, May 5, 2014
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C++ 8.0
.NET CLR:No
More details

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 55.56%
Microsoft Windows XP 11.11%
Windows 8 Pro 7.41%
Windows 7 Ultimate 7.41%
Windows 7 Professional 7.41%
Windows Vista Home Basic 3.70%
Windows 7 Ultimate N 3.70%
Windows Vista Ultimate 3.70%

Distribution by countryDistribution by country

United States installs about 59.26% of ZoneAlarm Browser Security.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 63.64%
Acer 36.36%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE