Should I block it?

No, this file is 100% safe to run.

Relationships

Parent process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegDeleteKeyA, RegDeleteValueA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, RegEnumKeyExA, RegSetValueExA, RegCreateKeyExA, RegEnumValueA, FreeSid, AllocateAndInitializeSid, GetAce, SetKernelObjectSecurity, GetSecurityDescriptorDacl, SetSecurityInfo, InitializeAcl, AddAccessAllowedAce, ControlService, CloseServiceHandle, OpenServiceA, OpenSCManagerA, StartServiceA, IsValidSid, GetLengthSid
kernel32.dll
GetCommandLineA, GetCurrentProcess, SetPriorityClass, GetTickCount, FormatMessageA, WideCharToMultiByte, MultiByteToWideChar, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, DeleteFileA, GetWindowsDirectoryA, GetCurrentThreadId, WriteFile, SetFilePointer, GetFileSize, CreateFileA, GetCurrentProcessId, GetLocalTime, WaitForSingleObject, SetEvent, ResetEvent, CreateEventA, OpenEventA, SetThreadPriority, GetModuleFileNameA, SetLastError, GetVersionExA, GetExitCodeProcess, CreateProcessA, ReleaseMutex, CreateMutexA, lstrcpynA, lstrcatA, lstrcpyA, InterlockedIncrement, InterlockedDecrement, TerminateThread, RaiseException, RtlUnwind, ExitProcess, GetStartupInfoA, ExitThread, TlsSetValue, TlsGetValue, CreateThread, HeapAlloc, HeapFree, GetCPInfo, HeapReAlloc, LCMapStringA, LCMapStringW, GetTimeFormatA, GetDateFormatA, CompareStringA, CompareStringW, GetStringTypeA, GetStringTypeW, SetUnhandledExceptionFilter, TlsFree, TlsAlloc, QueryPerformanceCounter, GetSystemTimeAsFileTime, TerminateProcess, HeapSize, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, HeapDestroy, HeapCreate, VirtualFree, GetACP, GetOEMCP, FlushFileBuffers, VirtualProtect, VirtualAlloc, GetSystemInfo, VirtualQuery, IsBadWritePtr, GetUserDefaultLCID, EnumSystemLocalesA, IsValidLocale, IsValidCodePage, IsBadReadPtr, IsBadCodePtr, GetTimeZoneInformation, SetStdHandle, ReadFile, GetLocaleInfoW, SetEndOfFile, SetEnvironmentVariableA, CloseHandle, GetSystemDirectoryA, GetComputerNameA, Sleep, GetModuleHandleA, LoadLibraryA, GetProcAddress, GetLastError, GetLocaleInfoA, FreeLibrary
ole32.dll
CoReleaseServerProcess, CoAddRefServerProcess
user32.dll
FindWindowA, SendMessageA
winspool.drv
DeleteMonitorA

lxbxcoms.exe

Printer Communication System by Lexmark International (Signed)

Remove lxbxcoms.exe
Version:   6.4.25.0
MD5:   f96d21496d3886c00d7fd5bf00e34491
SHA1:   f19a09c2e18326af6104be234aaec2740dd22005
SHA256:   e72960f0dc6fd74ad927da159dfa9be44b973a0b94a06e013df9532371f12fbc

Overview

lxbxcoms.exe runs as a service under the name lxbx_device with extensive SYSTEM privileges (full administrator access). The file is digitally signed by Lexmark International which was issued by the Thawte Consulting (Pty) Ltd. certificate authority (CA). This particular version is usually found on Windows 7 Home Premium (6.1.7601.65536).

DetailsDetails

File name:lxbxcoms.exe
Product name:Printer Communication System
Typical file path:C:\Windows\System32\lxbxcoms.exe
Original name:GN__coms.exe
File version:6.4.25.0
Size:524.92 KB (537,520 bytes)
Certificate
Issued to:Lexmark International
Authority (CA):Thawte Consulting (Pty) Ltd.
Effective date:Thursday, August 4, 2005
Expiration date:Saturday, August 4, 2007
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Service
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'lxbx_device'

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00023681%
0.028634%
Kernel CPU:0.00012880%
0.013761%
User CPU:0.00010800%
0.014873%
Kernel CPU time:484 ms/min
100,923,805ms/min
CPU cycles:155,565/sec
17,470,203/sec
Memory
Private memory:2.81 MB
21.59 MB
Private (maximum):7.03 MB
Private (minimum):2.83 MB
Non-paged memory:2.81 MB
21.59 MB
Virtual memory:55.41 MB
140.96 MB
Virtual memory (peak):59.37 MB
169.69 MB
Working set:2.84 MB
18.61 MB
Working set (peak):7.35 MB
37.95 MB
Page faults:15,456/min
2,039/min
I/O
I/O read transfer:0 Bytes/sec
1.02 MB/min
I/O read operations:32/sec
343/min
I/O other transfer:22 Bytes/sec
448.09 KB/min
I/O other operations:98/sec
1,671/min
Resource allocations
Threads:8
12
Handles:129
600

BehaviorsProcess properties

Integrety level:System
Platform:32-bit
Command line:C:\Windows\System32\lxbxcoms.exe -service
Owner:SYSTEM
Windows Service
Service name:lxbx_device
Type:Win32OwnProcess, InteractiveProcess
Parent process:services.exe (Services and Controller app by Microsoft)

ResourcesThreads

Averages
 
lxbxusb1.dll (Printer Communication System)
Total CPU:0.00006069%
0.272967%
Kernel CPU:0.00000000%
0.107585%
User CPU:0.00006069%
0.165382%
CPU cycles:248,383/sec
5,741,424/sec
Context switches:1/sec
79/sec
Memory:980 KB
1.16 MB
lxbxcoms.exe (main module)
Total CPU:0.00003050%
Kernel CPU:0.00002218%
User CPU:0.00000832%
CPU cycles:2,173/sec
Memory:544 KB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 100.00%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE