Should I block it?

No, this file is 100% safe to run.

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
SetKernelObjectSecurity, RegEnumValueA, RegCreateKeyExA, RegEnumKeyExA, RegDeleteKeyA, RegSetValueExA, RegDeleteValueA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, InitializeSecurityDescriptor, FreeSid, GetSecurityDescriptorDacl, SetSecurityInfo, InitializeAcl, AddAccessAllowedAce, SetSecurityDescriptorDacl, CloseServiceHandle, QueryServiceStatus, ControlService, OpenServiceA, OpenSCManagerA, StartServiceA, IsValidSid, GetLengthSid, GetAce, AllocateAndInitializeSid
kernel32.dll
FormatMessageA, WideCharToMultiByte, MultiByteToWideChar, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, DeleteFileA, GetWindowsDirectoryA, GetCurrentThreadId, WriteFile, SetFilePointer, GetFileSize, CreateFileA, GetCurrentProcessId, GetLocalTime, SetLastError, ExpandEnvironmentStringsA, GetCurrentProcess, GetVersionExA, GetExitCodeProcess, WaitForSingleObject, SetPriorityClass, CreateProcessA, SetThreadPriority, SetEvent, ResetEvent, CreateEventA, OpenEventA, ReleaseMutex, CreateMutexA, GetComputerNameA, DisconnectNamedPipe, FlushFileBuffers, WaitForMultipleObjects, GetOverlappedResult, ReadFile, ConnectNamedPipe, CreateNamedPipeA, WaitNamedPipeA, InterlockedIncrement, InterlockedDecrement, InterlockedExchange, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, RaiseException, RtlUnwind, HeapFree, HeapAlloc, GetProcessHeap, GetStartupInfoA, ExitThread, CreateThread, LCMapStringA, LCMapStringW, GetCPInfo, ExitProcess, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, HeapSize, GetACP, GetOEMCP, GetStdHandle, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetSystemTimeAsFileTime, VirtualAlloc, HeapReAlloc, GetConsoleCP, GetConsoleMode, GetLocaleInfoA, GetStringTypeA, GetStringTypeW, GetUserDefaultLCID, EnumSystemLocalesA, IsValidLocale, IsValidCodePage, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, SetStdHandle, GetLocaleInfoW, CreateFileW, SetEndOfFile, GetCommandLineA, TerminateThread, CloseHandle, GetModuleFileNameA, GetSystemDirectoryA, GetTickCount, Sleep, GetModuleHandleA, LoadLibraryA, GetProcAddress, GetLastError, FreeLibrary
user32.dll
FindWindowA, SendMessageA
winspool.drv
DeleteMonitorA

lxefcoms.exe

Printer Communication System by Lexmark International (Signed)

Remove lxefcoms.exe
Version:   1.43.4.0
MD5:   0bea7ac2671d3b9dd53795cd3b84cae0
SHA1:   0115dc089aaecd859e11ae9096037910368b60f3
SHA256:   4fbc87fd2c0b4a4864af8fdcf221598e6327e2ba152d2b689320eb9ae4e72c93

Overview

lxefcoms.exe runs as a service under the name lxef_device with extensive SYSTEM privileges (full administrator access). The file is digitally signed by Lexmark International which was issued by the Thawte Consulting (Pty) Ltd. certificate authority (CA). This particular version is usually found on Windows Vista (TM) Home Premium (6.0.6001.65536).

DetailsDetails

File name:lxefcoms.exe
Product name:Printer Communication System
Typical file path:C:\Windows\System32\lxefcoms.exe
Original name:GN__coms.exe
File version:1.43.4.0
Size:584.66 KB (598,696 bytes)
Build date:7/12/2010 3:31 PM
Certificate
Issued to:Lexmark International
Authority (CA):Thawte Consulting (Pty) Ltd.
Effective date:Monday, June 22, 2009
Expiration date:Wednesday, August 3, 2011
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Service
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'lxef_device'

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00000365%
0.028634%
Kernel CPU:0.00000059%
0.013761%
User CPU:0.00000306%
0.014873%
Kernel CPU time:16 ms/min
100,923,805ms/min
CPU cycles:1,495/sec
17,470,203/sec
Memory
Private memory:2.1 MB
21.59 MB
Private (maximum):2.96 MB
Private (minimum):2.47 MB
Non-paged memory:2.1 MB
21.59 MB
Virtual memory:45.21 MB
140.96 MB
Virtual memory (peak):56.37 MB
169.69 MB
Working set:1.06 MB
18.61 MB
Working set (peak):5.54 MB
37.95 MB
Page faults:3,564/min
2,039/min
I/O
I/O read transfer:0 Bytes/sec
1.02 MB/min
I/O read operations:1/sec
343/min
I/O write transfer:0 Bytes/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:0 Bytes/sec
448.09 KB/min
I/O other operations:1/sec
1,671/min
Resource allocations
Threads:5
12
Handles:50
600

BehaviorsProcess properties

Integrety level:System
Platform:32-bit
Command line:C:\Windows\System32\lxefcoms.exe -service
Owner:SYSTEM
Windows Service
Service name:lxef_device
Type:Win32OwnProcess, InteractiveProcess
Parent process:services.exe (Services and Controller app by Microsoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows Vista Home Premium 100.00%

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Sony 100.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE