powershell.exe
Windows PowerShell by Microsoft
| Version: | 6.1.7600.16385 (win7_rtm.090713-1255) |
| MD5: | 92f44e405db16ac55d97e3bfe3b132fa |
| SHA1: | 04c5d2b4da9a0f3fa8a45702d4256cee42d8c48d |
This is a Windows system installed file with Windows File Protection (WFP) enabled.
Overview
powershell.exe executes as a process with the local user's privileges. It is installed with a couple of know programs including League of Legends published by Riot Games, League of Legends from Riot Games and League of Legends by Riot Games. This version is designed to run on Windows 7 and is compiled as a 64 bit program.
Details
| File name: | powershell.exe |
| Publisher: | Microsoft Corporation |
| Product name: | Windows PowerShell |
| Description: | Microsoft® Windows® Operating System |
| Typical file path: | C:\windows\syswow64\windowspowershell\v1.0\powershell.exe |
| Original name: | PowerShell.EXE.MUI |
| File version: | 6.1.7600.16385 (win7_rtm.090713-1255) |
| Product version: | 6.1.7600.16385 |
| Size: | 442 KB (452,608 bytes) |
| Build date: | 7/13/2009 4:32 PM |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following programs will install this file
League of Legends (LoL) is a multiplayer online battle arena video game developed and published by Riot Games for Microsoft Windows. Players are formed into 2 even teams of Champions, 3v3 or 5v5. League of Legends is a session-based game. Matchmaking occurs based on the average Elo ratings of each individual players, with slight proprietary adjustments. The game can currently be played in five different modes: Tutorial, Custom, Co-Op v...
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00184861% | |
| Kernel CPU: | 0.00065331% | |
| User CPU: | 0.00119530% | |
| Kernel CPU time: | 359 ms/min | |
| CPU cycles: | 669,608/sec | |
| Memory |
| Private memory: | 22 MB | |
| Private (maximum): | 25.35 MB | |
| Private (minimum): | 15.97 MB | |
| Non-paged memory: | 22 MB | |
| Virtual memory: | 181.35 MB | |
| Virtual memory (peak): | 193.23 MB | |
| Working set: | 25.21 MB | |
| Working set (peak): | 25.35 MB | |
| Page faults: | 14,405/min | |
| I/O |
| I/O read transfer: | 6.06 KB/sec | |
| I/O read operations: | 1/sec | |
| I/O write transfer: | 4.17 KB/sec | |
| I/O write operations: | 1/sec | |
| I/O other transfer: | 5.36 KB/sec | |
| I/O other operations: | 38/sec | |
| Resource allocations |
| Threads: | 12 | |
| Handles: | 464 | |
Process properties
| Integrety level: | System |
| Platform: | 64-bit |
| Command line: | powershell.exe -inputformat none -noprofile -nologo -command "& {$vpns = @('ok^'); get-wmiobject win32_systemdriver -filter \"displayname like 'tap-win%'\" | foreach-object {$vpns += 'openvpn'}; if (@([system.net.networkinformation.ipglobalproperties]::getipglobalproperties().getactivetcpconnections() | where-object {$_.remoteendpoint.port -eq 1723}).count) {$vpns += 'pptp'} if (@([system.net.networkinformation.ipglobalproperties]::getipglobalproperties().getactiveudplisteners() | where-object { |
| Owner: | User |
Threads
Averages
| ntdll.dll |
| Total CPU: | 0.00229351% | |
| Kernel CPU: | 0.00229351% | |
| User CPU: | 0.00000000% | |
| CPU cycles: | 73,656/sec | |
| Context switches: | 1/sec | |
| Memory: | 1.67 MB | |
Distribution by Windows OS
| OS version | distribution |
| Windows Seven Black Edition |
100.00% |
|
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Hewlett-Packard |
100.00% |
|
