Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 1.72%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.09%
6.3.9600.16384 (winblue_rtm.130821-1623) 2.75%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.09%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.19%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.03%
6.2.9200.16384 (win8_rtm.120725-1247) 2.59%
6.2.9200.16384 (win8_rtm.120725-1247) 15.63%
6.2.9200.16384 (win8_rtm.120725-1247) 0.53%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.12%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.09%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.03%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.06%
6.1.7600.16385 (win7_rtm.090713-1255) 3.84%
6.1.7600.16385 (win7_rtm.090713-1255) 49.92%
6.1.7600.16385 (win7_rtm.090713-1255) 11.76%
6.1.7600.16385 (win7_rtm.090713-1255) 4.77%
6.1.7600.16385 (win7_rtm.090713-1255) 0.53%
6.1.7600.16385 (win7_rtm.090713-1255) 0.03%
6.1.7600.16385 (win7_rtm.090713-1255) 0.03%
6.1.7600.16385 (win7_rtm.090713-1255) 0.16%
6.0.6000.16386 (vista_rtm.061101-2205) 0.69%
6.0.6000.16386 (vista_rtm.061101-2205) 0.25%
6.0.6000.16386 (vista_rtm.061101-2205) 3.81%
6.0.6000.16386 (vista_rtm.061101-2205) 0.28%

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
FreeSid, SetNamedSecurityInfoW, AddAccessAllowedAceEx, InitializeAcl, AllocateAndInitializeSid, OpenThreadToken, ImpersonateSelf, RegDeleteTreeW, RegDeleteKeyW, RegEnumValueW, EventRegister, EventUnregister, RegEnumValueA, UnregisterTraceGuids, GetTraceEnableLevel, GetTraceEnableFlags, GetTraceLoggerHandle, RegCloseKey, RegOpenKeyExW, RegDeleteValueW, RegCreateKeyExW, RegSetValueExW, RegQueryInfoKeyW, RegEnumKeyExW, EventWrite, EventEnabled, RevertToSelf, RegGetValueW, RegQueryValueExW, CopySid, GetLengthSid, IsValidSid, GetTokenInformation, AdjustTokenPrivileges, SetSecurityInfo, LookupAccountSidW, OpenTraceW, ProcessTrace, CloseTrace, WmiQueryAllDataW, WmiCloseBlock, WmiOpenBlock, CheckTokenMembership, ControlTraceW, EnumServicesStatusExW, RegisterIdleTask, UnregisterIdleTask, EqualSid, RegisterTraceGuidsW, TraceEvent, QueryServiceConfigW, ConvertStringSidToSidW, RegCreateKeyW, OpenSCManagerW, OpenServiceW, ControlService, QueryServiceStatus, CloseServiceHandle, LookupPrivilegeValueW, RegisterServiceCtrlHandlerExW, ConvertSidToStringSidW, RegOpenKeyW, SetServiceStatus, RegNotifyChangeKeyValue
api-ms-win-core-apiquery-l1-1-0.dll
ApiSetQueryApiSetPresence
api-ms-win-core-com-l1-1-0.dll
CoCreateInstance, CoTaskMemAlloc, CoInitializeEx, CoUninitialize, StringFromGUID2, CoTaskMemRealloc, CoTaskMemFree
api-ms-win-core-datetime-l1-1-1.dll
GetDateFormatW, GetTimeFormatW
api-ms-win-core-debug-l1-1-1.dll
OutputDebugStringA
api-ms-win-core-delayload-l1-1-1.dll
ResolveDelayLoadedAPI, DelayLoadFailureHook
api-ms-win-core-errorhandling-l1-1-0.dll
SetUnhandledExceptionFilter, RaiseException, SetLastError, GetLastError, UnhandledExceptionFilter
api-ms-win-core-errorhandling-l1-1-1.dll
RaiseException, GetLastError, UnhandledExceptionFilter, SetUnhandledExceptionFilter, SetLastError
api-ms-win-core-file-l1-1-1.dll
GetFullPathNameW, DeleteFileW, FindVolumeClose, CompareFileTime, FindNextVolumeW, GetFileSizeEx, FlushFileBuffers, SetFileAttributesW, FindNextFileW, FindClose, SetFileInformationByHandle, CreateFileW, ReadFile, QueryDosDeviceW, GetFileTime, FileTimeToLocalFileTime, WriteFile, CreateDirectoryW, FindFirstVolumeW, SetFilePointerEx, FindFirstFileW, GetFileSize, SetFilePointer, SetEndOfFile, GetTempFileNameW, GetTempPathW, GetFileInformationByHandle, GetDiskFreeSpaceExW, GetFileAttributesW, GetVolumePathNamesForVolumeNameW, FileTimeToSystemTime
api-ms-win-core-file-l1-2-0.dll
FindFirstVolumeW, FileTimeToLocalFileTime, GetFileTime, QueryDosDeviceW, FlushFileBuffers, GetVolumePathNamesForVolumeNameW, FindNextVolumeW, CompareFileTime, GetFileAttributesW, GetFullPathNameW, DeleteFileW, GetDiskFreeSpaceExW, GetFileInformationByHandle, GetTempPathW, GetFileSizeEx, GetTempFileNameW, SetEndOfFile, SetFileAttributesW, FindNextFileW, GetFileSize, SetFilePointer, FindClose, SetFileInformationByHandle, CreateFileW, ReadFile, FindFirstFileW, FindVolumeClose, SetFilePointerEx, WriteFile, CreateDirectoryW
api-ms-win-core-file-l1-2-1.dll
GetFullPathNameW, DeleteFileW, CreateDirectoryW, FindVolumeClose, GetFileSizeEx, FindNextVolumeW, GetVolumePathNamesForVolumeNameW, FlushFileBuffers, SetFileAttributesW, QueryDosDeviceW, GetFileTime, FileTimeToLocalFileTime, FindFirstVolumeW, FindNextFileW, SetEndOfFile, SetFilePointerEx, FindFirstFileExW, FindClose, WriteFile, GetFileSize, SetFilePointer, SetFileInformationByHandle, CreateFileW, ReadFile, GetFileAttributesW, CompareFileTime, FindFirstFileW
api-ms-win-core-file-l2-1-0.dll
MoveFileExW
api-ms-win-core-file-l2-1-1.dll
MoveFileExW
api-ms-win-core-handle-l1-1-0.dll
DuplicateHandle, CloseHandle
api-ms-win-core-heap-l1-1-0.dll
GetProcessHeap, HeapAlloc, HeapCreate, HeapDestroy, HeapFree
api-ms-win-core-heap-l1-2-0.dll
HeapAlloc, HeapDestroy, HeapCreate, GetProcessHeap, HeapFree
api-ms-win-core-heap-obsolete-l1-1-0.dll
LocalFree
api-ms-win-core-interlocked-l1-1-0.dll
InterlockedIncrement, InterlockedExchange, InterlockedCompareExchange
api-ms-win-core-interlocked-l1-1-1.dll
InterlockedCompareExchange, InterlockedExchange, InterlockedIncrement
api-ms-win-core-interlocked-l1-2-0.dll
InterlockedIncrement, InterlockedCompareExchange, InterlockedExchange
api-ms-win-core-io-l1-1-1.dll
DeviceIoControl, GetOverlappedResult, CancelIo
api-ms-win-core-kernel32-legacy-l1-1-0.dll
GetSystemPowerStatus, FindResourceW, LoadLibraryA, WTSGetActiveConsoleSessionId, LoadLibraryW, QueryFullProcessImageNameW
api-ms-win-core-kernel32-legacy-l1-1-1.dll
LoadLibraryW, GetSystemPowerStatus, WTSGetActiveConsoleSessionId, WaitForMultipleObjects, LoadLibraryA, FindResourceW
api-ms-win-core-libraryloader-l1-1-1.dll
LoadResource, LoadStringW, FreeLibrary, LoadLibraryExW, FindResourceExW, GetModuleHandleExW, LockResource, DisableThreadLibraryCalls, GetModuleHandleW, SizeofResource, GetModuleHandleA, GetModuleFileNameW, GetProcAddress, FreeLibraryAndExitThread
api-ms-win-core-libraryloader-l1-2-0.dll
DisableThreadLibraryCalls, LockResource, GetModuleHandleA, SizeofResource, GetProcAddress, FreeLibrary, LoadLibraryExW, GetModuleHandleExW, LoadStringW, GetModuleFileNameW, GetModuleHandleW, LoadResource, FreeLibraryAndExitThread
api-ms-win-core-localization-l1-1-1.dll
FormatMessageW, SetThreadLocale, GetThreadLocale
api-ms-win-core-localization-l1-2-0.dll
SetThreadLocale, FormatMessageW, GetThreadLocale
api-ms-win-core-memory-l1-1-1.dll
UnmapViewOfFile, CreateFileMappingW, VirtualProtect, ReadProcessMemory, VirtualFree, MapViewOfFile, VirtualAlloc
api-ms-win-core-memory-l1-1-2.dll
VirtualProtect, UnmapViewOfFile, VirtualFree, CreateFileMappingW, MapViewOfFile, VirtualAlloc
api-ms-win-core-processenvironment-l1-1-0.dll
GetEnvironmentVariableW, ExpandEnvironmentStringsW
api-ms-win-core-processenvironment-l1-1-1.dll
ExpandEnvironmentStringsW, GetEnvironmentVariableW
api-ms-win-core-processenvironment-l1-2-0.dll
ExpandEnvironmentStringsW, GetEnvironmentVariableW
api-ms-win-core-processthreads-l1-1-1.dll
OpenThreadToken, SetThreadPriority, OpenProcessToken, GetExitCodeProcess, ResumeThread, CreateProcessW, GetCurrentThreadId, GetCurrentThread, GetCurrentProcess, CreateThread, GetCurrentProcessId, IsProcessorFeaturePresent, OpenThread, OpenProcess, TerminateProcess, GetThreadPriority
api-ms-win-core-processthreads-l1-1-2.dll
OpenThread, GetThreadPriority, IsProcessorFeaturePresent, GetCurrentProcessId, GetExitCodeProcess, SetThreadPriority, TerminateProcess, GetProcessTimes, ResumeThread, OpenProcessToken, CreateProcessW, GetCurrentProcess, CreateThread, OpenProcess, GetCurrentThread, OpenThreadToken, GetCurrentThreadId
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter, QueryPerformanceFrequency
api-ms-win-core-psapi-l1-1-0.dll
K32GetProcessMemoryInfo, QueryFullProcessImageNameW
api-ms-win-core-registry-l1-1-0.dll
RegCloseKey, RegQueryInfoKeyW, RegDeleteTreeW, RegGetValueW, RegQueryValueExW, RegEnumValueW, RegCreateKeyExW, RegOpenKeyExW, RegDeleteValueW, RegNotifyChangeKeyValue, RegEnumKeyExW, RegSetValueExW, RegEnumValueA
api-ms-win-core-rtlsupport-l1-1-0.dll
RtlRaiseException, RtlCompareMemory
api-ms-win-core-string-l1-1-0.dll
WideCharToMultiByte, MultiByteToWideChar
api-ms-win-core-string-l2-1-0.dll
CharNextW
api-ms-win-core-string-obsolete-l1-1-0.dll
lstrcmpiW, lstrlenW
api-ms-win-core-synch-l1-1-1.dll
CancelWaitableTimer, SetWaitableTimer, WaitForSingleObject, CreateEventW, ResetEvent, WaitForMultipleObjectsEx, Sleep, SetEvent, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, InitializeCriticalSection, CreateWaitableTimerExW
api-ms-win-core-synch-l1-2-0.dll
WaitForSingleObject, CreateWaitableTimerExW, CancelWaitableTimer, CreateEventW, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, DeleteCriticalSection, WaitForMultipleObjectsEx, SetEvent, Sleep, ResetEvent, SetWaitableTimer, InitOnceExecuteOnce
api-ms-win-core-sysinfo-l1-1-1.dll
GetLocalTime, GetWindowsDirectoryW, SystemTimeToTzSpecificLocalTime, GetSystemTime, GetTickCount, GetSystemDirectoryW, GetTickCount64, GetSystemTimeAsFileTime, GetVersion, GetSystemWindowsDirectoryW, SystemTimeToFileTime
api-ms-win-core-sysinfo-l1-2-0.dll
GetWindowsDirectoryW, GetVersion, GetSystemTime, GetSystemDirectoryW, GetLocalTime, GetSystemWindowsDirectoryW, GetTickCount64, GetTickCount, GetSystemTimeAsFileTime
api-ms-win-core-sysinfo-l1-2-1.dll
GetTickCount64, GetLocalTime, GetSystemTime, GetSystemTimeAsFileTime, GetSystemWindowsDirectoryW, GetTickCount, GetWindowsDirectoryW, GetSystemDirectoryW
api-ms-win-core-threadpool-l1-2-0.dll
CallbackMayRunLong, SetThreadpoolTimer, CloseThreadpoolWait, WaitForThreadpoolTimerCallbacks, CreateThreadpoolTimer, WaitForThreadpoolWaitCallbacks, CloseThreadpoolTimer, SetThreadpoolWait, CreateThreadpoolWait
api-ms-win-core-timezone-l1-1-0.dll
SystemTimeToTzSpecificLocalTime, FileTimeToSystemTime, SystemTimeToFileTime
api-ms-win-eventing-classicprovider-l1-1-0.dll
RegisterTraceGuidsW, GetTraceLoggerHandle, GetTraceEnableFlags, UnregisterTraceGuids, TraceEvent, GetTraceEnableLevel
api-ms-win-eventing-consumer-l1-1-0.dll
OpenTraceW, ProcessTrace, CloseTrace
api-ms-win-eventing-controller-l1-1-0.dll
ControlTraceW
api-ms-win-eventing-provider-l1-1-0.dll
EventWrite, EventRegister, EventEnabled, EventUnregister
api-ms-win-obsolete-kernelbase-l1-1-0.dll
LocalFree, lstrcmpiW, lstrlenW
api-ms-win-security-base-l1-1-0.dll
EqualSid, CheckTokenMembership, IsValidSid, RevertToSelf, CopySid, AdjustTokenPrivileges, AllocateAndInitializeSid, InitializeAcl, GetLengthSid, AddAccessAllowedAceEx, GetTokenInformation, ImpersonateSelf, FreeSid
api-ms-win-security-base-l1-2-0.dll
InitializeAcl, ImpersonateSelf, IsValidSid, GetLengthSid, EqualSid, RevertToSelf, AddAccessAllowedAceEx, FreeSid, CopySid, GetTokenInformation, CheckTokenMembership, AllocateAndInitializeSid, AdjustTokenPrivileges, DuplicateTokenEx, ImpersonateLoggedOnUser
api-ms-win-security-sddl-l1-1-0.dll
ConvertStringSidToSidW, ConvertSidToStringSidW
api-ms-win-service-core-l1-1-0.dll
SetServiceStatus, RegisterServiceCtrlHandlerExW
api-ms-win-service-core-l1-1-1.dll
RegisterServiceCtrlHandlerExW, EnumServicesStatusExW, SetServiceStatus
api-ms-win-service-management-l1-1-0.dll
OpenServiceW, StartServiceW, OpenSCManagerW, CloseServiceHandle
api-ms-win-service-management-l2-1-0.dll
QueryServiceConfigW, ChangeServiceConfigW
api-ms-win-service-winsvc-l1-1-0.dll
QueryServiceStatus, ControlService
kernel32.dll
GetProcessHeap, GetTickCount, LoadLibraryA, ResumeThread, CreateThread, HeapAlloc, WaitForSingleObject, SetThreadLocale, LocalFree, VirtualFree, LockResource, GetModuleHandleExW, IsProcessorFeaturePresent, SetThreadPriority, GetCurrentThread, GetCurrentThreadId, GetThreadPriority, OpenProcess, SetUnhandledExceptionFilter, VirtualAlloc, TerminateProcess, HeapFree, FormatMessageW, FileTimeToSystemTime, SystemTimeToTzSpecificLocalTime, GetDateFormatW, GetTimeFormatW, FindResourceW, LoadResource, InterlockedExchange, GetVersionExA, MoveFileExW, WaitForSingleObjectEx, GetOverlappedResult, GetDiskFreeSpaceExW, GetEnvironmentVariableW, GetTempPathW, GetTempFileNameW, GetFileInformationByHandle, GetFullPathNameW, FindFirstVolumeW, GetVolumePathNamesForVolumeNameW, QueryDosDeviceW, FindNextVolumeW, FindVolumeClose, FileTimeToLocalFileTime, GetCurrentProcessId, CreateProcessW, GetExitCodeProcess, GetSystemDirectoryW, FlushFileBuffers, GetSystemTime, CompareFileTime, GetFileSizeEx, GetFileTime, SetFilePointer, SetEndOfFile, CancelWaitableTimer, SetWaitableTimer, GetTickCount64, VirtualLock, GetProcessWorkingSetSize, SetProcessWorkingSetSize, SetFilePointerEx, VirtualUnlock, DeviceIoControl, CreateWaitableTimerExW, SystemTimeToFileTime, GetSystemTimeAsFileTime, DeleteFileW, GetSystemWindowsDirectoryW, WaitForMultipleObjectsEx, HeapCreate, OpenThread, HeapDestroy, GetCurrentProcess, DuplicateHandle, GetWindowsDirectoryW, FindFirstFileW, FindNextFileW, FindClose, WriteFile, GetSystemPowerStatus, ExpandEnvironmentStringsW, GetLocalTime, InterlockedCompareExchange, MapViewOfFile, CreateFileMappingW, GetFileSize, CreateFileW, UnmapViewOfFile, ReadFile, SetFileInformationByHandle, QueryPerformanceFrequency, QueryPerformanceCounter, WTSGetActiveConsoleSessionId, WideCharToMultiByte, SetFileAttributesW, UnhandledExceptionFilter, GetThreadLocale, InitializeCriticalSection, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, CloseHandle, GetLastError, CreateEventW, DisableThreadLibraryCalls, SetEvent, Sleep, ResetEvent, InterlockedIncrement, GetModuleHandleA, GetModuleHandleW, GetProcAddress, GetFileAttributesW, GetVersion, lstrlenW, RaiseException, lstrcmpiW, LoadLibraryW, SetLastError, GetModuleFileNameW, OutputDebugStringA, LoadLibraryExW, FreeLibrary, MultiByteToWideChar, SizeofResource, CreateDirectoryW, CreateWaitableTimerW, GetDiskFreeSpaceW, WaitForMultipleObjects, InterlockedDecrement, K32GetProcessMemoryInfo, K32GetProcessImageFileNameW
msvcrt.dll
DllMain
ntdll.dll
NtReadFile, RtlCompareMemory, DbgPrintEx, WinSqmAddToStream, WinSqmSetDWORD, WinSqmEndSession, WinSqmStartSession, NtQueryValueKey, RtlRandom, RtlNtStatusToDosError, NtClose, NtQuerySystemInformation, NtSetSystemInformation, NtQueryVirtualMemory, RtlComputeCrc32, NtOpenEvent, RtlInitUnicodeString, NtQueryVolumeInformationFile, RtlCompressBuffer, RtlGetCompressionWorkSpaceSize, RtlDecompressBuffer, NtQueryInformationFile, NtOpenFile, NtDeviceIoControlFile, NtSetInformationThread, NtCreateFile, RtlUpcaseUnicodeString, NtQueryObject, NtOpenKey, RtlGetVersion, NtSetInformationFile, NtDeleteKey, NtCreateKey, DbgPrint, RtlFreeHeap, RtlDosPathNameToNtPathName_U, NtQueryDirectoryFile, RtlInitializeSRWLock, RtlAcquireSRWLockExclusive, RtlReleaseSRWLockShared, RtlAcquireSRWLockShared, RtlReleaseSRWLockExclusive, NtPowerInformation, NtQueryInformationThread, WinSqmIsOptedIn, RtlFillMemoryUlong, RtlUpcaseUnicodeChar, RtlImageRvaToVa, RtlImageDirectoryEntryToData, RtlImageNtHeader, DbgBreakPoint, WinSqmEventWrite, WinSqmEventEnabled, NtSetInformationProcess, RtlClearBits, RtlFindClearBitsAndSet, RtlInitializeBitMap, RtlRaiseException, RtlAreBitsClear, NtQueryInformationProcess, RtlQueryPackageIdentity, NtQueryInformationToken, RtlCompareUnicodeString, NtDeleteWnfStateName, NtCreateWnfStateName, RtlRandomEx, WinSqmAddToStreamEx, NtEnumerateValueKey, RtlDecompressBufferEx, RtlFillMemoryUlonglong, RtlPublishWnfStateData, RtlSetAllBits, RtlSetBits, RtlNumberOfSetBits, RtlAreBitsSet, ZwFreeVirtualMemory, RtlClearAllBits, RtlInterlockedSetBitRun, RtlTestBit, RtlFindSetBits, ZwAllocateVirtualMemory, RtlQueryWnfStateData, NtSetInformationVirtualMemory
ole32.dll
CoInitialize, CoUninitialize, StringFromGUID2, ReleaseStgMedium, CoCreateInstance, CoTaskMemFree, CoTaskMemRealloc, CoTaskMemAlloc
rpcrt4.dll
RpcBindingVectorFree, RpcServerUnregisterIfEx, RpcEpUnregister, RpcRevertToSelf, RpcImpersonateClient, RpcStringFreeW, RpcStringBindingParseW, RpcBindingToStringBindingW, RpcEpRegisterW, RpcServerUseProtseqEpW, RpcServerInqBindings, RpcServerRegisterIfEx, NdrServerCall2, NdrClientCall2, RpcBindingFree, RpcBindingSetAuthInfoExW, RpcServerInqDefaultPrincNameW, RpcBindingFromStringBindingW, RpcStringBindingComposeW, RpcServerRegisterAuthInfoW, RpcServerRegisterIf3
setupapi.dll
SetupDiDestroyDeviceInfoList, SetupDiGetDeviceInterfaceDetailW, SetupDiEnumDeviceInterfaces, SetupDiGetClassDevsW, CM_Get_DevNode_Registry_PropertyW, CM_Get_Parent, SetupDiOpenDevRegKey, SetupDiEnumDeviceInfo, SetupCloseInfFile, SetupInstallFromInfSectionW, SetupOpenInfFileW, SetupDiGetDeviceRegistryPropertyW, SetupDiSetDeviceRegistryPropertyW
shell32.dll
ShellExecuteW, DragQueryFileW, SHChangeNotify
shlwapi.dll
SHCreateThreadRef
user32.dll
GetWindowLongW, LoadStringW, EnableWindow, ShowWindow, GetDlgItem, EnumChildWindows, CharNextW, SetWindowLongW, SetDlgItemTextW, GetClientRect, MessageBoxW, DialogBoxParamW, DestroyIcon, SetWindowPos, SendDlgItemMessageW, InvalidateRect, GetDlgItemInt, SendMessageW, GetParent, SetDlgItemInt, PostMessageW, RegisterClipboardFormatW, EndDialog, LoadImageW, KillTimer, DispatchMessageW, TranslateMessage, GetMessageW, SetTimer, UnregisterDeviceNotification, RegisterDeviceNotificationW, UnregisterClassA
wtsapi32.dll
WTSQuerySessionInformationW, WTSQueryUserToken, WTSEnumerateSessionsW, WTSFreeMemory
Export table
AgGlLoad
AgPdLoad
AgTwLoad
CloseReadyBoostPerfData
CollectReadyBoostPerfData
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProviderClassID
MI_Main
OpenReadyBoostPerfData
PfSvSysprepCleanup
PfSvUnattendCallback
PfSvWsSwapAssessmentTask
RDBMgmtLaunchPropertiesW
SysMtServiceMain

sysmain.dll

Superfetch Service Host by Microsoft

Remove sysmain.dll
Version:   6.1.7600.16385 (win7_rtm.090713-1255)
MD5:   3c1284516a62078fb68f768de4f1a7be
SHA1:   70113ace0803b2a39fa2b3941789c199aae10f68
SHA256:   67ecd462335ef88773e4baeab230a68ec92a25f8cd8f115873f669205ae6a1a9
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is sysmain.dll?

SuperFetch is a technology that pre-loads commonly used applications into memory to reduce their load times. SuperFetch attempts to load commonly used libraries and application components into memory before they are required. It does so by continually analyzing application behavior and usage patterns.

Overview

sysmain.dll is loaded as dynamic link library that runs in the context of a process. It configures an autoplay handler withing explorer.exe named MSCreateRdbCache that will launch the program automatically. This version is designed to run on Windows 7.

DetailsDetails

File name:sysmain.dll
Publisher:Microsoft Corporation
Product name:Superfetch Service Host
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\sysmain.dll
Original name:sysmain.dll.mui
File version:6.1.7600.16385 (win7_rtm.090713-1255)
Product version:6.1.7600.16385
Size:1.7 MB (1,780,736 bytes)
Digital DNA
PE subsystem:Windows GUI
Entropy:6.277687
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Autoplay handlers
Runs under the registry key 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers'
  • Handler name 'MSCreateRdbCache'
Hosted services
Runs as a shared service under the Windows svcHost
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
  • Shared name is 'SysMain'
Scheduled tasks
  • The task 'WsSwapAssessmentTask' runs in the path '\Microsoft\Windows\Sysmain\WsSwapAssessmentTask'
  • Entry path '\Microsoft\Windows\Sysmain\WsSwapAssessmentTask'

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 38.50%
Windows 7 Ultimate 15.00%
Windows 8.1 15.00%
Windows 8.1 Pro 9.50%
Windows 7 Professional 9.00%
Windows 8.1 Single Language 4.00%
Windows 8.1 Pro with Media Center 1.50%
Windows 8 Enterprise N 1.50%
Windows 8 Single Language 1.50%
Windows 8.1 N 1.00%
Windows Seven Black Edition 1.00%
Windows 7 Home Basic 1.00%
Windows 8.1 Enterprise Evaluation 1.00%
Windows Vista Home Premium 0.50%

Distribution by countryDistribution by country

United States installs about 54.50% of Superfetch Service Host.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 26.22%
Hewlett-Packard 16.48%
ASUS 16.48%
Toshiba 11.24%
Acer 10.49%
Sony 6.74%
Lenovo 5.24%
Intel 2.25%
Alienware 1.87%
Samsung 1.50%
GIGABYTE 1.50%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE