sysmain.dll
Superfetch Service Host by Microsoft
| Version: | 6.3.9600.16384 (winblue_rtm.130821-1623) | 
| MD5: | 3da26652b12e9ab43fd04976ac6dfd33 | 
| SHA1: | 56395db35625d99463c8aea23d0b1eefbeeb692e | 
This is a Windows system installed file with Windows File Protection (WFP) enabled.
What is sysmain.dll?
SuperFetch is a technology that pre-loads commonly used applications into memory to reduce their load times. SuperFetch attempts to load commonly used libraries and application components into memory before they are required. It does so by continually analyzing application behavior and usage patterns.
Overview
sysmain.dll is loaded as dynamic link library that runs in the context of a process. It configures an autoplay handler withing explorer.exe named MSCreateRdbCache that will launch the program automatically. .
 Details
Details
| File name: | sysmain.dll | 
| Publisher: | Microsoft Corporation | 
| Product name: | Superfetch Service Host | 
| Description: | Microsoft® Windows® Operating System | 
| Typical file path: | C:\Windows\System32\sysmain.dll | 
| Original name: | sysmain.dll.mui | 
| File version: | 6.3.9600.16384 (winblue_rtm.130821-1623) | 
| Product version: | 6.3.9600.16384 | 
| Size: | 1.14 MB (1,192,448 bytes) | 
| Build date: | 2/22/2014 2:46 AM | 
| Digital DNA | 
| PE subsystem: | Windows GUI | 
| Entropy: | 6.277687 | 
| File packed: | No | 
| Code language: | Microsoft Visual C++ | 
| .NET CLR: | No | 
More details
 Behaviors
Behaviors
Autoplay handlers
Runs under the registry key 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers'
- Handler name 'MSCreateRdbCache'
Hosted services
Runs as a shared service under the Windows svcHost
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
- Shared name is 'SysMain'
Scheduled tasks
- The task 'WsSwapAssessmentTask' runs in the path '\Microsoft\Windows\Sysmain\WsSwapAssessmentTask'
- Entry path '\Microsoft\Windows\Sysmain\WsSwapAssessmentTask'
 Distribution by Windows OS
Distribution by Windows OS
| OS version | distribution | 
| Windows 7 Home Premium | 38.50% |  | 
| Windows 7 Ultimate | 15.00% |  | 
| Windows 8.1 | 15.00% |  | 
| Windows 8.1 Pro | 9.50% |  | 
| Windows 7 Professional | 9.00% |  | 
| Windows 8.1 Single Language | 4.00% |  | 
| Windows 8.1 Pro with Media Center | 1.50% |  | 
| Windows 8 Enterprise N | 1.50% |  | 
| Windows 8 Single Language | 1.50% |  | 
| Windows 8.1 N | 1.00% |  | 
| Windows Seven Black Edition | 1.00% |  | 
| Windows 7 Home Basic | 1.00% |  | 
| Windows 8.1 Enterprise Evaluation | 1.00% |  | 
| Windows Vista Home Premium | 0.50% |  | 
 Distribution by country
Distribution by country
United States installs about 54.50% of Superfetch Service Host.
 Distribution by PC manufacturer
Distribution by PC manufacturer
| PC Manufacturer | distribution | 
| Dell | 26.22% |  | 
| Hewlett-Packard | 16.48% |  | 
| ASUS | 16.48% |  | 
| Toshiba | 11.24% |  | 
| Acer | 10.49% |  | 
| Sony | 6.74% |  | 
| Lenovo | 5.24% |  | 
| Intel | 2.25% |  | 
| Alienware | 1.87% |  | 
| Samsung | 1.50% |  | 
| GIGABYTE | 1.50% |  |