NET framework assembly utilizing the CLR. In addition, it is run under the context of the SYSTEM account with extensive privileges (the administrator accounts have the same privileges). It is started as a Windows Service called 'Windows Licensing Monitoring Service' with the name 'WLMS' and described as “This service monitors the Windows software license state.”. There are 2 versions of wlms.exe in the wild, the latest version being. mdres.exe (Windows Memory Diagnostic by Microsoft).f12tools.dll (Internet Explorer by Microsoft).actioncenter.dll (Action Center by Microsoft).integratedoffice.exe (Microsoft Office by Microsoft Corporation).
certprop.dll (Microsoft Smartcard Certificate Propagation Service by Microsoft).gpsvc.dll (Group Policy Client by Microsoft).scardsvr.dll (Smart Card Resource Management Server by Microsoft).chsime.exe (Microsoft IME by Microsoft).mstore.exe (Microsoft Clip Organizer by Microsoft Corporation).filemanager.exe (OneDrive by Microsoft Corporation).emet_agent.exe (Enhanced Mitigation Experience Toolkit by Microsoft Corporation).emet_gui.exe (Enhanced Mitigation Experience Toolkit by Microsoft Corporation).chtime.exe (Microsoft IME by Microsoft).korime.exe (Microsoft IME by Microsoft).iedvtool.dll (Internet Explorer by Microsoft).ipoverusbsvc.exe (Microsoft Windows Operating System by Microsoft Corporation).powershell.exe (Windows PowerShell by Microsoft).onenoteim.exe (Microsoft OneNote by Microsoft Corporation).ehexthost.exe (Media Center Extensibility Host by Microsoft).dbgsvc.exe (Debug Diagnostic Tool by Microsoft Corporation).
0 kommentar(er)
