Windows Security Tutorials - Herong's Tutorial Examples - Version 3.00, by Dr. Herong Yang
Windows 7: Forefront Exploring Winsock Services
This section provides a tutorial example on how to use Forefront Software Explorer tool to review all Winsock services and their providers on Windows 7 system.
The Software Explorer tool provided by Forefront Client Security can also be used to exam Winsock service drivers and their provider information.
1. Run Forefront Client Security.
2. Click the "Tools" menu, then the "Software Explorer" link You will see a list of startup programs by default.
3. Select "Winsock Service Providers" in "Category". You will see a list of Winsock service drivers that are used to establish network connections for Internet protocols.
4. Locate and click "Tcpip". You will see detailed information about this "Tcpip" driver:
File Name: mswsock.dll Display Name: Tcpip Description: Microsoft Windows Sockets 2.0 Service Provider Publisher: Microsoft Corporation Digitally Signed By: Microsoft Windows Verification PCA File Path: C:\Windows\System32\mswsock.dll File Size: 231424 File Version: 6.1.7600.16385 (win7.rtm.090713-1255) ...
5. Review all other programs in the list and make sure that all providers are known and trusted companies.
The picture below shows you Forefront Software Explorer displaying detailed information of a Winsock service provider on Windows 7 system:
Last update: 2013.
Table of Contents