Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

2001.12.9330.0 (winmain_win8rc.120518-1423) 0.10%
2001.12.9330.0 (winmain_win8rc.120518-1423) 0.10%
2001.12.9180.0 (winmain_win8beta.120217-1520) 0.05%
2001.12.9032.0 (winmain_win8m3.110823-1455) 0.10%
2001.12.8530.16385 (win7_rtm.090713-1255) 24.94%
2001.12.8530.16385 (win7_rtm.090713-1255) 44.16%
2001.12.8530.16385 (win7_rtm.090713-1255) 0.05%
2001.12.6930.16386 (vista_rtm.061101-2205) 6.70%
2001.12.6930.16386 (vista_rtm.061101-2205) 1.47%
2001.12.6930.16386 (vista_rtm.061101-2205) 0.44%
2001.12.10530.16384 (winblue_rtm.130821-1623) 4.79%
2001.12.10530.16384 (winblue_rtm.130821-1623) 0.10%
2001.12.10361.0 (winmain_bluemp.130615-1214) 0.34%
2001.12.10361.0 (winmain_bluemp.130615-1214) 0.05%
2001.12.10130.16384 (win8_rtm.120725-1247) 2.54%
2001.12.10130.16384 (win8_rtm.120725-1247) 14.08%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegSetValueExW, RegQueryValueExW, OpenProcessToken, GetTokenInformation, RegisterEventSourceW, ReportEventW, DeregisterEventSource, RegCloseKey, RegOpenKeyExA, RegQueryValueExA, RegOpenKeyExW
api-ms-win-core-com-l1-1-0.dll
CoInitializeEx, CoUninitialize, CoCreateInstance, StringFromGUID2, CoGetObjectContext
api-ms-win-core-debug-l1-1-1.dll
IsDebuggerPresent, DebugBreak, OutputDebugStringW
api-ms-win-core-delayload-l1-1-1.dll
DelayLoadFailureHook, ResolveDelayLoadedAPI
api-ms-win-core-errorhandling-l1-1-1.dll
GetLastError, UnhandledExceptionFilter, SetUnhandledExceptionFilter
api-ms-win-core-file-l1-2-0.dll
DeleteFileW, SetFileAttributesW, FindNextFileW, GetFullPathNameW, FindFirstFileW, CreateFileW, CreateDirectoryW, FindClose
api-ms-win-core-handle-l1-1-0.dll
CloseHandle
api-ms-win-core-heap-obsolete-l1-1-0.dll
LocalAlloc, LocalFree
api-ms-win-core-interlocked-l1-2-0.dll
InterlockedCompareExchange, InterlockedExchange
api-ms-win-core-libraryloader-l1-1-1.dll
FreeLibrary, LoadStringW, GetModuleFileNameW, LockResource, GetModuleHandleA, FindResourceExW, GetProcAddress, GetModuleHandleW, LoadLibraryExW, LoadResource
api-ms-win-core-localization-l1-2-0.dll
FormatMessageW
api-ms-win-core-processenvironment-l1-2-0.dll
GetCommandLineW, ExpandEnvironmentStringsW
api-ms-win-core-processthreads-l1-1-1.dll
GetCurrentThread, TlsFree, TlsGetValue, CreateProcessW, TlsAlloc, GetStartupInfoW, TerminateProcess, GetCurrentProcess, GetExitCodeProcess, GetCurrentThreadId, OpenProcessToken, GetThreadContext, GetCurrentProcessId
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter
api-ms-win-core-psapi-l1-1-0.dll
QueryFullProcessImageNameW
api-ms-win-core-registry-l1-1-0.dll
RegSetValueExW, RegQueryValueExA, RegQueryValueExW, RegOpenKeyExA, RegOpenKeyExW, RegCloseKey
api-ms-win-core-synch-l1-2-0.dll
LeaveCriticalSection, CreateEventA, InitializeCriticalSectionAndSpinCount, ResetEvent, WaitForSingleObjectEx, SetEvent, DeleteCriticalSection, EnterCriticalSection, WaitForSingleObject, Sleep
api-ms-win-core-sysinfo-l1-2-0.dll
GetTickCount, GetLocalTime, GetSystemWindowsDirectoryA, GetSystemTimeAsFileTime
api-ms-win-core-version-l1-1-0.dll
VerQueryValueW
api-ms-win-security-base-l1-2-0.dll
GetTokenInformation
kernel32.dll
GetCommandLineW, UnregisterWait, TlsFree, TlsAlloc, TlsGetValue, LocalAlloc, LocalFree, IsDebuggerPresent, GetCurrentThread, GetThreadContext, DebugBreak, ExpandEnvironmentStringsW, CreateDirectoryW, CreateProcessW, GetExitCodeProcess, FindFirstFileW, FindNextFileW, SetFileAttributesW, DeleteFileW, FindClose, GetModuleHandleW, FindResourceW, LoadResource, LockResource, FormatMessageW, GetModuleFileNameW, LoadLibraryExW, DeleteCriticalSection, WaitForSingleObject, LeaveCriticalSection, EnterCriticalSection, InterlockedExchange, Sleep, InterlockedCompareExchange, GetStartupInfoW, SetUnhandledExceptionFilter, GetModuleHandleA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, CreateEventA, CloseHandle, WaitForSingleObjectEx, SetEvent, ResetEvent, FreeLibrary, CreateFileW, GetProcAddress, LoadLibraryA, GetFullPathNameW, GetLastError, QueryFullProcessImageNameW, GetLocalTime, QueueUserWorkItem, OutputDebugStringW, GetSystemWindowsDirectoryA, InitializeCriticalSectionAndSpinCount, UnregisterWaitEx
msvcrt.dll
DllMain
ntdll.dll
RtlCaptureContext, RtlReportException
ole32.dll
CoGetObjectContext, StringFromGUID2, CoInitializeEx, CoCreateInstance, CoUninitialize
user32.dll
EndDialog, SetDlgItemTextW, CloseWindowStation, CloseDesktop, GetProcessWindowStation, GetThreadDesktop, OpenWindowStationW, DialogBoxParamW, OpenDesktopW, SetThreadDesktop, GetDesktopWindow, GetWindowRect, GetClientRect, MapWindowPoints, SetWindowPos, LoadStringW, SetProcessWindowStation
version.dll
VerQueryValueW

msdtc.exe

Microsoft Distributed Transaction Coordinator Service by Microsoft

Remove msdtc.exe
Version:   2001.12.6930.16386 (vista_rtm.061101-2205)
MD5:   fd7520cc3a80c5fc8c48852bb24c6ded
SHA1:   2161752d3485364a894f2561143c3b7cc9ff7c14
SHA256:   c3f3d7a07fab9af38a2a00bf0df6eee18ca8fe26277bec9d8adb793f2cd5ec1f
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is msdtc.exe?

The Distributed Transaction Coordinator (MSDTC) service is a component of modern versions of Microsoft Windows that is responsible for coordinating transactions that span multiple resource managers, such as databases, message queues, and file systems.

Overview

msdtc.exe runs as a service under the name Coordenador de transações distribuídas (MSDTC) with minimal NETWORK SERVICE privileges on the local PC and acts as the computer on the network. This version is designed to run on Windows Vista and is compiled as a 32 bit program.

DetailsDetails

File name:msdtc.exe
Publisher:Microsoft Corporation
Product name:Microsoft Distributed Transaction Coordinator Service
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\msdtc.exe
Original name:MSDTC.EXE.MUI
File version:2001.12.6930.16386 (vista_rtm.061101-2205)
Product version:6.0.6000.16386
Size:103.5 KB (105,984 bytes)
Digital DNA
PE subsystem:Windows GUI
Entropy:6.060933
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'MSDTC' (Coordenador de transações distribuídas)
  • MSDTC
  • 'MSDTC' (Distributed Transaction Coordinator)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00114217%
0.028634%
Kernel CPU:0.00072760%
0.013761%
User CPU:0.00041457%
0.014873%
Kernel CPU time:195,075 ms/min
100,923,805ms/min
CPU cycles:19,647/sec
17,470,203/sec
Memory
Private memory:3.48 MB
21.59 MB
Private (maximum):6.09 MB
Private (minimum):2.52 MB
Non-paged memory:3.48 MB
21.59 MB
Virtual memory:62.1 MB
140.96 MB
Virtual memory (peak):62.75 MB
169.69 MB
Working set:2.67 MB
18.61 MB
Working set (peak):7.25 MB
37.95 MB
Page faults:4,599/min
2,039/min
I/O
I/O read transfer:98 Bytes/sec
1.02 MB/min
I/O read operations:1/sec
343/min
I/O write transfer:304 Bytes/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:49 Bytes/sec
448.09 KB/min
I/O other operations:3/sec
1,671/min
Resource allocations
Threads:11
12
Handles:188
600

BehaviorsProcess properties

Integrety level:System
Platform:32-bit
Command line:C:\Windows\System32\msdtc.exe
Owner:NETWORK SERVICE
Windows Service
Service name:MSDTC
Display name:Coordenador de transações distribuídas
Description:“Coordena as transações que incluem vários gerenciadores de recursos, como bancos de dados, filas de mensagens e sistemas de arquivos. Se esse serviço for interrompido, essas transações falharão. Se o serviço for desabilitado, os serviços que dependerem explicitamente dele não serão inicializados.”
Type:Win32OwnProcess
Parent process:services.exe (Services and Controller app by Microsoft)

ResourcesThreads

Averages
 
msdtc.exe (main module)
Total CPU:0.00026500%
0.272967%
Kernel CPU:0.00010604%
0.107585%
User CPU:0.00015896%
0.165382%
CPU cycles:5,155/sec
5,741,424/sec
Memory:116 KB
1.16 MB
MSDTCTM.dll
Total CPU:0.00013482%
Kernel CPU:0.00007147%
User CPU:0.00006335%
CPU cycles:2,280/sec
Memory:1.05 MB
MSDTCLOG.dll
Total CPU:0.00001083%
Kernel CPU:0.00001083%
User CPU:0.00000000%
CPU cycles:269/sec
Memory:108 KB
ADVAPI32.dll
Total CPU:0.00001083%
Kernel CPU:0.00001083%
User CPU:0.00000000%
CPU cycles:101/sec
Memory:792 KB

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 32.50%
Windows 8.1 17.50%
Windows 7 Ultimate 14.00%
Windows 8.1 Pro 7.50%
Windows 8.1 Single Language 7.00%
Windows 7 Professional 6.00%
Windows 8 3.50%
Windows 8 Pro 3.00%
Windows 8 Single Language 2.50%
Windows 8.1 Pro with Media Center 2.00%
Windows 7 Home Basic 1.50%
Windows 8 Enterprise N 1.00%
Windows 8.1 N 0.50%
Windows Seven Black Edition 0.50%
Windows 8.1 Enterprise Evaluation 0.50%
Windows 8 Enterprise 0.50%

Distribution by countryDistribution by country

United States installs about 45.23% of Microsoft Distributed Transaction Coordinator Service.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 18.82%
ASUS 18.04%
Hewlett-Packard 16.86%
Acer 14.51%
Toshiba 10.98%
Lenovo 9.41%
Sony 3.92%
Intel 2.35%
Samsung 1.57%
GIGABYTE 1.57%
Alienware 1.18%
Medion 0.78%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE