Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 0.18%
6.1.7600.16385 (win7_rtm.090713-1255) 0.18%
6.0.6000.16386 (vista_rtm.061101-2205) 78.92%
6.0.6000.16386 (vista_rtm.061101-2205) 5.23%
6.0.6000.16386 (vista_rtm.061101-2205) 15.50%

Relationships

Parent processes
Child process
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
TraceEvent, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsA, UnregisterTraceGuids, RegCloseKey, RegSetValueW, RegOpenKeyExW, RegCreateKeyExW, RegSetValueExW, RegQueryValueExW, RegDeleteKeyW
kernel32.dll
FreeLibrary, LoadLibraryA, lstrlenW, GetFileAttributesW, GetFileAttributesA, GetLastError, ReleaseMutex, CloseHandle, WaitForSingleObject, CreateMutexW, GetCurrentProcess, GetModuleHandleA, ExpandEnvironmentStringsW, GetExitCodeProcess, CreateProcessW, GetModuleHandleW, HeapSetInformation, GetVersionExA, SetFileAttributesW, DeleteFileW, FindFirstFileExW, FindClose, FindNextFileW, FindFirstFileW, SetCurrentDirectoryW, GetCurrentDirectoryW, GetShortPathNameW, CreateDirectoryW, InterlockedCompareExchange, GetTickCount, QueryPerformanceCounter, SetUnhandledExceptionFilter, GetStartupInfoW, Sleep, InterlockedExchange, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, GetProcAddress, SetConsoleCtrlHandler, GetCurrentThreadId
msoert2.dll
CopyRegistry
msvcrt.dll
DllMain
ole32.dll
CoUninitialize, CoFreeAllLibraries, CoTaskMemFree, CoInitializeEx, CoCreateInstance, OleInitialize, CoFreeUnusedLibraries, CoFreeUnusedLibrariesEx, OleUninitialize
shell32.dll
SHCreateItemFromParsingName, SHGetSpecialFolderPathW, SHSetLocalizedName, SHGetSpecialFolderLocation, SHChangeNotify
shlwapi.dll
PathFindFileNameW, PathCombineW, SHRegGetPathW, SHRegGetValueA, StrStrIW, SHDeleteValueW, SHRegGetBoolUSValueA, PathRemoveBlanksW, PathRemoveFileSpecW, PathAddExtensionW, PathAppendW, StrCmpW, StrCmpNIW, SHDeleteKeyW, SHSetValueW, SHRegGetValueW, StrCmpIW, SHGetValueW
user32.dll
SetWindowsHookExA, GetGUIThreadInfo, IsChild, UnhookWindowsHookEx, GetLastActivePopup, GetPropW, GetParent, CallNextHookEx, SendMessageW, IsDialogMessageW, SetPropW, FindWindowW, GetWindowThreadProcessId, AllowSetForegroundWindow, SetForegroundWindow, SendMessageTimeoutA, MessageBoxW, LoadStringW

winmail.exe

Windows Mail by Microsoft

Remove winmail.exe
Version:   6.0.6000.16386 (vista_rtm.061101-2205)
MD5:   7e6ea9cb72b5de84a5d700bed877e5f9
SHA1:   85b6aa429350333343db149eb2198e7fc38c3e4f
SHA256:   8261b7c2a776f59baefabeeaf8e9425cb0f4d3700ef63caa7095398368ed3c6e
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is winmail.exe?

Windows Mail is an email and newsgroup client included in Windows. Windows Mail is not a component of Internet Explorer, unlike Outlook Express, which was bundled with Internet Explorer. Unlike its predecessor Outlook Express, Windows Mail does not have WebDAV, making it incapable of accessing web-based email services through WebDAV.

Overview

winmail.exe executes as a process with the local user's privileges usually within the context of Windows Explorer. This version is designed to run on Windows Vista and is compiled as a 32 bit program.

DetailsDetails

File name:winmail.exe
Publisher:Microsoft Corporation
Product name:Windows Mail
Description:Microsoft® Windows® Operating System
Typical file path:C:\Program Files\windows mail\winmail.exe
Original name:WinMail.exe.mui
File version:6.0.6000.16386 (vista_rtm.061101-2205)
Product version:6.0.6000.16386
Size:388 KB (397,312 bytes)
Digital DNA
PE subsystem:Windows GUI
Entropy:6.769864
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Shell open commands
  • snews
  • nntp
  • news
  • mailto
Network connections
  • [UDP] listens on port 53326
  • [UDP] listens on port 59345
  • [UDP] listens on port 59794

  • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.13518739%
    0.028634%
    Kernel CPU:0.10210889%
    0.013761%
    User CPU:0.03307849%
    0.014873%
    Kernel CPU time:50,769 ms/min
    100,923,805ms/min
    CPU cycles:4,301,582/sec
    17,470,203/sec
    Context switches:42/sec
    284/sec
    Memory
    Private memory:47.43 MB
    21.59 MB
    Private (maximum):68.5 MB
    Private (minimum):20.47 MB
    Non-paged memory:47.43 MB
    21.59 MB
    Virtual memory:247.53 MB
    140.96 MB
    Virtual memory (peak):280.57 MB
    169.69 MB
    Working set:48.39 MB
    18.61 MB
    Working set (peak):81.47 MB
    37.95 MB
    Page faults:1,493,385/min
    2,039/min
    I/O
    I/O read transfer:90.62 KB/sec
    1.02 MB/min
    I/O read operations:5/sec
    343/min
    I/O write transfer:87.91 KB/sec
    274.99 KB/min
    I/O write operations:4/sec
    227/min
    I/O other transfer:8.4 KB/sec
    448.09 KB/min
    I/O other operations:192/sec
    1,671/min
    Resource allocations
    Threads:17
    12
    Handles:701
    600
    GUI GDI count:392
    103
    GUI USER count:231
    49

    BehaviorsProcess properties

    Integrety level:Medium
    Platform:32-bit
    Command lines:
    • "C:\Program Files\windows mail\winmail.exe"
    • "C:\Program Files\windows mail\winmail.exe" /mailurC:"mailtC:?subject=a friend suggested this page on film annex&body=hello,%0aa friend of yours suggests you take a look at this content on film anneC:%0a%0ahttC://www.filmannex.com/%0a%0a-----------------------------------------------------------%0afilm annex privacy statemenC:%0ahttC://www.filmannex.com/filmannex%0a%0asuggestions and feedback are welcome at info@filmannex.com%0a%0afilm annex - new york, ny 10011, usa%0a20 west 20th street, suite
    Owner:User
    Parent processes:

    ResourcesThreads

    Averages
     
    WinMail.exe (main module)
    Total CPU:0.13589760%
    0.272967%
    Kernel CPU:0.10492450%
    0.107585%
    User CPU:0.03097310%
    0.165382%
    CPU cycles:3,291,369/sec
    5,741,424/sec
    Context switches:2/sec
    79/sec
    Memory:400 KB
    1.16 MB
    MSOE.DLL
    Total CPU:0.01111601%
    Kernel CPU:0.00306065%
    User CPU:0.00805536%
    CPU cycles:546,831/sec
    Memory:1.58 MB
    SHLWAPI.dll
    Total CPU:0.00913007%
    Kernel CPU:0.00339141%
    User CPU:0.00573865%
    CPU cycles:210,700/sec
    Memory:356 KB
    ntdll.dll
    Total CPU:0.00068245%
    Kernel CPU:0.00053434%
    User CPU:0.00014811%
    CPU cycles:111,207/sec
    Memory:1.16 MB
    ESENT.dll
    Total CPU:0.00067931%
    Kernel CPU:0.00064732%
    User CPU:0.00003199%
    CPU cycles:16,464/sec
    Memory:1.41 MB
    mshtml.dll (Windows Internet Explorer by Microsoft)
    Total CPU:0.00027150%
    Kernel CPU:0.00021406%
    User CPU:0.00005743%
    CPU cycles:51,136/sec
    Memory:11.79 MB
    mswsock.dll
    Total CPU:0.00018451%
    Kernel CPU:0.00014497%
    User CPU:0.00003954%
    CPU cycles:10,995/sec
    Memory:236 KB
    WINMM.dll
    Total CPU:0.00006329%
    Kernel CPU:0.00006329%
    User CPU:0.00000000%
    CPU cycles:592/sec
    Memory:200 KB
    wdmaud.drv
    Total CPU:0.00006132%
    Kernel CPU:0.00005690%
    User CPU:0.00000442%
    CPU cycles:1,224/sec
    Memory:188 KB
    WININET.dll
    Total CPU:0.00004696%
    Kernel CPU:0.00002609%
    User CPU:0.00002087%
    CPU cycles:4,852/sec
    Memory:1.11 MB
    msvcrt.dll (Windows NT CRT DLL by Microsoft)
    Total CPU:0.00000522%
    Kernel CPU:0.00000000%
    User CPU:0.00000522%
    CPU cycles:204/sec
    Memory:680 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows Vista Home Premium 71.50%
    Windows Vista Home Basic 14.00%
    Windows Vista Business 7.00%
    Windows Vista Ultimate 7.00%
    Windows 8.1 0.50%

    Distribution by countryDistribution by country

    United States installs about 77.20% of Windows Mail.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Dell 34.46%
    Hewlett-Packard 21.96%
    Toshiba 9.46%
    ASUS 9.46%
    Sony 8.78%
    Gateway 5.41%
    Acer 3.38%
    Lenovo 2.70%
    Intel 2.03%
    American Megatrends 1.35%
    Packard Bell 1.01%
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE