Should I block it?

No, this file is 100% safe to run.

Relationships

Child process
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
ControlService, InitializeSecurityDescriptor, RegCloseKey, SetSecurityDescriptorDacl, RegOpenKeyExA, RegNotifyChangeKeyValue, ConvertStringSecurityDescriptorToSecurityDescriptorA, InitializeAcl, AddAccessAllowedAce, AddAce, GetTokenInformation, GetLengthSid, GetAclInformation, CopySid, GetSecurityDescriptorDacl, GetAce, OpenProcessToken, SetServiceStatus, CreateServiceA, DeleteService, QueryServiceStatus, OpenServiceA, OpenSCManagerA, CreateProcessAsUserW, RegisterServiceCtrlHandlerExA, StartServiceCtrlDispatcherA, DuplicateTokenEx, CloseServiceHandle, IsValidSid, EqualSid, LookupAccountSidA, GetSidIdentifierAuthority, GetSidSubAuthorityCount, AdjustTokenPrivileges, GetSidSubAuthority, LookupPrivilegeValueA, AllocateAndInitializeSid, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, IsValidSecurityDescriptor, GetSecurityDescriptorLength, CryptDestroyHash, CryptAcquireContextA, CryptCreateHash, CryptGetHashParam, CryptHashData, CryptReleaseContext
iphlpapi.dll
GetNetworkParams, GetAdaptersInfo
kernel32.dll
GetSystemTimeAsFileTime, GetACP, GetLocaleInfoA, GetTickCount, GetCurrentProcessId, GetSystemWow64DirectoryA, GetDriveTypeA, GetSystemDirectoryA, GetCurrentDirectoryW, CreateFileW, GetCurrentThreadId, InterlockedDecrement, LoadLibraryA, InterlockedIncrement, GetProcAddress, GetWindowsDirectoryA, WideCharToMultiByte, InterlockedExchange, GetVersionExA, CreateDirectoryA, SetFileAttributesA, GetFileAttributesA, SetLastError, GetCurrentProcess, WTSGetActiveConsoleSessionId, FormatMessageA, CopyFileA, SetConsoleCtrlHandler, SetUnhandledExceptionFilter, GetProcessHeap, HeapFree, HeapAlloc, GetFileSize, CreateFileA, SetEndOfFile, SetFilePointer, OutputDebugStringA, InitializeCriticalSection, DeleteCriticalSection, FlushFileBuffers, ReadFile, EnterCriticalSection, LeaveCriticalSection, WriteFile, OpenMutexA, FreeLibrary, GetModuleFileNameA, SetEvent, Process32First, WaitForMultipleObjects, QueryPerformanceCounter, IsDebuggerPresent, UnhandledExceptionFilter, TerminateProcess, GetLastError, CreateToolhelp32Snapshot, ResetEvent, Sleep, CloseHandle, GetModuleHandleA, SetThreadPriority, CreateMutexA, WaitForSingleObject, OpenProcess, Process32Next, CreateEventA, InterlockedCompareExchange, GetThreadLocale, GetLogicalDriveStringsA
msvcp80.dll
DllMain
msvcr80.dll
DllMain
netapi32.dll
NetShareEnum, NetApiBufferFree
oemlibr.dll
OemLibLoadResourceDLL
ole32.dll
CoUninitialize, CoInitialize
persistr.dll
CreateCrypto, CreatePersist
psapi.dll
EnumProcesses
user32.dll
CloseDesktop, CloseWindowStation, OpenDesktopA, SetProcessWindowStation, GetUserObjectSecurity, SetUserObjectSecurity, OpenWindowStationA, wsprintfA, MessageBoxA, GetSystemMetrics
userenv.dll
DestroyEnvironmentBlock, CreateEnvironmentBlock
version.dll
GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA
wtsapi32.dll
WTSEnumerateProcessesA, WTSQuerySessionInformationA, WTSFreeMemory, WTSEnumerateSessionsA, WTSQueryUserToken

Fws.exe

Rogers Online Protection by Radialpoint (Signed)

Remove Fws.exe
Version:   9.0.58.60238
MD5:   1861535b65be2073d705bfb5c252f9a8
SHA1:   dc5c3ccc0d568a7c3cb0e0b03dcb44ed23e6c97f

Overview

fws.exe runs as a service under the name Rogers Online Protection Firewall (RP_FWS) with extensive SYSTEM privileges (full administrator access). This is typically installed with the program Rogers Online Protection published by Rogers Cable Communications Inc.. The file is digitally signed by Radialpoint which was issued by the VeriSign certificate authority (CA). This particular version is usually found on Microsoft Windows XP (5.1.2600.196608).

DetailsDetails

File name:fws.exe
Publisher:Rogers
Product name:Rogers Online Protection
Description:Radialpoint 9.0.58
Typical file path:C:\Program Files\rogers online protection\rogers online protection\fws.exe
File version:9.0.58.60238
Size:373.32 KB (382,280 bytes)
Certificate
Issued to:Radialpoint
Authority (CA):VeriSign
Effective date:Thursday, June 10, 2010
Expiration date:Wednesday, July 10, 2013
Digital DNA
PE subsystem:Windows Console
File packed:No
Code language:Microsoft Visual C++ 8.0
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
Rogers Cable Communications Inc.
  53% remove
Protect up to 3 PCs from the latest viruses and security threats.1 You can also set limits on what your children access online.

BehaviorsBehaviors

Service
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'RP_FWS' (Rogers Online Protection Firewall)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00341872%
0.028634%
Kernel CPU:0.00165943%
0.013761%
User CPU:0.00175929%
0.014873%
Kernel CPU time:797 ms/min
100,923,805ms/min
Context switches:1/sec
284/sec
Memory
Private memory:9.65 MB
21.59 MB
Private (maximum):35.21 MB
Private (minimum):3.67 MB
Non-paged memory:9.65 MB
21.59 MB
Virtual memory:69.63 MB
140.96 MB
Virtual memory (peak):109.76 MB
169.69 MB
Working set:3.7 MB
18.61 MB
Working set (peak):35.21 MB
37.95 MB
Page faults:11,047/min
2,039/min
I/O
I/O read transfer:1.48 KB/sec
1.02 MB/min
I/O read operations:1/sec
343/min
I/O write transfer:1.1 KB/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:1.1 KB/sec
448.09 KB/min
I/O other operations:14/sec
1,671/min
Resource allocations
Threads:5
12
Handles:326
600
GUI GDI count:4
103
GUI USER count:2
49

BehaviorsProcess properties

Integrety level:Undefined
Platform:32-bit
Command line:"C:\Program Files\rogers online protection\rogers online protection\fws.exe"
Owner:SYSTEM
Windows Service
Service name:RP_FWS
Display name:Rogers Online Protection Firewall
Description:“Radialpoint Firewall Service”
Type:Win32OwnProcess
Parent process:services.exe (Services and Controller app by Microsoft)

ResourcesThreads

Averages
 
Fws.exe (main module)
Total CPU:0.00026534%
0.272967%
Kernel CPU:0.00013267%
0.107585%
User CPU:0.00013267%
0.165382%
Memory:384 KB
1.16 MB
advapi32.dll (Advanced Windows 32 Base API by Microsoft)
Total CPU:0.00023218%
Kernel CPU:0.00009951%
User CPU:0.00013268%
Context switches:1/sec
Memory:620 KB

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Microsoft Windows XP 100.00%

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Compaq 100.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE