Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

SYSCORE.15.1.0.668 16.44%
SYSCORE.15.1.0.666 0.44%
SYSCORE.15.1.0.649 1.33%
SYSCORE.15.1.0.641 5.78%
SYSCORE.15.1.0.631 1.33%
SYSCORE.15.1.0.609 0.44%
SYSCORE.15.1.0.609 0.44%
SYSCORE.15.1.0.595 7.11%
SYSCORE.15.1.0.595 22.67%
SYSCORE.15.1.0.594 3.11%
SYSCORE.15.1.0.594 4.89%
SYSCORE.15.1.0.588 14.67%
SYSCORE.15.1.0.588 0.44%
SYSCORE.15.1.0.580 0.44%
SYSCORE.15.1.0.580 0.44%
SYSCORE.15.1.0.563 0.44%
SYSCORE.15.1.0.526 0.44%
SYSCORE.15.1.0.526 0.44%
SYSCORE.15.1.0.518 1.33%
SYSCORE.15.1.0.518 5.78%
SYSCORE.15.1.0.518 1.33%
SYSCORE.15.1.0.518 3.11%
SYSCORE.15.0.0.515 1.33%
SYSCORE.14.4.0.503 0.44%
SYSCORE.14.4.0.503 0.44%
View more

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
TraceEvent, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, SetServiceStatus, RegisterServiceCtrlHandlerW, StartServiceCtrlDispatcherW, AllocateAndInitializeSid, FreeSid, SetEntriesInAclW, RegOpenKeyW, QueryServiceStatus, OpenSCManagerW, OpenServiceW, StartServiceW, CloseServiceHandle, PrivilegeCheck, OpenThreadToken, RegOpenKeyExW, RegCloseKey, GetSecurityDescriptorDacl, GetExplicitEntriesFromAclW, GetSidSubAuthority, IsValidSid, GetSidIdentifierAuthority, OpenProcessToken, SetNamedSecurityInfoW, GetNamedSecurityInfoW, EqualSid, LookupPrivilegeValueW, AdjustTokenPrivileges, BuildTrusteeWithSidW, RegQueryValueExW, GetSidSubAuthorityCount, GetTokenInformation, CopySid, GetLengthSid, SetSecurityDescriptorDacl, AddAccessAllowedAceEx, AddAccessDeniedAceEx, InitializeAcl, InitializeSecurityDescriptor, SetServiceObjectSecurity, RegCreateKeyExW
crypt32.dll
CertCreateContext
kernel32.dll
GetFileAttributesExW, GetSystemWindowsDirectoryW, QueryDosDeviceW, GetLogicalDriveStringsW, GetVersion, OpenProcess, ReadFile, SetFilePointer, VirtualProtect, IsBadReadPtr, GetSystemDirectoryW, GetWindowsDirectoryW, GetEnvironmentVariableW, HeapAlloc, HeapFree, GetVersionExA, HeapReAlloc, RaiseException, VirtualFree, VirtualAlloc, HeapDestroy, HeapCreate, GetModuleHandleA, ExitProcess, GetModuleFileNameA, UnhandledExceptionFilter, SetUnhandledExceptionFilter, TlsFree, OutputDebugStringA, FreeEnvironmentStringsA, MultiByteToWideChar, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineA, InitializeCriticalSectionAndSpinCount, SetHandleCount, GetFileType, GetStartupInfoA, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, HeapSize, GetCPInfo, GetACP, GetOEMCP, LCMapStringA, WideCharToMultiByte, LCMapStringW, RtlUnwind, GetStringTypeA, GetStringTypeW, GetLocaleInfoA, GetSystemInfo, VirtualQuery, GetConsoleCP, GetConsoleMode, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, CreateFileA, FlushFileBuffers, LocalFree, LocalAlloc, FreeLibrary, GetProcAddress, CreateFileW, ResetEvent, Sleep, LoadLibraryA, SetLastError, GetCurrentThread, DebugBreak, GetStdHandle, WriteFile, TerminateProcess, TlsGetValue, TlsSetValue, TlsAlloc, GetCurrentThreadId, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, InterlockedCompareExchange, GetModuleHandleW, GetCurrentProcess, GetModuleFileNameW, GetVersionExW, InitializeCriticalSection, CreateThread, CloseHandle, SetEvent, CreateEventW, EnterCriticalSection, LeaveCriticalSection, WaitForSingleObject, DeviceIoControl, GetLastError, LoadLibraryW, GetCommandLineW, InterlockedExchange, FindFirstFileW, FindClose
ntdll.dll
_wcsnicmp
psapi.dll
GetMappedFileNameW, EnumProcessModules, GetModuleInformation
sfc.dll
SfcIsFileProtected

mfevtps.exe

SYSCORE by McAfee (Signed)

Remove mfevtps.exe
Version:   SYSCORE.14.4.0.457
MD5:   832ff782c16081535956403c488a9391
SHA1:   69abd0ff44a4e2a3986a23a6388d8480868efdfd
SHA256:   4d85be0dcedbaf313d15ed77fca436ce1028af2a1b9d737b5a665fbf1025718c

What is mfevtps.exe?

McAfee Process Validation Service is part of McAfee's core security products. This is a common modules that is shared between a number of McAfee progams.

Overview

mfevtps.exe runs as a service under the name McAfee Validation Trust Protection Service (mfevtp) with extensive SYSTEM privileges (full administrator access). The file is digitally signed by McAfee which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:mfevtps.exe
Publisher:McAfee, Inc.
Product name:SYSCORE
Description:McAfee Process Validation Service
Typical file path:C:\Windows\System32\mfevtps.exe
File version:SYSCORE.14.4.0.457
Size:155.11 KB (158,832 bytes)
Certificate
Issued to:McAfee
Authority (CA):VeriSign
Expiration date:Tuesday, December 31, 2013
Digital DNA
PE subsystem:Windows Console
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'mfevtp' (McAfee Validation Trust Protection Service)
  • mfevtp

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00023237%
0.028634%
Kernel CPU:0.00015036%
0.013761%
User CPU:0.00008201%
0.014873%
Kernel CPU time:8,580,055 ms/min
100,923,805ms/min
Memory
Private memory:2.68 MB
21.59 MB
Private (maximum):6.24 MB
Private (minimum):2.73 MB
Non-paged memory:2.68 MB
21.59 MB
Virtual memory:32.59 MB
140.96 MB
Virtual memory (peak):41.76 MB
169.69 MB
Working set:2.85 MB
18.61 MB
Working set (peak):13.76 MB
37.95 MB
Resource allocations
Threads:4
12
Handles:188
600

BehaviorsProcess properties

Integrety level:System
Platform:64-bit
Command line:"C:\Windows\System32\mfevtps.exe"
Owner:SYSTEM
Windows Service
Service name:mfevtp
Display name:McAfee Validation Trust Protection Service
Description:“Provides validation trust protection services”
Type:Win32OwnProcess
Parent process:services.exe (by Microsoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 39.50%
Windows 8 15.50%
Windows 8.1 8.50%
Microsoft Windows XP 5.50%
Windows 8.1 Single Language 5.00%
Windows Vista Home Premium 4.50%
Windows 8 Single Language 4.00%
Windows 7 Professional 4.00%
Windows 7 Ultimate 2.50%
Windows 8 Pro with Media Center 2.50%
Windows 8 Pro 2.50%
Windows 7 Starter 2.50%
Windows 8.1 Pro with Media Center 1.00%
Windows 7 Home Basic 1.00%
Windows Vista Ultimate 0.50%
Windows 8 Enterprise 0.50%
Windows 7 Ultimate N 0.50%

Distribution by countryDistribution by country

United States installs about 59.00% of SYSCORE.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 27.98%
ASUS 17.28%
Acer 12.76%
Sony 11.52%
Hewlett-Packard 9.88%
Toshiba 9.88%
Lenovo 5.76%
Intel 3.29%
Alienware 0.82%
GIGABYTE 0.82%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE