Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 4.39%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.12%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.23%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.06%
6.2.9200.16384 (win8_rtm.120725-1247) 1.04%
6.2.9200.16384 (win8_rtm.120725-1247) 0.87%
6.2.9200.16384 (win8_rtm.120725-1247) 11.85%
6.2.9200.16384 (win8_rtm.120725-1247) 1.91%
6.2.9200.16384 (win8_rtm.120725-1247) 0.81%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.12%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.12%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.06%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.12%
6.1.7600.16385 (win7_rtm.090713-1255) 38.27%
6.1.7600.16385 (win7_rtm.090713-1255) 6.01%
6.1.7600.16385 (win7_rtm.090713-1255) 0.06%
6.1.7600.16385 (win7_rtm.090713-1255) 21.39%
6.1.7600.16385 (win7_rtm.090713-1255) 3.58%
6.1.7600.16385 (win7_rtm.090713-1255) 0.06%
6.0.6001.18000 (longhorn_rtm.080118-1840) 1.21%
6.0.6001.18000 (longhorn_rtm.080118-1840) 6.82%
6.0.6001.18000 (longhorn_rtm.080118-1840) 0.46%
6.0.6000.16386 (vista_rtm.061101-2205) 0.46%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
AddAccessAllowedAce, InitializeSecurityDescriptor, InitializeAcl, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, IsValidSid, GetLengthSid, RegDeleteValueW, RegEnumValueW, RegQueryValueExW, RegQueryInfoKeyW, RegCloseKey, RegOpenKeyExW, RegCreateKeyExW, LookupAccountSidW, GetTokenInformation, AccessCheck, RegNotifyChangeKeyValue, SetSecurityDescriptorOwner, SetSecurityDescriptorGroup, SetSecurityDescriptorDacl, MakeSelfRelativeSD, IsValidSecurityDescriptor, GetSecurityDescriptorControl, GetSecurityDescriptorLength, FreeSid, QueryServiceStatus, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, AdjustTokenPrivileges, CheckTokenMembership, DuplicateTokenEx, CreateProcessAsUserW, OpenTraceW, ProcessTrace, CloseTrace, StartTraceW, EnableTrace, ControlTraceW, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetFileSecurityW, RemoveTraceCallback, OpenSCManagerW, OpenServiceW, NotifyServiceStatusChangeW, CloseServiceHandle, RegisterServiceCtrlHandlerW, EventWrite, SetServiceStatus, TraceMessage, EventRegister, EventUnregister, UnregisterTraceGuids, RegisterTraceGuidsA, AllocateAndInitializeSid, BuildSecurityDescriptorW
api-ms-win-core-apiquery-l1-1-0.dll
ApiSetQueryApiSetPresence
api-ms-win-core-debug-l1-1-1.dll
OutputDebugStringA
api-ms-win-core-delayload-l1-1-1.dll
ResolveDelayLoadedAPI, DelayLoadFailureHook
api-ms-win-core-errorhandling-l1-1-0.dll
SetUnhandledExceptionFilter, UnhandledExceptionFilter, SetLastError, GetLastError
api-ms-win-core-errorhandling-l1-1-1.dll
UnhandledExceptionFilter, GetLastError, SetUnhandledExceptionFilter, SetLastError
api-ms-win-core-file-l1-1-1.dll
FileTimeToSystemTime, WriteFile, GetLongPathNameW, CreateFileW, CreateDirectoryW, GetFileAttributesW, FileTimeToLocalFileTime, SetFilePointerEx, GetFileType, SetEndOfFile, FindClose, GetFileSize, QueryDosDeviceW, GetLogicalDriveStringsW, FindNextFileW, FindFirstFileW
api-ms-win-core-file-l1-2-0.dll
CreateFileW, FindFirstFileW, FindNextFileW, GetFileType, WriteFile, GetLogicalDriveStringsW, QueryDosDeviceW, GetFileSize, CreateDirectoryW, SetEndOfFile, GetLongPathNameW, FileTimeToLocalFileTime, SetFilePointerEx, GetFileAttributesW, FindClose
api-ms-win-core-file-l1-2-1.dll
FindNextFileW, FindFirstFileW, FindClose, SetEndOfFile, QueryDosDeviceW, FileTimeToLocalFileTime, GetFileType, CreateFileW, GetFileAttributesW, GetLongPathNameW, GetFileSize, CreateDirectoryW, WriteFile, SetFilePointerEx, GetLogicalDriveStringsW
api-ms-win-core-file-l2-1-0.dll
CopyFileExW
api-ms-win-core-file-l2-1-1.dll
CopyFileExW
api-ms-win-core-handle-l1-1-0.dll
CloseHandle, DuplicateHandle
api-ms-win-core-heap-l1-1-0.dll
HeapReAlloc, GetProcessHeap, HeapFree, HeapAlloc
api-ms-win-core-heap-l1-2-0.dll
HeapAlloc, HeapReAlloc, GetProcessHeap, HeapFree
api-ms-win-core-heap-obsolete-l1-1-0.dll
LocalFree, LocalAlloc
api-ms-win-core-interlocked-l1-1-0.dll
InterlockedCompareExchange, InterlockedExchange, InterlockedIncrement, InterlockedDecrement
api-ms-win-core-interlocked-l1-1-1.dll
InterlockedCompareExchange, InterlockedDecrement, InterlockedExchange, InterlockedIncrement
api-ms-win-core-interlocked-l1-2-0.dll
InterlockedDecrement, InterlockedExchange, InterlockedIncrement, InterlockedCompareExchange
api-ms-win-core-io-l1-1-1.dll
CancelIo, DeviceIoControl
api-ms-win-core-libraryloader-l1-1-1.dll
FreeLibrary, LoadStringW, GetModuleHandleW, GetProcAddress, LoadLibraryExW
api-ms-win-core-libraryloader-l1-2-0.dll
GetProcAddress, FreeLibrary, GetModuleHandleW, LoadStringW, LoadLibraryExW
api-ms-win-core-localization-l1-1-1.dll
LoadStringByReference, FormatMessageW
api-ms-win-core-localization-l1-2-0.dll
FormatMessageW
api-ms-win-core-localization-l1-2-1.dll
FormatMessageW
api-ms-win-core-memory-l1-1-1.dll
CreateFileMappingW, MapViewOfFile, UnmapViewOfFile
api-ms-win-core-memory-l1-1-2.dll
UnmapViewOfFile, MapViewOfFile, CreateFileMappingW
api-ms-win-core-path-l1-1-0.dll
PathCchSkipRoot, PathCchCanonicalize
api-ms-win-core-processenvironment-l1-1-0.dll
ExpandEnvironmentStringsW
api-ms-win-core-processenvironment-l1-1-1.dll
ExpandEnvironmentStringsW
api-ms-win-core-processenvironment-l1-2-0.dll
ExpandEnvironmentStringsW
api-ms-win-core-processthreads-l1-1-1.dll
OpenProcess, CreateThread, TerminateThread, OpenThreadToken, GetCurrentThread, OpenProcessToken, GetCurrentProcess, GetCurrentProcessId, GetCurrentThreadId, CreateProcessAsUserW, ResumeThread, TerminateProcess, QueueUserAPC, IsProcessorFeaturePresent
api-ms-win-core-processthreads-l1-1-2.dll
TerminateProcess, OpenProcess, GetCurrentThread, GetCurrentProcessId, GetCurrentThreadId, TerminateThread, OpenThreadToken, QueueUserAPC, ResumeThread, CreateThread, OpenProcessToken, CreateProcessAsUserW, GetCurrentProcess
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter
api-ms-win-core-registry-l1-1-0.dll
RegCloseKey, RegOpenCurrentUser, RegNotifyChangeKeyValue, RegOpenKeyExW, RegEnumValueW, RegQueryValueExW, RegSetValueExW, RegEnumKeyExW, RegQueryInfoKeyW, RegDeleteValueW, RegCreateKeyExW
api-ms-win-core-shlwapi-legacy-l1-1-0.dll
PathFindNextComponentW, PathSkipRootW, PathCanonicalizeW, PathFindFileNameW, PathIsRelativeW, PathRemoveFileSpecW, PathFileExistsW
api-ms-win-core-shlwapi-obsolete-l1-1-0.dll
SHLoadIndirectString
api-ms-win-core-string-l1-1-0.dll
MultiByteToWideChar, WideCharToMultiByte, CompareStringW, CompareStringOrdinal
api-ms-win-core-string-l2-1-0.dll
CharLowerBuffW
api-ms-win-core-string-obsolete-l1-1-0.dll
lstrcmpiW
api-ms-win-core-synch-l1-1-1.dll
ResetEvent, CreateWaitableTimerExW, DeleteCriticalSection, CreateEventA, SetWaitableTimer, InitializeCriticalSectionAndSpinCount, LeaveCriticalSection, Sleep, WaitForSingleObjectEx, InitializeCriticalSection, WaitForMultipleObjectsEx, ReleaseMutex, WaitForSingleObject, SetEvent, CreateMutexW, EnterCriticalSection, CreateEventW
api-ms-win-core-synch-l1-2-0.dll
CreateEventA, ResetEvent, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, Sleep, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, WaitForSingleObjectEx, CreateWaitableTimerExW, SetWaitableTimer, WaitForMultipleObjectsEx, CreateEventW, CreateMutexW, SetEvent, WaitForSingleObject, ReleaseMutex
api-ms-win-core-sysinfo-l1-1-1.dll
GetTickCount, GetLocalTime, GetSystemTimeAsFileTime, GetVersionExW
api-ms-win-core-sysinfo-l1-2-0.dll
GetTickCount, GetVersionExW, GetSystemTimeAsFileTime, GetLocalTime
api-ms-win-core-sysinfo-l1-2-1.dll
GetLocalTime, GetSystemTimeAsFileTime, GetTickCount, GetVersionExW
api-ms-win-core-threadpool-l1-1-1.dll
CloseThreadpoolIo, DeleteTimerQueueTimer, CreateThreadpoolTimer, CreateTimerQueueTimer, WaitForThreadpoolTimerCallbacks, CloseThreadpoolTimer, WaitForThreadpoolIoCallbacks, CreateThreadpoolIo, RegisterWaitForSingleObjectEx, QueueUserWorkItem, CancelThreadpoolIo, CreateTimerQueue, UnregisterWaitEx, SetThreadpoolTimer, DeleteTimerQueueEx, StartThreadpoolIo
api-ms-win-core-threadpool-l1-2-0.dll
SetThreadpoolTimer, StartThreadpoolIo, CancelThreadpoolIo, CloseThreadpoolTimer, CloseThreadpoolWait, SetThreadpoolWait, CreateThreadpoolWait, WaitForThreadpoolIoCallbacks, CloseThreadpoolIo, WaitForThreadpoolWaitCallbacks, CreateThreadpoolTimer, CreateThreadpoolIo, WaitForThreadpoolTimerCallbacks
api-ms-win-core-threadpool-legacy-l1-1-0.dll
CreateTimerQueue, DeleteTimerQueueEx, CreateTimerQueueTimer, DeleteTimerQueueTimer, UnregisterWaitEx, QueueUserWorkItem
api-ms-win-core-threadpool-private-l1-1-0.dll
RegisterWaitForSingleObjectEx
api-ms-win-core-timezone-l1-1-0.dll
FileTimeToSystemTime
api-ms-win-devices-config-l1-1-0.dll
CM_Open_Class_KeyW
api-ms-win-devices-config-l1-1-1.dll
CM_Open_Class_KeyW
api-ms-win-eventing-consumer-l1-1-0.dll
CloseTrace, OpenTraceW, ProcessTrace
api-ms-win-eventing-controller-l1-1-0.dll
EnableTraceEx2, StartTraceW, ControlTraceW
api-ms-win-eventing-obsolete-l1-1-0.dll
RemoveTraceCallback
api-ms-win-legacy-kernel32-l1-1-0.dll
LoadLibraryW, RegisterWaitForSingleObject, UnregisterWait, CopyFileW
api-ms-win-legacy-shlwapi-l1-1-0.dll
PathRemoveFileSpecW, PathSkipRootW, PathFindNextComponentW, PathCanonicalizeW, PathFindFileNameW, PathIsRelativeW, PathFileExistsW
api-ms-win-obsolete-kernelbase-l1-1-0.dll
LocalAlloc, LocalFree, lstrcmpiW
api-ms-win-obsolete-shlwapi-l1-1-0.dll
SHLoadIndirectString
api-ms-win-security-base-l1-1-0.dll
CheckTokenCapability, CreateWellKnownSid, IsValidSid, AddAccessAllowedAce, SetSecurityDescriptorGroup, GetLengthSid, GetSecurityDescriptorControl, InitializeSecurityDescriptor, DuplicateTokenEx, SetSecurityDescriptorDacl, GetSecurityDescriptorLength, InitializeAcl, AllocateAndInitializeSid, SetSecurityDescriptorOwner, EqualSid, IsValidSecurityDescriptor, MakeSelfRelativeSD, FreeSid, GetTokenInformation, AccessCheck, AdjustTokenPrivileges, CheckTokenMembership, SetFileSecurityW
api-ms-win-security-base-l1-2-0.dll
MakeSelfRelativeSD, FreeSid, IsValidSid, AddAccessAllowedAce, SetSecurityDescriptorOwner, AllocateAndInitializeSid, IsValidSecurityDescriptor, GetSecurityDescriptorLength, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, GetSecurityDescriptorControl, SetSecurityDescriptorGroup, GetTokenInformation, InitializeAcl, CheckTokenCapability, AdjustTokenPrivileges, CheckTokenMembership, CreateWellKnownSid, GetLengthSid, DuplicateTokenEx, AccessCheck, SetFileSecurityW, EqualSid
api-ms-win-security-grouppolicy-l1-1-0.dll
RegisterGPNotificationInternal, UnregisterGPNotificationInternal
api-ms-win-service-core-l1-1-1.dll
SetServiceStatus
api-ms-win-service-winsvc-l1-1-0.dll
RegisterServiceCtrlHandlerW
authz.dll
AuthzFreeAuditEvent, AuthziLogAuditEvent, AuthzInitializeResourceManager, AuthzFreeResourceManager
bcrypt.dll
BCryptGetFipsAlgorithmMode
cfgmgr32.dll
CM_Open_Class_Key_ExW
crypt32.dll
CertStrToNameW
firewallapi.dll
FwChangeSourceShutdown, FwChangeSourceInitialize, FwAlloc, FwFree, FwVerifyNoHeapLeaks, FwChangeSourceSignalStart, FwSddlStringVerify, FWVerifyMainModeRuleQuery, FwMMRuleVerify, FWVerifyCryptoSetQuery, FWVerifyCryptoSet, FWVerifyAuthenticationSetQuery, FwSetSet, FwDeleteSet, FWVerifyAuthenticationSet, FWVerifyConnectionSecurityRuleQuery, FwCSRuleVerify, FwSetRule, FwVerifyWFRuleSemantics, FwDeleteRule, FWVerifyFirewallRuleQuery, FwDeleteAllRules, FwDeleteAllSets, FwReduceObjectsToVersion, FWResolveGPONames, FwCreateLocalTempStore, FwGetGlobalConfigFromLocalTempStore, FwSetGlobalConfig, FwSetConfig, FwDestroyLocalTempStore, FwAddRule, FwAddSet, FwIPV4RangeContainsMulticast, FwIPV6RangeContainsMulticast, FwDoNothingOnObject, FwCopyWFAddressesContents, Isv4Orv6AddressesEmpty, FwEmptyWFAddresses, FwPortsToBstr, FwGetAddressesAsString, IsRuleOldGlobalOpenPort, IsRuleOldAuthApp, LoadGPExtensionDll, FWGPLock, FWGPUnlock, FwChangeSourceSignal, FwSetResolveFlags, FwCopyCSRule, FwCopyMMRule, FwCopyAuthSet, FwCopyCryptoSet, FwMigrateLegacyAuthenticatedBypassSddl, FwCopyRule, FwRuleResolveFlags, FwGetConfig, FwGetGlobalConfig, FwOpenPolicyStore, FwClosePolicyStore, FwEnumRules, FwEnumSets, FwFreeRules, FwFreeSets, FwAddrChangeSourceInitialize, FwAddrChangeSourceSignal, FwAllocCheckSize, FwAddrChangeSourceShutdown, IsAddressesEmpty, FwCopyLUID, FwSetMemLeakPolicy, FwCopyPortsContents, FwGetAppBlockList, FwImageListDestroy, FwCanonizeAuthorizedApps, FwImageListHasImage, FwStringToSids, FwSidAndAttributesFree, FwOpenAppCDbPolicyStore, FWFreeFirewallRules, FwGetRule, FwBinariesFree, FwSidsToString, FwAppContainerChangeFree, FwUniteWFAddressesContents, FwRemoveDuplicateAddresses, IsEqualAddresses, FwSubtractAddresses, FwAreAllContainedInAddresses, FwFreeAddresses, FwIsV6AddrLoopback, FwCopyAuthSetListToLowerVersion, FWFreeAuthenticationSet, FwCopyAuthsetToHigherVersion, FwMergeAddresses, FwStringToAddresses, FwPortsToString, IsUnicastExplicitAddressesEmpty, FwNegateAddresses, FwReduceSetsToVersion, FwSidAndAttributesCopy, FwCopyInterfaceLuids
fwpuclnt.dll
IkeextSaDeleteById0, IkeextSaDestroyEnumHandle0, FwpmEngineOpen0, IPsecSaContextCreateEnumHandle0, IPsecSaContextEnum0, IPsecSaContextDeleteById0, FwpmFreeMemory0, IPsecSaContextDestroyEnumHandle0, FwpmEngineClose0, IkeextSaEnum0, IkeextSaCreateEnumHandle0, FwpmNetEventDestroyEnumHandle0, FwpmNetEventEnum1, FwpmIPsecTunnelAddConditions0, FwpmIPsecTunnelDeleteByKey0, FwpmProviderContextDeleteByKey0, FwpmTransactionCommit0, FwpmIPsecTunnelAdd1, FwpmTransactionAbort0, FwpmNetEventCreateEnumHandle0, FwpmFilterDeleteByKey0, FwpmFilterDeleteById0, FwpmProviderContextDeleteById0, FwpmCalloutAdd0, FwpmTransactionBegin0, FwpmFilterAdd0, FwpmSubLayerAdd0, FwpmProviderAdd0, FwpmProviderContextAdd0, FwpmIPsecTunnelAdd0, FwpmNetEventEnum2, IkeextSaEnum2, FwpmProviderContextAdd2, FwpmIPsecTunnelAdd2, FwpmEventProviderCreate0, FwpmNetEventSubscribe1, FwpmEventProviderDestroy0, FwpmNetEventUnsubscribe0, FwpmEventProviderIsNetEventTypeEnabled0, FwpmEventProviderFireNetEvent0, FwpmEngineSetOption0, FwpiExpandCriteria0, FwpiFreeCriteria0, FwpmNetEventSubscribe0, FwpmFilterCreateEnumHandle0, FwpmFilterEnum0, FwpmFilterDestroyEnumHandle0
iphlpapi.dll
GetAdaptersAddresses
kernel32.dll
ExpandEnvironmentStringsW, SetLastError, LoadLibraryExW, GetLongPathNameW, CreateDirectoryW, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, OutputDebugStringA, InterlockedExchange, CreateEventA, CreateWaitableTimerA, QueueUserAPC, SetWaitableTimer, WideCharToMultiByte, MultiByteToWideChar, QueueUserWorkItem, DelayLoadFailureHook, GetProcAddress, GetLastError, FreeLibrary, InterlockedCompareExchange, LoadLibraryExA, CloseHandle, CreateMutexW, CreateEventW, ReleaseMutex, WaitForSingleObject, SetEvent, WaitForMultipleObjects, GetCurrentThreadId, UnregisterWait, UnregisterWaitEx, CreateThread, RegisterWaitForSingleObject, EnterCriticalSection, LeaveCriticalSection, InterlockedIncrement, InterlockedDecrement, Sleep, ResetEvent, WaitForSingleObjectEx, CancelIo, DeviceIoControl, CreateFileW, LocalFree, lstrcmpiW, UnmapViewOfFile, MapViewOfFile, CreateFileMappingW, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, CreateTimerQueue, InitializeCriticalSection, CloseThreadpoolIo, WaitForThreadpoolIoCallbacks, FileTimeToSystemTime, FileTimeToLocalFileTime, CancelThreadpoolIo, WriteFile, StartThreadpoolIo, GetFileType, lstrlenA, HeapAlloc, GetProcessHeap, SetEndOfFile, SetFilePointerEx, CopyFileW, GetLocalTime, HeapFree, DeleteTimerQueueTimer, TerminateThread, DeleteTimerQueueEx, CreateThreadpoolIo, GetFileSize, CreateTimerQueueTimer, GetVersionExW, CompareStringOrdinal, QueryDosDeviceW, GetLogicalDriveStringsW, DuplicateHandle, GetCurrentProcess, TerminateProcess, LocalAlloc, ResumeThread, LoadLibraryW, lstrlenW, CompareStringW, GetCurrentThread, GetModuleHandleW, FormatMessageW, OpenProcess, BindIoCompletionCallback
kernelbase.dll
RemoveTraceCallback, lstrcmpiW, LocalFree, LocalAlloc
msvcrt.dll
DllMain
nlaapi.dll
NlaCreateTypeSet, NlaAddToTypeSet, NlaRegisterQuery, NlaGetIntranetCapability, NlaCloseQuery, NlaDeleteTypeSet
nsi.dll
NsiAllocateAndGetTable, NsiFreeTable, NsiGetParameter
ntdll.dll
NtOpenSymbolicLinkObject, NtQuerySymbolicLinkObject, NtClose, RtlNtStatusToDosError, EtwGetTraceEnableFlags, EtwGetTraceEnableLevel, EtwGetTraceLoggerHandle, EtwRegisterTraceGuidsW, EtwUnregisterTraceGuids, EtwEventUnregister, EtwEventRegister, EtwTraceMessage, EtwEventWrite, RtlIpv6AddressToStringA, RtlIpv4AddressToStringA, DbgPrint, NtQueryInformationProcess, EtwEventEnabled, RtlCreateServiceSid, WinSqmSetDWORD, WinSqmAddToStream, RtlInitUnicodeString, WinSqmEventEnabled, WinSqmEventWrite, RtlContractHashTable, RtlExpandHashTable, RtlEndEnumerationHashTable, RtlEnumerateEntryHashTable, RtlInitEnumerationHashTable, RtlGetNextEntryHashTable, RtlLookupEntryHashTable, RtlRemoveEntryHashTable, RtlInsertEntryHashTable, RtlDeleteHashTable, RtlCreateHashTable, RtlEqualSid, RtlIsCapabilitySid, RtlLengthSid, RtlCopySid, RtlPublishWnfStateData, RtlIsPackageSid, RtlAllocateHeap, RtlFreeHeap, RtlNtStatusToDosErrorNoTeb, RtlGetAppContainerSidType, RtlIsParentOfChildAppContainer
ole32.dll
CoCreateInstance, StringFromGUID2, CoCreateGuid, CoReleaseMarshalData, CoUnmarshalInterface, CreateStreamOnHGlobal, CoMarshalInterface, CoSetProxyBlanket, CoInitializeEx, CoUninitialize, GetHGlobalFromStream
rpcrt4.dll
RpcServerRegisterIfEx, RpcServerUnregisterIfEx, RpcBindingVectorFree, RpcEpUnregister, RpcStringFreeW, RpcServerRegisterAuthInfoW, RpcServerInqDefaultPrincNameW, RpcEpRegisterW, RpcServerInqBindings, NdrServerCall2, RpcServerUseProtseqW, RpcBindingInqAuthClientW, RpcStringBindingParseW, RpcBindingToStringBindingW, I_RpcBindingIsClientLocal, I_RpcBindingInqLocalClientPID, RpcRevertToSelf, RpcImpersonateClient, UuidCreate, RpcServerRegisterIf3, RpcAsyncCancelCall, I_RpcExceptionFilter, NdrAsyncServerCall, RpcAsyncInitializeHandle, NdrAsyncClientCall, NdrClientCall2, RpcBindingFromStringBindingW, RpcStringBindingComposeW, RpcAsyncCompleteCall, RpcAsyncAbortCall, RpcBindingFree, RpcBindingSetAuthInfoW
shlwapi.dll
PathFindFileNameW, PathCanonicalizeW, PathFindNextComponentW, PathSkipRootW, PathFileExistsW, PathRemoveFileSpecW, PathIsRelativeW, AssocQueryStringW, PathIsDirectoryW
user32.dll
LoadStringW, CharLowerBuffW
userenv.dll
RegisterGPNotification, UnregisterGPNotification
ws2_32.dll
WSAAddressToStringW
wtsapi32.dll
WTSQuerySessionInformationW, WTSFreeMemory
Export table
ServiceMain
SvchostPushServiceGlobals

mpssvc.dll

Microsoft Protection Service by Microsoft

Remove mpssvc.dll
Version:   6.2.8400.0 (winmain_win8rc.120518-1423)
MD5:   668172cfebbaff968a4307d583016642
SHA1:   5b6485e6279b439948a15b53921ccc513abaf5bd
SHA256:   6f887dc1f3267be8a286cfaf0059e6c6bb17e13727ee2f441584aa238b739452
This is a Windows system installed file with Windows File Protection (WFP) enabled.

About mpssvc.dll (from Microsoft)

Microsoft Active Protection Service is the online community that helps you choose how to respond to potential threats. The community also helps stop the spread of new infections. You can choose to sen

Overview

mpssvc.dll is loaded as dynamic link library that runs in the context of a process. The assembly utilizes the .NET run-time framework (which is required to be installed on the PC). This version is installed on Windows 8.

DetailsDetails

File name:mpssvc.dll
Publisher:Microsoft Corporation
Product name:Microsoft Protection Service
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\mpssvc.dll
Original name:mpssvc.dll.mui
File version:6.2.8400.0 (winmain_win8rc.120518-1423)
Product version:6.2.8400.0
Size:885 KB (906,240 bytes)
Digital DNA
PE subsystem:Windows Console
File packed:No
Code language:Microsoft Visual C# / Basic .NET
.NET CLR:Yes
.NET NGENed:No
More details

BehaviorsBehaviors

Hosted services
Runs as a shared service under the Windows svcHost
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'
  • Shared name is 'MpsSvc'

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 34.50%
Windows 8.1 18.00%
Windows 7 Ultimate 15.00%
Windows 8.1 Pro 7.50%
Windows 7 Professional 6.50%
Windows 8 3.50%
Windows 8.1 Pro with Media Center 2.50%
Windows 8.1 Single Language 2.50%
Windows 8 Pro 2.00%
Windows 8 Single Language 1.50%
Windows Vista Home Premium 1.50%
Windows 8 Enterprise N 1.00%
Windows 8 Enterprise 1.00%
Windows 8.1 N 0.50%
Windows Seven Black Edition 0.50%
Windows 8.1 Enterprise Evaluation 0.50%
Windows 7 Home Basic 0.50%
Windows 7 Starter 0.50%
Windows 8.1 Pro Preview 0.50%

Distribution by countryDistribution by country

United States installs about 50.25% of Microsoft Protection Service.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 21.37%
Hewlett-Packard 17.56%
ASUS 17.56%
Toshiba 10.69%
Lenovo 9.92%
Acer 9.54%
Sony 4.58%
Intel 2.29%
GIGABYTE 1.91%
Alienware 1.53%
Medion 1.53%
Samsung 1.15%
Sahara 0.38%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE