Should I block it?

No, this file is 100% safe to run.

Relationships


PE structurePE file structure

Show functions
Import table
cfgmgr32.dll
CM_Open_Class_Key_ExW
firewallapi.dll
FwChangeSourceShutdown, FwChangeSourceInitialize, FwAlloc, FwFree, FwVerifyNoHeapLeaks, FwChangeSourceSignalStart, FwSddlStringVerify, FWVerifyMainModeRuleQuery, FwMMRuleVerify, FWVerifyCryptoSetQuery, FWVerifyCryptoSet, FWVerifyAuthenticationSetQuery, FwSetSet, FwDeleteSet, FWVerifyAuthenticationSet, FWVerifyConnectionSecurityRuleQuery, FwCSRuleVerify, FwSetRule, FwVerifyWFRuleSemantics, FwDeleteRule, FWVerifyFirewallRuleQuery, FwDeleteAllRules, FwDeleteAllSets, FwReduceObjectsToVersion, FWResolveGPONames, FwCreateLocalTempStore, FwGetGlobalConfigFromLocalTempStore, FwSetGlobalConfig, FwSetConfig, FwDestroyLocalTempStore, FwAddRule, FwAddSet, FwIPV4RangeContainsMulticast, FwIPV6RangeContainsMulticast, FwDoNothingOnObject, FwCopyWFAddressesContents, Isv4Orv6AddressesEmpty, FwEmptyWFAddresses, FwPortsToBstr, FwGetAddressesAsString, IsRuleOldGlobalOpenPort, IsRuleOldAuthApp, LoadGPExtensionDll, FWGPLock, FWGPUnlock, FwChangeSourceSignal, FwSetResolveFlags, FwCopyCSRule, FwCopyMMRule, FwCopyAuthSet, FwCopyCryptoSet, FwMigrateLegacyAuthenticatedBypassSddl, FwCopyRule, FwRuleResolveFlags, FwGetConfig, FwGetGlobalConfig, FwOpenPolicyStore, FwClosePolicyStore, FwEnumRules, FwEnumSets, FwFreeRules, FwFreeSets, FwAddrChangeSourceInitialize, FwAddrChangeSourceSignal, FwAllocCheckSize, FwAddrChangeSourceShutdown, IsAddressesEmpty, FwCopyLUID, FwSetMemLeakPolicy
fwpuclnt.dll
IkeextSaDeleteById0, IkeextSaDestroyEnumHandle0, FwpmEngineOpen0, IPsecSaContextCreateEnumHandle0, IPsecSaContextEnum0, IPsecSaContextDeleteById0, FwpmFreeMemory0, IPsecSaContextDestroyEnumHandle0, FwpmEngineClose0, IkeextSaEnum0, IkeextSaCreateEnumHandle0, FwpmNetEventDestroyEnumHandle0, FwpmNetEventEnum1, FwpmIPsecTunnelAddConditions0, FwpmIPsecTunnelDeleteByKey0, FwpmProviderContextDeleteByKey0, FwpmTransactionCommit0, FwpmIPsecTunnelAdd1, FwpmTransactionAbort0, FwpmNetEventCreateEnumHandle0, FwpmFilterDeleteByKey0, FwpmFilterDeleteById0, FwpmProviderContextDeleteById0, FwpmCalloutAdd0, FwpmTransactionBegin0, FwpmFilterAdd0, FwpmSubLayerAdd0, FwpmProviderAdd0, FwpmProviderContextAdd0
kernel32.dll
ExpandEnvironmentStringsW, SetLastError, LoadLibraryExW, GetLongPathNameW, CreateDirectoryW, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, OutputDebugStringA, InterlockedExchange, CreateEventA, CreateWaitableTimerA, QueueUserAPC, SetWaitableTimer, WideCharToMultiByte, MultiByteToWideChar, QueueUserWorkItem, DelayLoadFailureHook, GetProcAddress, GetLastError, FreeLibrary, InterlockedCompareExchange, LoadLibraryExA, CloseHandle, CreateMutexW, CreateEventW, ReleaseMutex, WaitForSingleObject, SetEvent, WaitForMultipleObjects, GetCurrentThreadId, UnregisterWait, UnregisterWaitEx, CreateThread, RegisterWaitForSingleObject, EnterCriticalSection, LeaveCriticalSection, InterlockedIncrement, InterlockedDecrement, Sleep, ResetEvent, WaitForSingleObjectEx, CancelIo, DeviceIoControl, CreateFileW, LocalFree, lstrcmpiW, UnmapViewOfFile, MapViewOfFile, CreateFileMappingW, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, CreateTimerQueue, InitializeCriticalSection, CloseThreadpoolIo, WaitForThreadpoolIoCallbacks, FileTimeToSystemTime, FileTimeToLocalFileTime, CancelThreadpoolIo, WriteFile, StartThreadpoolIo, GetFileType, lstrlenA, HeapAlloc, GetProcessHeap, SetEndOfFile, SetFilePointerEx, CopyFileW, GetLocalTime, HeapFree, DeleteTimerQueueTimer, TerminateThread, DeleteTimerQueueEx, CreateThreadpoolIo, GetFileSize, CreateTimerQueueTimer, GetVersionExW, CompareStringOrdinal, QueryDosDeviceW, GetLogicalDriveStringsW, DuplicateHandle, GetCurrentProcess, TerminateProcess, LocalAlloc, ResumeThread, LoadLibraryW, lstrlenW, CompareStringW, GetCurrentThread, GetModuleHandleW, FormatMessageW, OpenProcess
msvcrt.dll
DllMain
nsi.dll
NsiAllocateAndGetTable, NsiFreeTable
ntdll.dll
NtOpenSymbolicLinkObject, NtQuerySymbolicLinkObject, NtClose, RtlNtStatusToDosError, EtwGetTraceEnableFlags, EtwGetTraceEnableLevel, EtwGetTraceLoggerHandle, EtwRegisterTraceGuidsW, EtwUnregisterTraceGuids, EtwEventUnregister, EtwEventRegister, EtwTraceMessage, EtwEventWrite, RtlIpv6AddressToStringA, RtlIpv4AddressToStringA, DbgPrint, NtQueryInformationProcess, EtwEventEnabled, RtlCreateServiceSid, WinSqmSetDWORD, WinSqmAddToStream, RtlInitUnicodeString
rpcrt4.dll
RpcServerRegisterIfEx, RpcServerUnregisterIfEx, RpcBindingVectorFree, RpcEpUnregister, RpcStringFreeW, RpcServerRegisterAuthInfoW, RpcServerInqDefaultPrincNameW, RpcEpRegisterW, RpcServerInqBindings, NdrServerCall2, RpcServerUseProtseqW, RpcBindingInqAuthClientW, RpcStringBindingParseW, RpcBindingToStringBindingW, I_RpcBindingIsClientLocal, I_RpcBindingInqLocalClientPID, RpcRevertToSelf, RpcImpersonateClient, UuidCreate
Export table
ServiceMain
SvchostPushServiceGlobals

mpssvc.dll

Servicio de protección de Microsoft (MPS) by Microsoft

Remove mpssvc.dll
Version:   6.1.7264.0 (win7_rtm.090622-1900)
MD5:   a5f07bb8a1f92da6e067ab659cd35a31
SHA1:   294331200e5a05d86083a67c0e21c710d815a1f2
This is a Windows system installed file with Windows File Protection (WFP) enabled.

Overview

mpssvc.dll is loaded as dynamic link library that runs in the context of a process. This version is designed to run on Windows 7.

DetailsDetails

File name:mpssvc.dll
Publisher:Microsoft Corporation
Product name:Servicio de protección de Microsoft (MPS)
Description:Sistema operativo Microsoft® Windows®
Typical file path:C:\Windows\System32\mpssvc.dll
Original name:mpssvc.dll.mui
File version:6.1.7264.0 (win7_rtm.090622-1900)
Product version:6.1.7264.0
Size:552.5 KB (565,760 bytes)
Build date:7/11/2009 12:54 AM
Digital DNA
PE subsystem:Windows Console
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Hosted service
Runs as a shared service under the Windows svcHost
  • Shared name is 'MpsSvc'

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 100.00%

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 100.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE