This is a Windows system installed file with Windows File Protection (WFP) enabled.
msdtc.exe has 58 known versions, the most recent one is 2001.12.9330.0 (winmain_win8rc.120518-1423). It is started as a Windows Service called 'Coordinador de transacciones distribuidas de Microsoft' with the name 'MSDTC' and described as “Coordina las transacciones que se extienden a varios administradores de recursos, como bases de datos, colas de mensajes y sistemas de archivos. Si se detiene este servicio, estas transacciones no se producirán. Si se deshabilita el servicio, no se podrá iniciar ningún servicio que dependa específicamente de él.”. . It is also run with NETWORK SERVICE privileges. The average file size is about 40.24 KB. During the process's lifecycle, the typical CPU resource utilization is about 0.0029% including both foreground and background operations, the average private memory consumption is about 6.34 MB with the maximum memory reaching around 9.18 MB. Addionally, typically read and write I/O disk operations is about 108 Bytes per minute for reads and 1.62 KB per minute for writes.
The Distributed Transaction Coordinator (MSDTC) service is a component of modern versions of Microsoft Windows that is responsible for coordinating transactions that span multiple resource managers, such as databases, message queues, and file systems.
(Note, the behaviors below are for all versions of msdtc.exe, select a unique version for details.)
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
United States installs about 42.61% of Microsoft Distributed Transaction Coordinator Service.
