Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 4.37%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.12%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.17%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.06%
6.2.9200.16384 (win8_rtm.120725-1247) 0.81%
6.2.9200.16384 (win8_rtm.120725-1247) 0.63%
6.2.9200.16384 (win8_rtm.120725-1247) 2.13%
6.2.9200.16384 (win8_rtm.120725-1247) 13.57%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.12%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.12%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.06%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.12%
6.1.7600.16385 (win7_rtm.090713-1255) 5.81%
6.1.7600.16385 (win7_rtm.090713-1255) 6.04%
6.1.7600.16385 (win7_rtm.090713-1255) 0.23%
6.1.7600.16385 (win7_rtm.090713-1255) 7.76%
6.1.7600.16385 (win7_rtm.090713-1255) 3.62%
6.1.7600.16385 (win7_rtm.090713-1255) 30.53%
6.1.7600.16385 (win7_rtm.090713-1255) 13.97%
6.1.7600.16385 (win7_rtm.090713-1255) 0.12%
6.1.7600.16385 (win7_rtm.090713-1255) 0.06%
6.1.7600.16385 (win7_rtm.090713-1255) 0.06%
6.1.7600.16385 (win7_rtm.090713-1255) 0.17%
6.0.6000.16386 (vista_rtm.061101-2205) 1.38%
6.0.6000.16386 (vista_rtm.061101-2205) 0.46%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
UnregisterTraceGuids, SetSecurityDescriptorDacl, RegisterServiceCtrlHandlerExW, RegQueryInfoKeyW, RegEnumKeyExW, RegDeleteKeyW, ConvertStringSidToSidW, GetLengthSid, InitializeAcl, AddAccessAllowedAce, NotifyServiceStatusChangeW, QueryServiceStatus, OpenSCManagerW, OpenServiceW, CloseServiceHandle, WmiNotificationRegistrationW, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, SetServiceStatus, TraceMessage, FreeSid, AllocateAndInitializeSid, RegCloseKey, RegQueryValueExW, RegOpenKeyExW, RegSetValueExW, RegCreateKeyExW, InitializeSecurityDescriptor
api-ms-win-core-com-l1-1-0.dll
CoCreateInstance, CoTaskMemFree, StringFromIID
api-ms-win-core-delayload-l1-1-1.dll
DelayLoadFailureHook, ResolveDelayLoadedAPI
api-ms-win-core-errorhandling-l1-1-0.dll
UnhandledExceptionFilter, SetUnhandledExceptionFilter, SetLastError, GetLastError
api-ms-win-core-errorhandling-l1-1-1.dll
SetLastError, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetLastError
api-ms-win-core-file-l1-1-1.dll
FileTimeToSystemTime, CreateFileW, FileTimeToLocalFileTime
api-ms-win-core-file-l1-2-0.dll
CreateFileW, FileTimeToLocalFileTime
api-ms-win-core-file-l1-2-1.dll
FileTimeToLocalFileTime, CreateFileW
api-ms-win-core-handle-l1-1-0.dll
DuplicateHandle, CloseHandle
api-ms-win-core-heap-l1-1-0.dll
HeapAlloc, HeapFree, HeapCreate, GetProcessHeap, HeapDestroy
api-ms-win-core-heap-l1-2-0.dll
HeapCreate, HeapAlloc, HeapDestroy, GetProcessHeap, HeapFree
api-ms-win-core-heap-obsolete-l1-1-0.dll
LocalAlloc, LocalFree
api-ms-win-core-interlocked-l1-1-0.dll
InterlockedExchange, InterlockedDecrement, InterlockedCompareExchange, InterlockedIncrement
api-ms-win-core-interlocked-l1-1-1.dll
InterlockedCompareExchange, InterlockedIncrement, InterlockedDecrement, InterlockedExchange
api-ms-win-core-interlocked-l1-2-0.dll
InterlockedIncrement, InterlockedDecrement, InterlockedCompareExchange, InterlockedExchange
api-ms-win-core-io-l1-1-1.dll
DeviceIoControl
api-ms-win-core-kernel32-legacy-l1-1-0.dll
LoadLibraryW, UnregisterWait, RegisterWaitForSingleObject
api-ms-win-core-kernel32-legacy-l1-1-1.dll
UnregisterWait, RegisterWaitForSingleObject, LoadLibraryW
api-ms-win-core-libraryloader-l1-1-1.dll
FreeLibrary, GetProcAddress, DisableThreadLibraryCalls, GetModuleHandleExW
api-ms-win-core-libraryloader-l1-2-0.dll
GetProcAddress, DisableThreadLibraryCalls, FreeLibrary, GetModuleHandleExW
api-ms-win-core-processthreads-l1-1-1.dll
GetCurrentProcessId, TerminateProcess, CreateThread, GetCurrentThread, GetCurrentProcess, GetCurrentThreadId, OpenThreadToken, IsProcessorFeaturePresent
api-ms-win-core-processthreads-l1-1-2.dll
GetCurrentProcessId, GetCurrentThreadId, OpenThreadToken, CreateThread, GetCurrentProcess, TerminateProcess, GetCurrentThread
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter
api-ms-win-core-registry-l1-1-0.dll
RegOpenKeyExW, RegQueryValueExW, RegCloseKey, RegCreateKeyExW, RegGetValueW, RegDeleteKeyExW, RegQueryInfoKeyW, RegEnumKeyExW, RegSetValueExW
api-ms-win-core-rtlsupport-l1-1-0.dll
RtlCompareMemory
api-ms-win-core-rtlsupport-l1-1-1.dll
RtlCompareMemory
api-ms-win-core-rtlsupport-l1-2-0.dll
RtlCompareMemory
api-ms-win-core-string-l1-1-0.dll
MultiByteToWideChar, WideCharToMultiByte
api-ms-win-core-string-obsolete-l1-1-0.dll
lstrlenW, lstrlenA
api-ms-win-core-synch-l1-1-1.dll
DeleteCriticalSection, WaitForMultipleObjectsEx, EnterCriticalSection, ResetEvent, InitializeSRWLock, SetEvent, CreateEventW, InitializeCriticalSectionAndSpinCount, AcquireSRWLockShared, AcquireSRWLockExclusive, WaitForSingleObject, LeaveCriticalSection, ReleaseSRWLockShared, Sleep, ReleaseSRWLockExclusive
api-ms-win-core-synch-l1-2-0.dll
ReleaseSRWLockExclusive, LeaveCriticalSection, EnterCriticalSection, ReleaseSRWLockShared, CreateEventW, InitializeCriticalSectionAndSpinCount, WaitForMultipleObjectsEx, AcquireSRWLockExclusive, WaitForSingleObject, AcquireSRWLockShared, SetEvent, ResetEvent, Sleep, InitializeSRWLock, DeleteCriticalSection
api-ms-win-core-sysinfo-l1-1-1.dll
GetSystemDirectoryW, GetTickCount64, GetTickCount, GetSystemTimeAsFileTime
api-ms-win-core-sysinfo-l1-2-0.dll
GetTickCount64, GetTickCount, GetSystemDirectoryW, GetSystemTimeAsFileTime
api-ms-win-core-sysinfo-l1-2-1.dll
GetSystemTimeAsFileTime, GetSystemDirectoryW, GetTickCount, GetTickCount64
api-ms-win-core-threadpool-l1-1-1.dll
QueueUserWorkItem, WaitForThreadpoolTimerCallbacks, SetThreadpoolTimer, UnregisterWaitEx, CreateThreadpoolTimer, CloseThreadpoolTimer
api-ms-win-core-threadpool-l1-2-0.dll
CreateThreadpoolTimer, SetThreadpoolTimer, WaitForThreadpoolTimerCallbacks, CloseThreadpoolTimer
api-ms-win-core-threadpool-legacy-l1-1-0.dll
QueueUserWorkItem, UnregisterWaitEx
api-ms-win-core-timezone-l1-1-0.dll
FileTimeToSystemTime
api-ms-win-legacy-kernel32-l1-1-0.dll
RegisterWaitForSingleObject, LoadLibraryW, UnregisterWait
api-ms-win-obsolete-kernelbase-l1-1-0.dll
lstrlenW, LocalFree, LocalAlloc, lstrlenA
api-ms-win-power-setting-l1-1-0.dll
PowerSettingRegisterNotification, PowerSettingUnregisterNotification
api-ms-win-security-base-l1-1-0.dll
FreeSid, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, InitializeAcl, GetLengthSid, AddAccessAllowedAce, AllocateAndInitializeSid, GetTokenInformation
api-ms-win-security-base-l1-2-0.dll
InitializeAcl, AddAccessAllowedAce, GetLengthSid, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, AllocateAndInitializeSid, FreeSid
api-ms-win-security-lsalookup-l1-1-0.dll
LookupAccountNameLocalW
api-ms-win-security-lsalookup-l1-1-1.dll
LookupAccountNameLocalW
api-ms-win-security-sddl-l1-1-0.dll
ConvertStringSecurityDescriptorToSecurityDescriptorW, ConvertStringSidToSidW
api-ms-win-service-core-l1-1-0.dll
RegisterServiceCtrlHandlerExW, SetServiceStatus
api-ms-win-service-core-l1-1-1.dll
RegisterServiceCtrlHandlerExW, SetServiceStatus
api-ms-win-service-management-l1-1-0.dll
CloseServiceHandle, OpenSCManagerW, OpenServiceW, StartServiceW
api-ms-win-service-management-l2-1-0.dll
NotifyServiceStatusChangeW
api-ms-win-service-private-l1-1-0.dll
SubscribeServiceChangeNotifications, UnsubscribeServiceChangeNotifications
api-ms-win-service-private-l1-1-1.dll
SubscribeServiceChangeNotifications, UnsubscribeServiceChangeNotifications
api-ms-win-service-winsvc-l1-1-0.dll
QueryServiceStatus, SubscribeServiceChangeNotifications, ControlService, UnsubscribeServiceChangeNotifications
api-ms-win-service-winsvc-l1-2-0.dll
QueryServiceStatus, ControlService
bcrypt.dll
BCryptDestroyHash, BCryptFinishHash, BCryptCreateHash, BCryptGetProperty, BCryptOpenAlgorithmProvider, BCryptHashData, BCryptCloseAlgorithmProvider
cfgmgr32.dll
CM_Open_Class_Key_ExW
dhcpcsvc.dll
DhcpFreeLeaseInfo, DhcpQueryLeaseInfoEx, DhcpIsEnabled
iphlpapi.dll
ConvertInterfaceIndexToLuid, CancelMibChangeNotify2, NotifyRouteChange2, NotifyUnicastIpAddressChange, ConvertInterfaceLuidToIndex, ResolveIpNetEntry2, GetAdaptersAddresses, ConvertInterfaceLuidToNameW, ConvertInterfaceLuidToGuid, ConvertInterfaceGuidToLuid, ConvertInterfaceLuidToAlias, GetAdaptersInfo, GetUnicastIpAddressEntry, GetIfTable2Ex, GetIpInterfaceTable, FreeMibTable, NotifyIpInterfaceChange
kernel32.dll
LoadLibraryExA, FreeLibrary, GetProcAddress, DelayLoadFailureHook, QueueUserWorkItem, GetTickCount64, WaitForMultipleObjects, CreateThread, ResetEvent, LocalAlloc, LocalFree, UnregisterWaitEx, InitializeCriticalSectionAndSpinCount, QueryPerformanceCounter, SetLastError, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, GetTickCount, GetLastError, CreateTimerQueueTimer, DeleteTimerQueueTimer, ChangeTimerQueueTimer, CreateTimerQueue, CreateEventW, WaitForSingleObject, Sleep, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, LoadLibraryW, MultiByteToWideChar, WideCharToMultiByte, lstrlenA, DeviceIoControl, lstrlenW, HeapFree, HeapDestroy, HeapCreate, GetProcessHeap, DisableThreadLibraryCalls, RegisterWaitForSingleObject, InterlockedDecrement, SetEvent, InterlockedCompareExchange, InterlockedIncrement, CloseHandle, UnregisterWait, DeleteTimerQueueEx, InterlockedExchange, HeapAlloc
msvcrt.dll
DllMain
ncsi.dll
NcsiUpdateClientPresence, NcsiNotifySessionChange, NcsiDeregisterConnectivityStatusChange, NcsiAllocateAndGetConnectivityStatusSet, NcsiFreeConnectivityStatusSet, NcsiRegisterConnectivityStatusChange, NcsiPerformRefresh
netapi32.dll
DsGetDcNameW, NetGetJoinInformation, NetApiBufferFree
nsi.dll
NsiAllocateAndGetTable, NsiSetAllParameters, NsiGetAllParameters, NsiGetParameter, NsiFreeTable
ntdll.dll
EtwGetTraceEnableLevel, EtwGetTraceEnableFlags, EtwEventUnregister, EtwEventRegister, RtlGUIDFromString, RtlInitUnicodeString, RtlUpcaseUnicodeChar, EtwEventEnabled, RtlCompareMemory, RtlAnsiStringToUnicodeString, RtlInitAnsiString, RtlNtStatusToDosError, NtOpenFile, EtwEventActivityIdControl, EtwEventWriteTransfer, RtlIpv6AddressToStringExW, RtlIpv4AddressToStringExW, EtwRegisterTraceGuidsW, EtwUnregisterTraceGuids, RtlCopyUnicodeString, RtlCopySid, RtlDeleteSecurityObject, RtlLengthSid, RtlSetSaclSecurityDescriptor, RtlSetDaclSecurityDescriptor, RtlSetGroupSecurityDescriptor, RtlSetOwnerSecurityDescriptor, RtlCreateSecurityDescriptor, RtlAddAce, RtlCreateAcl, NtClose, RtlNewSecurityObject, NtOpenProcessToken, NtAccessCheckAndAuditAlarm, RtlAdjustPrivilege, EtwTraceMessage, RtlEqualUnicodeString, EtwEventWrite, RtlFreeUnicodeString, EtwGetTraceLoggerHandle, RtlStringFromGUID
rpcrt4.dll
RpcAsyncCompleteCall, RpcSsContextLockExclusive, RpcServerInqDefaultPrincNameW, RpcServerRegisterAuthInfoW, RpcServerUseProtseqEpW, RpcImpersonateClient, RpcServerRegisterIfEx, RpcServerListen, RpcBindingInqAuthClientW, RpcServerUnregisterIfEx, NdrServerCall2, NdrAsyncServerCall, RpcRevertToSelf, RpcStringFreeW, RpcServerUseProtseqW, I_RpcBindingInqTransportType, RpcServerInqBindings, RpcServerRegisterIf3, RpcEpRegisterW, RpcBindingVectorFree, RpcServerInqCallAttributesW
wevtapi.dll
EvtSubscribe, EvtClose, EvtOpenSession
winhttp.dll
WinHttpCrackUrl
winnsi.dll
NsiRpcRegisterChangeNotification, NsiRpcDeregisterChangeNotification, NsiConnectToServer, NsiDisconnectFromServer
ws2_32.dll
WSAAddressToStringW, getaddrinfo, getnameinfo, freeaddrinfo
Export table
ServiceMain
SvchostPushServiceGlobals

nlasvc.dll

Network Location Awareness 2 by Microsoft

Remove nlasvc.dll
Version:   6.1.7600.16385 (win7_rtm.090713-1255)
MD5:   374071043f9e4231ee43be2bb48dd36d
SHA1:   2454a7d3af4cab1ef127ef1f4475462169814315
SHA256:   c4fa3fc40cc49dbbb91901d14210a55d3831fac9f9b3ff45fca7f5cf242c9e92
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is nlasvc.dll?

The Network Location Awareness service provider, commonly referred to as NLA, enables Windows Sockets 2 applications to identify the logical network to which a Windows computer is attached. In addition, NLA enables Windows Sockets applications to identify to which physical network interface a given application has saved specific information.

About nlasvc.dll (from Microsoft)

Personal computers running Microsoft Windows often have numerous network connections, such as multiple network interface cards (NIC) connected to different networks, or a physical network connection a

DetailsDetails

File name:nlasvc.dll
Publisher:Microsoft Corporation
Product name:Network Location Awareness 2
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\nlasvc.dll
Original name:nlasvc.dll.mui
File version:6.1.7600.16385 (win7_rtm.090713-1255)
Product version:6.1.7600.16385
Size:236.5 KB (242,176 bytes)
Digital DNA
PE subsystem:Windows Console
File packed:No
Code language:Microsoft Visual C# / Basic .NET
.NET CLR:Yes
.NET NGENed:No
More details

BehaviorsBehaviors

Hosted services
Runs as a shared service under the Windows svcHost
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'
  • Shared name is 'NlaSvc'

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 32.50%
Windows 8.1 16.00%
Windows 7 Ultimate 13.00%
Windows 8.1 Pro 8.50%
Windows 7 Professional 6.00%
Windows 8 5.00%
Windows 8.1 Single Language 3.00%
Windows 8 Pro 3.00%
Windows 8 Single Language 2.50%
Windows 8.1 Pro with Media Center 2.00%
Windows Vista Home Premium 2.00%
Windows 7 Home Basic 1.50%
Windows 8 Enterprise N 1.00%
Windows 8 Enterprise 1.00%
Windows 8.1 N 0.50%
Windows Seven Black Edition 0.50%
Windows 8.1 Enterprise Evaluation 0.50%
Windows 7 Starter 0.50%
Windows 8.1 Pro Preview 0.50%
Windows Vista Home Basic 0.50%

Distribution by countryDistribution by country

United States installs about 46.00% of Network Location Awareness 2.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 20.39%
Hewlett-Packard 16.08%
ASUS 14.90%
Acer 12.16%
Toshiba 11.76%
Lenovo 9.41%
Sony 5.49%
Intel 2.35%
GIGABYTE 2.35%
Alienware 1.57%
Samsung 1.57%
Medion 1.57%
Sahara 0.39%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE