Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 2.77%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.31%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.62%
6.2.9200.16384 (win8_rtm.120725-1247) 8.31%
6.2.9200.16384 (win8_rtm.120725-1247) 0.31%
6.1.7601.17514 (win7sp1_rtm.101119-1850) 13.23%
6.1.7601.17514 (win7sp1_rtm.101119-1850) 22.77%
6.1.7600.16385 (win7_rtm.090713-1255) 2.77%
6.1.7600.16385 (win7_rtm.090713-1255) 1.23%
6.1.7600.16385 (win7_rtm.090713-1255) 0.31%
6.0.6001.18000 (longhorn_rtm.080118-1840) 6.77%
6.0.6001.18000 (longhorn_rtm.080118-1840) 34.15%
6.0.6001.18000 (longhorn_rtm.080118-1840) 2.46%
6.0.6000.16386 (vista_rtm.061101-2205) 2.46%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.31%
5.1.2600.5512 (xpsp.080413-2111) 0.92%
5.1.2600.5512 (xpsp.080413-2111) 0.31%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegConnectRegistryW, CheckTokenMembership, CreateWellKnownSid, MakeSelfRelativeSD, MakeAbsoluteSD, BuildTrusteeWithSidW, SetNamedSecurityInfoW, SetThreadToken, CryptAcquireContextW, CryptGenRandom, CryptReleaseContext, InitiateSystemShutdownExW, ConvertSidToStringSidW, ImpersonateLoggedOnUser, CreateProcessAsUserW, RevertToSelf, RegEnumKeyExW, AllocateAndInitializeSid, SetEntriesInAclW, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, RegQueryInfoKeyW, RegSetValueExW, RegCreateKeyExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW, EventWriteEndScenario, GetSecurityDescriptorDacl, GetFileSecurityW, GetAclInformation, GetAce, RegisterEventSourceW, DeregisterEventSource, ReportEventW, IsValidSecurityDescriptor, OpenProcessToken, LsaGetUserName, LsaFreeMemory, LookupAccountSidW, DuplicateToken, DuplicateTokenEx, ControlService, OpenSCManagerW, OpenServiceW, QueryServiceStatus, StartServiceW, QueryServiceConfigW, NotifyServiceStatusChangeW, CloseServiceHandle, GetTokenInformation, EventUnregister, EventRegister, EventWrite, TraceMessage, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, SetServiceStatus, RegisterServiceCtrlHandlerW, RegQueryValueExW, RegOpenKeyExW, AccessCheckAndAuditAlarmW, OpenThreadToken, EventWriteStartScenario, EventActivityIdControl, EqualSid, QueryTraceW, EnableTrace, StartTraceW, ControlTraceW, GetSecurityDescriptorLength, SetServiceBits
icaapi.dll
IcaChannelClose, IcaStackOpen, IcaStackConnectionRequest, IcaStackConnectionClose, IcaStackConnectionWait, IcaStackConnectionAccept, IcaStackLock, IcaChannelIoControl, IcaStackTerminate, _IcaStackIoControl, IcaPushConsoleStack, IcaStackClose, IcaStackDisconnect, IcaOpen, IcaIoControl, IcaStackIoControl, IcaClose, IcaStackUnlock, IcaChannelOpen
kernel32.dll
CreateThread, VerifyVersionInfoW, VerSetConditionMask, GetModuleHandleExW, ExpandEnvironmentStringsW, ProcessIdToSessionId, GetModuleFileNameW, GetModuleHandleW, LoadLibraryExW, FindResourceW, LoadResource, SizeofResource, lstrcmpiW, lstrlenW, ResetEvent, GetCurrentThread, GetSystemTime, MultiByteToWideChar, DeviceIoControl, GetCurrentProcessId, FormatMessageW, IsDebuggerPresent, CreateProcessW, SleepEx, LocalSize, SetLastError, QueryDosDeviceW, CreateFileW, OpenProcess, RegisterWaitForSingleObject, HeapFree, GetProcessHeap, HeapAlloc, OutputDebugStringA, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, GetVersionExA, LoadLibraryA, DelayLoadFailureHook, InterlockedExchange, CompareFileTime, InterlockedCompareExchange, LocalAlloc, GetCurrentProcess, CreateDirectoryW, GetVersionExW, GetComputerNameW, ExitThread, WaitForSingleObject, SetEvent, GetLastError, GetExitCodeThread, WaitForMultipleObjects, InterlockedIncrement, InterlockedDecrement, RaiseException, EnterCriticalSection, LeaveCriticalSection, InitializeCriticalSection, DeleteCriticalSection, DisableThreadLibraryCalls, UnregisterWait, CloseHandle, Sleep, DebugBreak, DuplicateHandle, CreateEventW, LocalFree, GetProcAddress, LoadLibraryW, FreeLibrary, GetSystemTimeAsFileTime, SystemTimeToFileTime, GetSystemDirectoryW, RtlCaptureStackBackTrace, lstrcmpW
msvcrt.dll
DllMain
ntdll.dll
NtDuplicateToken, RtlLengthSid, RtlRaiseException, RtlAcquireResourceExclusive, RtlAcquireResourceShared, RtlReleaseResource, RtlMapGenericMask, RtlGetAce, RtlQueryInformationAcl, RtlGetDaclSecurityDescriptor, RtlCreateUserSecurityObject, RtlGetOwnerSecurityDescriptor, RtlSetGroupSecurityDescriptor, RtlCopySecurityDescriptor, RtlGetGroupSecurityDescriptor, NtQueryInformationProcess, RtlCopySid, NtQueryInformationToken, NtOpenProcessToken, NtOpenProcess, DbgPrint, RtlEqualSid, RtlNtStatusToDosError, NtQueryVirtualMemory, RtlFreeSid, RtlCompareMemory, RtlExtendedLargeIntegerDivide, RtlInitString, NtDuplicateObject, NtClose, NtQueryLicenseValue, RtlAdjustPrivilege, RtlClearBits, RtlAreBitsSet, RtlFindClearBitsAndSet, RtlLookupElementGenericTable, RtlInitializeGenericTable, RtlDeleteElementGenericTable, RtlEnumerateGenericTable, RtlInsertElementGenericTable, RtlInitializeBitMap, RtlDeleteResource, RtlInitializeResource, NtQuerySystemTime, NtQuerySystemInformation, RtlInitAnsiString, RtlAnsiStringToUnicodeString, RtlInitUnicodeString, NtCreateFile, RtlCaptureStackBackTrace, RtlAllocateAndInitializeSid, RtlGetControlSecurityDescriptor, RtlNumberGenericTableElements
psapi.dll
EnumProcessModules
rpcrt4.dll
UuidFromStringW, UuidToStringW, RpcServerInqDefaultPrincNameW, RpcServerRegisterAuthInfoW, I_RpcBindingIsClientLocal, I_RpcBindingInqLocalClientPID, RpcServerUseProtseqEpW, RpcServerRegisterIfEx, RpcServerListen, RpcBindingToStringBindingW, RpcStringBindingParseW, RpcStringFreeW, RpcServerInqCallAttributesW, RpcImpersonateClient, RpcRevertToSelf, RpcServerUnregisterIfEx, NdrServerCall2
shell32.dll
SHEvaluateSystemCommandTemplate, FindExecutableW
wintrust.dll
WinVerifyTrust, CryptCATAdminAcquireContext, CryptCATAdminCalcHashFromFileHandle, CryptCATCatalogInfoFromContext, CryptCATAdminEnumCatalogFromHash, CryptCATAdminReleaseCatalogContext, CryptCATAdminReleaseContext, WTHelperProvDataFromStateData, WTHelperGetProvSignerFromChain
ws2_32.dll
GetNameInfoW
Export table
ServiceMain
SvchostPushServiceGlobals

termsrv.dll

Terminal Server Remote Connections Manager by Microsoft

Remove termsrv.dll
Version:   6.0.6001.18000 (longhorn_rtm.080118-1840)
MD5:   5cdd30bc217082dac71a9878d9bfd566
SHA1:   7a3ef3be01459b69ddbec08192ead5debbc8de91
SHA256:   260d40973f9eeae9a1890b813d8dcc01a9434d17dce5da1d16b72a57dcf59194
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is termsrv.dll?

Users can connect to a terminal server to run programs, save files, and use network resources on that server. When a user disconnects from a session, all processes running in the session, including applications, will continue to run on the terminal server.

About termsrv.dll (from Microsoft)

The user logon mode on the terminal server can be configured to prevent new user sessions from being created on the terminal server. You might want to prevent new user sessions from being created on t

Overview

termsrv.dll is loaded as dynamic link library that runs in the context of a process. The assembly utilizes the .NET run-time framework (which is required to be installed on the PC). .

DetailsDetails

File name:termsrv.dll
Publisher:Microsoft Corporation
Product name:Terminal Server Remote Connections Manager
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\termsrv.dll
Original name:termsrv.dll.mui
File version:6.0.6001.18000 (longhorn_rtm.080118-1840)
Product version:6.0.6001.18000
Size:534.5 KB (547,328 bytes)
Digital DNA
PE subsystem:Windows Console
File packed:No
Code language:Microsoft Visual C# / Basic .NET
.NET CLR:Yes
.NET NGENed:No
More details

BehaviorsBehaviors

Hosted services
Runs as a shared service under the Windows svcHost
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'
  • Shared name is 'TermService'

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows Vista Home Premium 68.46%
Windows Vista Home Basic 16.11%
Windows Vista Ultimate 8.72%
Windows Vista Business 5.37%
Windows Vista™ Home Premium 0.67%
Microsoft Windows XP 0.67%

Distribution by countryDistribution by country

United States installs about 61.38% of Terminal Server Remote Connections Manager.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 27.64%
Hewlett-Packard 20.33%
Toshiba 14.63%
Sony 11.38%
Gateway 9.76%
ASUS 8.13%
Acer 4.88%
Intel 1.63%
American Megatrends 0.81%
Samsung 0.81%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE