Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 0.98%
6.2.9200.16384 (win8_rtm.120725-1247) 1.96%
6.2.9200.16384 (win8_rtm.120725-1247) 1.47%
6.2.9200.16384 (win8_rtm.120725-1247) 0.98%
6.2.9200.16384 (win8_rtm.120725-1247) 1.47%
6.1.7600.16385 (win7_rtm.090713-1255) 11.27%
6.1.7600.16385 (win7_rtm.090713-1255) 8.33%
6.0.6000.16386 (vista_rtm.061101-2205) 11.76%
6.0.6000.16386 (vista_rtm.061101-2205) 3.92%
6.0.6000.16386 (vista_rtm.061101-2205) 53.92%
6.0.6000.16386 (vista_rtm.061101-2205) 3.92%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
ConvertSidToStringSidW, RegisterEventSourceW, ReportEventW, DeregisterEventSource, DuplicateTokenEx, ConvertStringSidToSidW, SetTokenInformation, GetSidSubAuthorityCount, GetSidSubAuthority, RegGetValueW, RegOpenKeyExW, RegDeleteValueW, RegCloseKey, RegisterServiceCtrlHandlerExW, GetLengthSid, GetTokenInformation, CreateProcessAsUserW, TraceMessage, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, RevertToSelf, ImpersonateLoggedOnUser, OpenProcessToken, OpenThreadToken, SetServiceStatus, ConvertStringSecurityDescriptorToSecurityDescriptorW
api-ms-win-appmodel-runtime-l1-1-0.dll
GetApplicationUserModelId, GetPackageFullName
api-ms-win-core-delayload-l1-1-1.dll
ResolveDelayLoadedAPI, DelayLoadFailureHook
api-ms-win-core-errorhandling-l1-1-1.dll
UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetLastError
api-ms-win-core-handle-l1-1-0.dll
CloseHandle, DuplicateHandle
api-ms-win-core-heap-l1-2-0.dll
HeapFree, GetProcessHeap, HeapAlloc
api-ms-win-core-heap-obsolete-l1-1-0.dll
LocalFree
api-ms-win-core-interlocked-l1-2-0.dll
InterlockedExchange, InterlockedCompareExchange, InterlockedDecrement, InterlockedIncrement
api-ms-win-core-kernel32-legacy-l1-1-0.dll
LoadLibraryW, WTSGetActiveConsoleSessionId
api-ms-win-core-libraryloader-l1-1-1.dll
LoadLibraryExW, DisableThreadLibraryCalls, FreeLibrary, GetProcAddress
api-ms-win-core-memory-l1-1-1.dll
MapViewOfFile, CreateFileMappingW, ReadProcessMemory, UnmapViewOfFile
api-ms-win-core-namespace-l1-1-0.dll
OpenPrivateNamespaceW, ClosePrivateNamespace, CreatePrivateNamespaceW
api-ms-win-core-processthreads-l1-1-1.dll
GetProcessTimes, OpenThreadToken, OpenProcessToken, CreateProcessAsUserW, ResumeThread, TerminateProcess, GetCurrentProcessId, InitializeProcThreadAttributeList, UpdateProcThreadAttribute, DeleteProcThreadAttributeList, GetExitCodeProcess, GetProcessId, ProcessIdToSessionId, GetCurrentThreadId, GetCurrentProcess, CreateProcessW, OpenThread, CreateThread, GetThreadId, OpenProcess
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter
api-ms-win-core-psapi-l1-1-0.dll
QueryFullProcessImageNameW
api-ms-win-core-psapi-obsolete-l1-1-0.dll
K32GetModuleFileNameExW
api-ms-win-core-registry-l1-1-0.dll
RegGetValueW, RegSetValueExW, RegCreateKeyExW, RegCloseKey, RegOpenKeyExW
api-ms-win-core-string-obsolete-l1-1-0.dll
lstrlenW
api-ms-win-core-synch-l1-2-0.dll
Sleep, ResetEvent, SetEvent, CreateMutexW, InitializeCriticalSection, WaitForSingleObject, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, WaitForMultipleObjectsEx, CreateEventW, OpenEventW
api-ms-win-core-sysinfo-l1-2-0.dll
GetSystemDirectoryW, GetSystemTime, GetTickCount, GetSystemTimeAsFileTime
api-ms-win-core-threadpool-l1-2-0.dll
WaitForThreadpoolWaitCallbacks, TrySubmitThreadpoolCallback, CloseThreadpoolWait, SetThreadpoolWait, CloseThreadpoolCleanupGroup, LeaveCriticalSectionWhenCallbackReturns, CreateThreadpoolCleanupGroup, CloseThreadpoolCleanupGroupMembers, CreateThreadpoolWait
api-ms-win-core-threadpool-legacy-l1-1-0.dll
UnregisterWaitEx
api-ms-win-core-timezone-l1-1-0.dll
SystemTimeToFileTime
api-ms-win-core-util-l1-1-0.dll
DecodePointer, EncodePointer
api-ms-win-core-version-l1-1-0.dll
VerQueryValueW, GetFileVersionInfoExW, GetFileVersionInfoSizeExW
api-ms-win-eventing-classicprovider-l1-1-0.dll
TraceMessage
api-ms-win-security-base-l1-2-0.dll
AllocateAndInitializeSid, GetTokenInformation, FreeSid, SetTokenInformation, ImpersonateLoggedOnUser, GetSidSubAuthority, GetSidSubAuthorityCount, SetSecurityDescriptorDacl, CheckTokenMembership, RevertToSelf, InitializeSecurityDescriptor, DuplicateToken, CreateWellKnownSid, DuplicateTokenEx
api-ms-win-service-core-l1-1-0.dll
RegisterServiceCtrlHandlerExW, SetServiceStatus
api-ms-win-service-core-l1-1-1.dll
RegisterServiceCtrlHandlerExW, SetServiceStatus
api-ms-win-service-management-l1-1-0.dll
CloseServiceHandle, OpenServiceW, OpenSCManagerW
api-ms-win-service-management-l2-1-0.dll
QueryServiceConfigW
kernel32.dll
LoadLibraryExW, CompareFileTime, GetFileInformationByHandle, CreateFileW, FindNextChangeNotification, FindFirstChangeNotificationW, FindResourceW, DisableThreadLibraryCalls, DecodePointer, InitializeCriticalSection, DeleteCriticalSection, FreeLibrary, LocalFree, CloseHandle, UnmapViewOfFile, LeaveCriticalSection, EnterCriticalSection, OpenEventW, GetLastError, GetCurrentProcessId, HeapFree, CreatePrivateNamespaceW, HeapAlloc, GetProcessHeap, ClosePrivateNamespace, WaitForSingleObject, EncodePointer, GetProcAddress, LoadLibraryW, CreateProcessW, GetSystemDirectoryW, DuplicateHandle, GetCurrentProcess, OpenProcess, GetThreadId, GetProcessId, WaitForMultipleObjects, ResumeThread, MapViewOfFile, CreateFileMappingW, ProcessIdToSessionId, CreateEventW, SetEvent, CloseThreadpoolCleanupGroupMembers, InterlockedDecrement, TerminateProcess, InterlockedIncrement, LeaveCriticalSectionWhenCallbackReturns, TrySubmitThreadpoolCallback, CreateThread, CreateThreadpoolCleanupGroup, DelayLoadFailureHook, InterlockedCompareExchange, LoadLibraryA, GetCommandLineA, GetVersionExA, GetModuleHandleA, ExitProcess, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThreadId, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, OutputDebugStringA, UnhandledExceptionFilter, SetUnhandledExceptionFilter, HeapReAlloc, HeapSize, WriteFile, GetModuleHandleW, GetCPInfo, GetACP, GetOEMCP, Sleep, VirtualAlloc, SetFilePointer, GetConsoleCP, GetConsoleMode, MultiByteToWideChar, GetLocaleInfoA, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, VirtualProtect, GetSystemInfo, VirtualQuery, CreateFileA, FlushFileBuffers, OpenThread, SetThreadpoolWait, SystemTimeToFileTime, GetSystemTime, CloseThreadpoolWait, WaitForThreadpoolWaitCallbacks, GetProcessTimes, GetExitCodeProcess, lstrlenW, CreateThreadpoolWait, InterlockedCompareExchange64, DeleteTimerQueueEx, CreateTimerQueueTimer, CreateTimerQueue, SizeofResource, LockResource, LoadResource, GetSystemWow64DirectoryW, RegCreateKeyExW, RegSetValueExW, K32GetModuleFileNameExW, QueryFullProcessImageNameW, LoadLibraryExA, InterlockedExchange, OpenPrivateNamespaceW, ResetEvent, UnregisterWait, CloseThreadpoolCleanupGroup, ReadProcessMemory
msvcrt.dll
DllMain
ntdll.dll
RtlUnwind, NtAlpcCreatePort, AlpcInitializeMessageAttribute, AlpcGetMessageAttribute, NtSetSystemInformation, ShipAssert, WinSqmEventWrite, NtDuplicateToken, NtQueryInformationToken, RtlUpcaseUnicodeChar, WinSqmAddToStream, NtAlpcAcceptConnectPort, NtAlpcConnectPort, NtAlpcSendWaitReceivePort, RtlInitUnicodeString, RtlCreateBoundaryDescriptor, RtlCreateServiceSid, RtlAddSIDToBoundaryDescriptor, RtlDeleteBoundaryDescriptor, NtAlpcOpenSenderProcess, NtAlpcOpenSenderThread, NtClose, NtOpenEvent, NtTerminateProcess, EtwUnregisterTraceGuids, EtwRegisterTraceGuidsW, EtwGetTraceLoggerHandle, EtwGetTraceEnableLevel, EtwGetTraceEnableFlags, EtwTraceMessage, NtQueryInformationProcess
Export table
ServiceMain
SvchostPushServiceGlobals

wersvc.dll

Windows Error Reporting Service by Microsoft

Remove wersvc.dll
Version:   6.0.6000.16386 (vista_rtm.061101-2205)
MD5:   66b9ecebc46683f47edc06333c075fef
SHA1:   8c9b538615ad897e3eb0d9ee96230862f3da0b0c
SHA256:   35c33596d97db65de0a687644e9ad924ad5fcbafd83fe4d23e7e58ef4bc4cc87
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is wersvc.dll?

The error reporting feature enables users to notify Microsoft of application faults, kernel faults, unresponsive applications, and other application specific problems. Microsoft can use the error reporting feature to provide customers with troubleshooting information, solutions, or updates for their specific problems.

About wersvc.dll (from Microsoft)

Windows provides crash, non-response, and kernel fault error reporting by default without requiring changes to your application. The report will include minidump and heap dump information if required.

DetailsDetails

File name:wersvc.dll
Publisher:Microsoft Corporation
Product name:Windows Error Reporting Service
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\wersvc.dll
Original name:wersvc
File version:6.0.6000.16386 (vista_rtm.061101-2205)
Product version:6.0.6000.16386
Size:118 KB (120,832 bytes)
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C# / Basic .NET
.NET CLR:Yes
.NET NGENed:No
More details

BehaviorsBehaviors

Hosted services
Runs as a shared service under the Windows svcHost
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'
  • Shared name is 'WerSvc'

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows Vista Home Premium 51.00%
Windows Vista Home Basic 11.50%
Windows 7 Home Premium 7.00%
Windows Vista Ultimate 7.00%
Windows 7 Ultimate 6.50%
Windows 7 Ultimate N 4.50%
Windows Vista Business 4.00%
Windows 7 Professional 2.00%
Windows 8 2.00%
Windows 8 Pro 1.50%
Windows 8 Pro with Media Center 1.00%
Windows 8.1 Pro 0.50%
Windows 8.1 Enterprise 0.50%
Windows Vista™ Home Premium 0.50%
Microsoft Windows XP 0.50%

Distribution by countryDistribution by country

United States installs about 58.76% of Windows Error Reporting Service.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 27.54%
Hewlett-Packard 21.56%
Toshiba 11.98%
ASUS 10.78%
Sony 9.58%
Gateway 7.19%
Acer 5.39%
Samsung 1.80%
Lenovo 1.20%
Intel 1.20%
American Megatrends 0.60%
GIGABYTE 0.60%
Packard Bell 0.60%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE