Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

7.250.4311.0 15.99%
7.250.4311.0 6.00%
7.250.4232.0 33.63%
7.250.4232.0 16.68%
7.250.4226.0 0.07%
7.250.4225.0 7.24%
7.250.4225.0 20.33%
7.250.4204.0 0.07%

Relationships

Parent process
Child processes
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
CryptDestroyHash, CryptDestroyKey, MakeAbsoluteSD, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegCreateKeyExW, RegOpenKeyExW, RegQueryValueExW, RegSetValueExW, RegQueryInfoKeyW, DeregisterEventSource, ReportEventW, RegisterEventSourceW, SetServiceStatus, CloseServiceHandle, OpenServiceW, OpenSCManagerW, RegEnumKeyExW, CreateServiceW, DeleteService, ControlService, RegisterServiceCtrlHandlerExW, StartServiceCtrlDispatcherW, SetThreadToken, GetTokenInformation, OpenThreadToken, CheckTokenMembership, CryptSetProvParam, CryptGetUserKey, AllocateAndInitializeSid, GetLengthSid, SetSecurityDescriptorDacl, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner, IsValidSecurityDescriptor, AccessCheck, FreeSid, OpenProcessToken, InitializeSecurityDescriptor, InitializeAcl, AddAccessAllowedAce, RegNotifyChangeKeyValue, CryptGetProvParam, CryptGetKeyParam, CryptDeriveKey, CryptVerifySignatureW, CryptSignHashW, CredWriteDomainCredentialsW, CredReadW, CreateProcessAsUserW, CryptImportKey, CryptExportKey, EqualSid, GetSidSubAuthorityCount, GetSidLengthRequired, GetSidIdentifierAuthority, InitializeSid, GetSidSubAuthority, IsValidSid, RegQueryValueExA, RegEnumValueA, CryptCreateHash, CryptSetHashParam, CryptGetHashParam, CryptHashData, CryptAcquireContextA, CryptGenKey, CryptContextAddRef, RegEnumValueW, ImpersonateSelf, CredWriteW, CredDeleteW, CredEnumerateW, CredFree, CryptDecrypt, CryptDuplicateKey, CryptEncrypt, RegOpenCurrentUser, ConvertSidToStringSidW, DuplicateToken, ImpersonateLoggedOnUser, SetTokenInformation, RevertToSelf, CryptGenRandom, CryptReleaseContext, CryptAcquireContextW
crypt32.dll
CryptAcquireCertificatePrivateKey, CertEnumCertificatesInStore, CertCompareCertificate, CryptUnprotectData, CryptExportPublicKeyInfo, CryptEncodeObjectEx, CryptSignAndEncodeCertificate, CertGetCertificateChain, CertFreeCertificateChain, CryptSignMessage, CertGetNameStringA, CryptVerifyMessageSignature, CertVerifyCertificateChainPolicy, CryptImportPublicKeyInfo, CertSetCertificateContextProperty, CryptProtectData, CertGetIssuerCertificateFromStore, CertFreeCertificateContext, CertGetNameStringW, CertVerifySubjectCertificateContext, CertCreateCertificateContext, CertCloseStore, CertDeleteCertificateFromStore, CertFindCertificateInStore, CertOpenStore, CertAddCertificateContextToStore, CertGetCertificateContextProperty, CertDuplicateCertificateContext
iphlpapi.dll
NotifyAddrChange, CancelIPChangeNotify
kernel32.dll
DllMain, GetSystemDirectoryW, GetLastError, GetSystemTimeAsFileTime, SetEvent, GetModuleHandleW, GetProcAddress, LocalAlloc, LocalFree, DeviceIoControl, CloseHandle, OutputDebugStringW, GetFileSize, RegisterWaitForSingleObject, UnregisterWaitEx, GlobalAlloc, GlobalFree, WaitForMultipleObjects, LoadLibraryW, lstrcmpA, DeleteFileW, CopyFileW, CreateMutexW, GetVersionExW, GetUserDefaultUILanguage, GetSystemInfo, ReleaseMutex, CreateFileW, ResetEvent, GetSystemTime, GetComputerNameW, CreateProcessW, lstrlenA, SetEnvironmentVariableA, CompareStringW, CompareStringA, CreateFileA, GetTimeZoneInformation, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, FlushFileBuffers, LCMapStringW, LCMapStringA, GetStringTypeW, GetStringTypeA, InterlockedDecrement, GetLocalTime, TerminateProcess, GetDriveTypeA, GetCurrentDirectoryA, GetFullPathNameW, FindFirstFileW, GetDriveTypeW, FileTimeToLocalFileTime, FileTimeToSystemTime, FindClose, lstrlenW, RaiseException, EnterCriticalSection, LeaveCriticalSection, InitializeCriticalSection, DeleteCriticalSection, SizeofResource, LockResource, LoadResource, FindResourceW, FindResourceExW, GetUserDefaultLCID, GetDateFormatA, GetTimeFormatA, GetLocaleInfoA, GetConsoleMode, GetConsoleCP, SetFilePointer, CreateTimerQueueTimer, CreateTimerQueue, DeleteTimerQueueEx, DeleteTimerQueueTimer, GetCurrentThread, WideCharToMultiByte, GetCurrentProcess, GetProcessHandleCount, GetProcessHeap, HeapSetInformation, GetCommandLineW, LoadLibraryExW, MultiByteToWideChar, FreeLibrary, CreateEventW, CreateThread, GetCurrentThreadId, Sleep, GetModuleFileNameW, WaitForSingleObject, lstrcmpiW, HeapDestroy, HeapAlloc, HeapFree, HeapReAlloc, HeapSize, GetStartupInfoW, RtlUnwind, SetUnhandledExceptionFilter, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameA, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, GetStartupInfoA, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, IsValidCodePage, UnhandledExceptionFilter, IsDebuggerPresent, VirtualAlloc, GetModuleHandleA, InterlockedExchange, LoadLibraryA, InitializeCriticalSectionAndSpinCount, GetCPInfo, GetACP, GetOEMCP, InterlockedIncrement
netapi32.dll
NetUserModalsGet, NetApiBufferFree
ole32.dll
CLSIDFromProgID, CreateStreamOnHGlobal, CoTaskMemAlloc, CoTaskMemRealloc, CoUninitialize, CoInitializeEx, CoRevokeClassObject, CoRegisterClassObject, CoInitializeSecurity, CoTaskMemFree, CoSuspendClassObjects, StringFromGUID2, CoCreateInstance, CoResumeClassObjects, CoSetProxyBlanket, CoRevertToSelf, CoImpersonateClient, PropVariantClear
psapi.dll
GetProcessMemoryInfo
rpcrt4.dll
RpcServerRegisterIf, RpcServerListen, UuidToStringA, RpcStringFreeA, UuidToStringW, RpcStringFreeW, RpcServerUseProtseqEpW, RpcImpersonateClient, RpcRevertToSelf, I_RpcBindingInqLocalClientPID, RpcMgmtStopServerListening, NdrServerCall2, RpcServerUnregisterIf, UuidCreate
sensapi.dll
IsNetworkAlive
shell32.dll
SHCreateDirectoryExW, SHGetFolderPathW, SHGetSpecialFolderPathW
shlwapi.dll
PathFileExistsW, SHCopyKeyW, SHStrDupW, PathIsDirectoryW, PathCombineW, SHDeleteKeyW
sqmapi.dll
SqmSetAppId, SqmAddToStreamString, SqmIncrement, SqmSet, SqmGetSession, SqmReadSharedMachineId, SqmCreateNewId, SqmWriteSharedMachineId, SqmSetMachineId, SqmEndSession, SqmSetAppVersion, SqmStartUpload, SqmStartSession, SqmAddToStreamDWord
user32.dll
MessageBoxW, GetMessageW, DispatchMessageW, TranslateMessage, CharUpperW, PostThreadMessageW, CharNextW, LoadStringW
userenv.dll
CreateEnvironmentBlock, DestroyEnvironmentBlock, UnloadUserProfile
version.dll
GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW
wer.dll
WerReportSubmit, WerReportCreate, WerReportCloseHandle, WerReportSetParameter, WerReportAddFile
winhttp.dll
WinHttpAddRequestHeaders, WinHttpQueryAuthSchemes, WinHttpSetStatusCallback, WinHttpCrackUrl, WinHttpCloseHandle, WinHttpSetOption, WinHttpOpen, WinHttpReadData, WinHttpQueryDataAvailable, WinHttpCreateUrl, WinHttpConnect, WinHttpQueryHeaders, WinHttpReceiveResponse, WinHttpOpenRequest, WinHttpSendRequest, WinHttpGetIEProxyConfigForCurrentUser, WinHttpGetProxyForUrl, WinHttpSetTimeouts
winscard.dll
SCardFreeMemory, SCardListReadersW, SCardEstablishContext, SCardReleaseContext
wintrust.dll
WTHelperGetProvSignerFromChain, WTHelperProvDataFromStateData, WinVerifyTrustEx
ws2_32.dll
WSACreateEvent, WSACloseEvent
wtsapi32.dll
WTSFreeMemory, WTSEnumerateSessionsW, WTSQueryUserToken

Wlidsvc.exe

Microsoft CoReXT by Microsoft Corporation (Signed)

Remove Wlidsvc.exe
Version:   7.250.4311.0
MD5:   5e7c103f8475c4289847d15e129c20f7
SHA1:   2b1d1276aad917a454f7a7c4f8a6c6c8a72ace08
SHA256:   c6325d3557545fa1da26b0b1ea9a1c95aed1fa84a93be29a771dad9ecb00768b

What is Wlidsvc.exe?

Microsoft account (previously Windows Live ID) is a single sign-on web service developed and provided by Microsoft that allows users to log in to many websites using one account. Microsoft account allows users to sign in to websites that support this service using a single set of credentials. Users' credentials are not checked by Microsoft account-enabled websites, but by a Microsoft account authentication server.

About Wlidsvc.exe (from Microsoft Corporation)

Windows Live ID (formerly known as Microsoft Passport) is a service that allows you to use a single e-mail address and password, referred to as credentials, to sign into most Microsoft sites and servi

DetailsDetails

File name:WLIDSVC.EXE
Publisher:Microsoft Corp.
Product name:Microsoft® CoReXT
Description:Microsoft® Windows Live ID Service
Typical file path:C:\Program Files\common files\microsoft shared\windows live\wlidsvc.exe
File version:7.250.4311.0
Size:1.63 MB (1,713,904 bytes)
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Effective date:Monday, December 7, 2009
Expiration date:Monday, March 7, 2011
Digital DNA
Entropy:6.009591
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • wlidsvc
  • 'wlidsvc' (Windows Live ID Sign-in Assistant)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00651561%
0.028634%
Kernel CPU:0.00345462%
0.013761%
User CPU:0.00306099%
0.014873%
Kernel CPU time:2,174,050 ms/min
100,923,805ms/min
CPU cycles:278,179/sec
17,470,203/sec
Context switches:3/sec
284/sec
Memory
Private memory:4.56 MB
21.59 MB
Private (maximum):9.38 MB
Private (minimum):5.92 MB
Non-paged memory:4.56 MB
21.59 MB
Virtual memory:60.03 MB
140.96 MB
Virtual memory (peak):61.66 MB
169.69 MB
Working set:6.38 MB
18.61 MB
Working set (peak):10.53 MB
37.95 MB
Page faults:8,411/min
2,039/min
I/O
I/O read transfer:1.73 KB/sec
1.02 MB/min
I/O read operations:1/sec
343/min
I/O write transfer:41 Bytes/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:515 Bytes/sec
448.09 KB/min
I/O other operations:24/sec
1,671/min
Resource allocations
Threads:8
12
Handles:305
600

BehaviorsProcess properties

Integrety level:System
Platform:32-bit
Command line:"C:\Program Files\common files\microsoft shared\windows live\wlidsvc.exe"
Owner:SYSTEM
Windows Service
Service name:SYSTEM\CurrentControlSet\Services\wlidsvc
Display name:wlidsvc
Description:“Enables Windows Live ID authentication.”
Type:Win32OwnProcess
Parent process:services.exe (Services and Controller app by Microsoft)

ResourcesThreads

Averages
 
ntdll.dll
Total CPU:0.22499033%
0.272967%
Kernel CPU:0.02333845%
0.107585%
User CPU:0.20165188%
0.165382%
CPU cycles:5,234,930/sec
5,741,424/sec
Context switches:10/sec
79/sec
Memory:1.23 MB
1.16 MB
WLIDSVC.EXE (main module)
Total CPU:0.00160638%
Kernel CPU:0.00108335%
User CPU:0.00052303%
CPU cycles:36,627/sec
Memory:1.65 MB
sechost.dll
Total CPU:0.00048383%
Kernel CPU:0.00005186%
User CPU:0.00043196%
CPU cycles:4,551/sec
Memory:100 KB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 62.50%
Windows Vista Home Premium 13.50%
Windows 7 Professional 8.50%
Windows 7 Ultimate 6.00%
Windows 7 Home Basic 4.50%
Windows Vista Home Basic 2.00%
Windows 7 Starter 2.00%
Windows Vista Ultimate 1.00%

Distribution by countryDistribution by country

United States installs about 64.00% of Microsoft® CoReXT.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 25.87%
Hewlett-Packard 24.13%
Toshiba 11.89%
Sony 11.89%
Acer 11.89%
Lenovo 6.29%
ASUS 5.59%
GIGABYTE 1.75%
Samsung 0.70%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE