System Center Endpoint Protection
What is System Center Endpoint Protection?
System Center Endpoint Protection is software application developed by Microsoft Corporation. It is most commonly found on computers running Windows 7 with nearly 64.64% of installations running this operating system. System Center Endpoint Protection's installer is typically 29.00 MB in size and installs around 45 files. The most common release is 4.5.216.0 with 23.97% of all installations currently using this version.
System Center Endpoint Protection is most popular in the United States with 55.95% of installations residing in this country.
System Center Endpoint Protection adds 5 scheduled tasks to the Windows Task Scheduler launching the program at randomly scheduled times. When using a computer that is connected to the internet, System Center Endpoint Protection is known to create 5 firewall exceptions to allow inbound and outbound connectivity.
Software Behaviors
- Services:
-
- NisSrv.exe runs as a service named 'Microsoft Netwerkinspectie' (NisSrv) "Biedt bescherming tegen inbraakpogingen die gericht zijn op bekende en recentelijk gevonden zwakke plekken in netwerkprotocollen".
- MsMpEng.exe runs as a service named 'Microsoft Antimalware Service' (MsMpSvc) "Helps protect users from malware and other potentially unwanted software".
- Firewall:
-
- shellext.dll is added as a firewall exception for 'C:\Program Files2\HEWLET~1\PCCOE3~1\OVCMS~1\radexecd.exe'.
- msseces.exe is added as a firewall exception for 'C:\Program Files\Microsoft Security Client\msseces.exe'.
- MsMpEng.exe is added as a firewall exception for 'C:\Program Files\Microsoft Security Client\MsMpEng.exe'.
- Setup.exe is added as a firewall exception for 'C:\Program Files\Microsoft Security Client\setup.exe'.
- MpCmdRun.exe is added as a firewall exception for 'C:\Program Files\Microsoft Security Client\MpCmdRun.exe'.
- Scheduled tasks:
-
- msseces.exe is scheduled as a task with the class '{D300CC09-EC38-4DD4-B614-9579AFFC3A46}' (runs on registration).
- MpCmdRun.exe is scheduled as a task named 'Microsoft Antimalware Scan' (runs weekly on Sundays at 2:00 AM).
- MsMpEng.exe is scheduled as a task with the class '{36EFC519-FFC0-44BA-A865-06780C54FA6D}' (runs on registration).
- Setup.exe is scheduled as a task with the class '{EAC44AF3-B6F9-401D-8A78-249D0D819684}' (runs on registration).
- MsMpRes.dll is scheduled as a task named 'Microsoft-Windows-TaskScheduler_Operational_Microsoft-Windows-TaskScheduler_103'.
Startup Entries
- Startup tasks:
-
- MpCmdRun.exe is automatically launched at startup through a scheduled task named MS-AntiVir-Update.
- msseces.exe is automatically launched at startup through a scheduled task named MSC (2).
- Registry entries:
-
- msseces.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Microsoft Security Client User Interface' and executes as C:\Program Files\Microsoft Security Client\msseces.exe.
- MpCmdRun.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Microsoft Malware Protection Command Line Utility' and executes as C:\Program Files\Microsoft Security Client\MpCmdRun.exe.
- MsMpEng.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'New startup' and executes as "C:\Program Files\Microsoft Security Client\MsMpEng.exe".
- Registry entries (User):
-
- msseces.exe is loaded once in the current user (HKCU) registry as a startup file name 'Application Restart #0' which loads as C:\Program Files\Microsoft Security Client\msseces.exe -Recover.
Software Details
- URL:
- https://go.microsoft.com/fwlink/?linkid=225780&mkt=en-us
- Support:
- –
- Installation path:
- C:\Program Files\Microsoft Security Client
- Uninstaller:
- "C:\Program Files\Microsoft Security Client\Setup.exe" /x
- Size:
- 29.00 MB
- Language:
- English
System Center Endpoint Protection Executable Details
- Primary executable:
- sqmapi.dll
- Name:
- System Center Endpoint Protection
- Path:
- C:\Program Files\Microsoft Security Client\sqmapi.dll
- MD5:
- d475bbd6fef8db2dde0da7ccfd2c9042
- SHA-1:
- –
- SHA-256:
- –
File Type | Filename | MD5 |
---|---|---|
DLL
|
d475bbd6fef8db2dde0da7ccfd2c9042 | |
DLL
|
a5e4b3ff51cf5b7926d9651908feb666 | |
EXE
|
f4d12a420bff9c7e9f5c5106608be240 | |
DLL
|
166a0a49f0f49974ae8e71a14bc30d1f | |
DLL
|
fc92e13e5046ccf2f6bc88cb09411a5a | |
DLL
|
fe6ea680bae25d5b8cc19c2e2b129c58 | |
DLL
|
a26e0a6a7ebb45815a3583e170c27031 | |
EXE
|
89f2aedc2788696702141ab82c3e7866 | |
DLL
|
6038b87e64552b0e7f863f20fd87b2ff | |
DLL
|
92a0fce28889ee68552c0d9132096639 |