Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9431.0 (winmain_bluemp.130615-1214) 1.27%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.64%
17.0.2015.0811 26.75%
17.0.2011.0627 5.73%
17.0.2010.0530 9.55%
17.0.2006.0314 18.47%
17.0.2003.1112 35.67%
16.4.6013.0910 1.91%

Relationships

Parent processes
Related files

PE structurePE file structure
Show functions
Import table
api-ms-win-core-com-l1-1-1.dll
RoGetAgileReference, CoCreateFreeThreadedMarshaler, CoUninitialize, CoRevokeClassObject, PropVariantClear, CoInitializeSecurity, CoTaskMemFree, CoInitializeEx, CoTaskMemAlloc, CoTaskMemRealloc, CoGetMalloc, StringFromGUID2, CoCreateGuid, CoResumeClassObjects, CoCreateInstance, CoRegisterClassObject
api-ms-win-core-datetime-l1-1-1.dll
GetDateFormatW
api-ms-win-core-debug-l1-1-1.dll
OutputDebugStringA, DebugBreak
api-ms-win-core-errorhandling-l1-1-1.dll
UnhandledExceptionFilter, SetErrorMode, RaiseException, GetLastError, SetUnhandledExceptionFilter, SetLastError
api-ms-win-core-file-l1-2-1.dll
FindFirstFileW, GetFullPathNameW, GetFileAttributesW, FindNextFileW, SetFileInformationByHandle, FindClose, GetFileSizeEx, GetDiskFreeSpaceExW, GetVolumeInformationW, DeleteFileW, GetDriveTypeW, CreateFileW, GetLogicalDrives, ReadFile, GetVolumePathNameW, SetFileTime, FindFirstFileExW, SetFilePointerEx, SetFileAttributesW
api-ms-win-core-file-l2-1-1.dll
GetFileInformationByHandleEx
api-ms-win-core-handle-l1-1-0.dll
CloseHandle, DuplicateHandle
api-ms-win-core-io-l1-1-1.dll
DeviceIoControl
api-ms-win-core-libraryloader-l1-1-1.dll
FindResourceExW, LoadResource, SizeofResource, GetProcAddress, FreeLibrary, LoadLibraryExW, FindStringOrdinal, GetModuleFileNameW, GetModuleHandleW, GetModuleHandleA
api-ms-win-core-localization-l1-2-1.dll
FormatMessageW, GetLocaleInfoW
api-ms-win-core-path-l1-1-0.dll
PathCchCanonicalizeEx, PathCchStripPrefix, PathCchSkipRoot
api-ms-win-core-processenvironment-l1-2-0.dll
GetCommandLineW
api-ms-win-core-processthreads-l1-1-2.dll
GetCurrentProcess, TerminateProcess, OpenProcessToken, CreateProcessW, OpenProcess, GetCurrentProcessId, GetStartupInfoW, GetCurrentThreadId
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter
api-ms-win-core-registry-l1-1-0.dll
RegGetValueW, RegQueryInfoKeyW, RegNotifyChangeKeyValue, RegEnumKeyExW, RegOpenKeyExW, RegCloseKey, RegSetValueExW, RegDeleteValueW, RegCreateKeyExW, RegEnumValueW
api-ms-win-core-string-l1-1-0.dll
CompareStringOrdinal, GetStringTypeW, WideCharToMultiByte, MultiByteToWideChar
api-ms-win-core-synch-l1-2-0.dll
ReleaseMutex, EnterCriticalSection, CreateMutexW, OpenEventW, Sleep, InitializeCriticalSection, OpenMutexW, AcquireSRWLockShared, ResetEvent, WaitForSingleObject, AcquireSRWLockExclusive, CreateEventW, LeaveCriticalSection, SetEvent, ReleaseSRWLockExclusive, DeleteCriticalSection, ReleaseSRWLockShared
api-ms-win-core-sysinfo-l1-2-1.dll
GetSystemTimeAsFileTime, GetTickCount64, GetComputerNameExW, GetSystemTime, GetProductInfo, GetVersionExW, GetLocalTime, GetTickCount
api-ms-win-core-timezone-l1-1-0.dll
GetTimeZoneInformation, SystemTimeToTzSpecificLocalTime
api-ms-win-core-util-l1-1-0.dll
DecodePointer, EncodePointer
api-ms-win-core-version-l1-1-0.dll
VerQueryValueW
api-ms-win-core-winrt-error-l1-1-1.dll
RoOriginateErrorW, RoOriginateError
api-ms-win-core-winrt-l1-1-0.dll
RoRevokeActivationFactories, RoRegisterActivationFactories
api-ms-win-core-winrt-string-l1-1-0.dll
WindowsCreateString, WindowsGetStringRawBuffer, WindowsStringHasEmbeddedNull, WindowsDeleteString, WindowsIsStringEmpty
api-ms-win-eventing-classicprovider-l1-1-0.dll
TraceEvent
api-ms-win-eventing-controller-l1-1-0.dll
EnableTraceEx2, ControlTraceW, StartTraceW
api-ms-win-eventing-provider-l1-1-0.dll
EventWrite
api-ms-win-security-base-l1-2-0.dll
GetTokenInformation, CheckTokenMembership, CreateWellKnownSid
api-ms-win-shcore-obsolete-l1-1-0.dll
CommandLineToArgvW
api-ms-win-shcore-registry-l1-1-1.dll
SHDeleteValueW, SHSetValueW
api-ms-win-shcore-stream-l1-1-0.dll
SHCreateStreamOnFileW, SHCreateStreamOnFileEx
dwmapi.dll
DwmIsCompositionEnabled, DwmSetWindowAttribute
kernel32.dll
FreeLibrary, GetProcAddress, LoadLibraryW, SetDllDirectoryW, CloseHandle, WriteConsoleW, GetCommandLineW, EncodePointer, DecodePointer, RaiseException, RtlUnwind, GetLastError, SetLastError, FlsAlloc, FlsGetValue, FlsSetValue, FlsFree, InterlockedIncrement, InterlockedDecrement, GetCurrentThreadId, ExitProcess, GetModuleHandleExW, MultiByteToWideChar, GetStdHandle, WriteFile, GetModuleFileNameW, GetProcessHeap, GetFileType, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InitOnceExecuteOnce, GetStartupInfoW, QueryPerformanceCounter, GetSystemTimeAsFileTime, GetTickCount64, GetEnvironmentStringsW, FreeEnvironmentStringsW, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetModuleHandleW, IsProcessorFeaturePresent, HeapAlloc, HeapFree, HeapSize, Sleep, IsDebuggerPresent, EnterCriticalSection, LeaveCriticalSection, IsValidCodePage, GetACP, GetOEMCP, GetCPInfo, LoadLibraryExW, OutputDebugStringW, WideCharToMultiByte, HeapReAlloc, LCMapStringEx, GetStringTypeW, FlushFileBuffers, GetConsoleCP, GetConsoleMode, SetStdHandle, SetFilePointerEx, CreateFileW, CopyFileW, RaiseFailFastException, LocalFree, MoveFileW, WaitForMultipleObjects, WerUnregisterFile, LCIDToLocaleName, WerRegisterFile, lstrcmpiW
msvcrt.dll
DllMain
ntdll.dll
EtwGetTraceLoggerHandle, NtCreateFile, RtlNtStatusToDosError, RtlInitUnicodeString, EtwUnregisterTraceGuids, EtwRegisterTraceGuidsW, EtwGetTraceEnableFlags, EtwGetTraceEnableLevel, EtwTraceMessage
ole32.dll
CoGetObject, CoAllowSetForegroundWindow, CoInitialize, CreateBindCtx
propsys.dll
PSGetPropertyKeyFromName, PropVariantToStringVectorAlloc
rpcrt4.dll
UuidToStringW, RpcStringFreeW
shell32.dll
SHCreateItemFromParsingName, SHSetKnownFolderPath, SHBindToParent, SHGetDataFromIDListW, SHGetKnownFolderPath, SHGetFolderPathAndSubDirW, SHGetFolderPathW, Shell_NotifyIconW, ShellExecuteW, SHFileOperationW, SHGetSpecialFolderPathW, SHCreateDirectoryExW, SHChangeNotify, SHBrowseForFolderW, SHGetPathFromIDListW, SHAppBarMessage, SHGetKnownFolderItem, SHParseDisplayName
shlwapi.dll
SHGetValueW, PathRemoveExtensionW, SHRegGetUSValueW, SHRegGetBoolUSValueW, SHRegCreateUSKeyW, SHRegCloseUSKey, SHRegSetUSValueW, PathFileExistsW, AssocCreate, UrlEscapeW, PathFindFileNameW, SHQueryValueExW, StrStrW, PathIsDirectoryW, PathRemoveFileSpecW
sspicli.dll
GetUserNameExW
user32.dll
MessageBoxW, AdjustWindowRectEx, NotifyWinEvent, SetWindowPos, MsgWaitForMultipleObjects, CharNextW, UnregisterClassA, AllowSetForegroundWindow, SetFocus, GetLastActivePopup, SystemParametersInfoW, GetProcessDefaultLayout, UnhookWindowsHookEx, SetWindowsHookExW, GetIconInfo, GetWindowRect, TrackPopupMenu, GetDoubleClickTime, KillTimer, SetTimer, SetMenuDefaultItem, EnableMenuItem, GetMenuStringW, GetMenuItemCount, RemoveMenu, DeleteMenu, AppendMenuW, ModifyMenuW, EndDialog, SetForegroundWindow, FindWindowW, ShowWindow, SendMessageW, PeekMessageW, PostThreadMessageW, GetWindowThreadProcessId, PostMessageW, GetWindowLongW, PostQuitMessage, SetWindowLongW, CreateWindowExW, RegisterClassExW, UnregisterClassW, GetClassInfoExW, IsWindow, DispatchMessageW, TranslateMessage, GetMessageW, DestroyWindow, GetSubMenu, DefWindowProcW
version.dll
GetFileVersionInfoSizeW, GetFileVersionInfoW

SkyDrive.exe

Microsoft SkyDrive by Microsoft Corporation (Signed)

Remove SkyDrive.exe
Version:   17.0.2006.0314
MD5:   0d8a2c637046e578efc7f08ebe86555f
SHA1:   ec699dffb7085363dc3236e4a57b9c001f9d9239
SHA256:   cb7d317e941cb222f3008d522e954e75a37813db1b90efd4df2cb37e3bf378fd

What is SkyDrive.exe?

SkyDrive is a file hosting service that allows users to upload and sync files to a cloud storage and then access them from a Web browser or their local device. It is part of the Windows Live range of online services and allows users to keep the files private, share them with contacts, or make the files public. Publicly shared files do not require a Microsoft account to access.

Overview

skydrive.exe executes as a process with the local user's privileges typically within the context of its parent ccSvcHst.exe (Symantec Security Technologies by Symantec Corporation). It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). The file is digitally signed by Microsoft Corporation.

DetailsDetails

File name:skydrive.exe
Publisher:Microsoft Corporation
Product name:Microsoft SkyDrive
Typical file path:C:\users\user\appdata\local\microsoft\skydrive\skydrive.exe
File version:17.0.2006.0314
Size:250.59 KB (256,600 bytes)
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Effective date:Thursday, July 26, 2012
Expiration date:Saturday, October 26, 2013
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'SkyDrive' → "C:\users\user\appdata\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
Scheduled tasks
  • The task 'Microsoft SkyDrive Auto Update Task-S-1-5-21-1318870350-1538431248-2977772109-1001' in the path '\Microsoft SkyDrive Auto Update Task-S-1-5-21-1318870350-1538431248-2977772109-1001'
  • The job 'Microsoft SkyDrive Auto Update Task-S-1-5-21-3203543148-2324073305-2790340789-1001' in the path '\Microsoft SkyDrive Auto Update Task-S-1-5-21-3203543148-2324073305-2790340789-1001'
Network connections
  • [TCP] bn1wns2011515.wns.windows.com (157.56.100.90:443)
  • [TCP] act-3-blu.mesh.com (65.55.194.241:443)
  • [TCP] bn1wns2011310.wns.windows.com (157.56.100.53:443)
  • [TCP] bn1wns2011706.wns.windows.com (157.56.100.115:443)
  • [TCP] bn1wns2011309.wns.windows.com (157.56.100.52:443)
  • [TCP] sinwns1011711.wns.windows.com (111.221.72.121:443)
  • [TCP] bn1wns1011212.wns.windows.com (157.56.98.41:443)
  • [TCP] 157.55.241.174:443
  • [TCP] 157.55.236.32:443
  • [TCP] bn1wns1011417.wns.windows.com (157.56.98.72:443)
  • [UDP] listens on port 64215
  • [UDP] listens on port 64573

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00141995%
    0.028634%
    Kernel CPU:0.00066096%
    0.013761%
    User CPU:0.00075899%
    0.014873%
    Kernel CPU time:3,044,164 ms/min
    100,923,805ms/min
    CPU cycles:4,720,572/sec
    17,470,203/sec
    Context switches:66/sec
    284/sec
    Memory
    Private memory:13.77 MB
    21.59 MB
    Private (maximum):25.99 MB
    Private (minimum):19.41 MB
    Non-paged memory:13.77 MB
    21.59 MB
    Virtual memory:159.41 MB
    140.96 MB
    Virtual memory (peak):164.75 MB
    169.69 MB
    Working set:23.07 MB
    18.61 MB
    Working set (peak):29.64 MB
    37.95 MB
    Page faults:152,955/min
    2,039/min
    I/O
    I/O read transfer:1.52 KB/sec
    1.02 MB/min
    I/O read operations:6/sec
    343/min
    I/O write transfer:2.5 KB/sec
    274.99 KB/min
    I/O write operations:2/sec
    227/min
    I/O other transfer:3.19 KB/sec
    448.09 KB/min
    I/O other operations:35/sec
    1,671/min
    Resource allocations
    Threads:34
    12
    Handles:592
    600
    GUI GDI count:116
    103
    GUI GDI peak:125
    142
    GUI USER count:54
    49
    GUI USER peak:62
    71

    BehaviorsProcess properties

    Integrety level:Medium
    Platform:64-bit
    Command lines:
    • "C:\users\user\appdata\local\microsoft\skydrive\skydrive.exe" /background
    • "C:\users\user\appdata\local\microsoft\skydrive\skydrive.exe"
    Owner:User
    Parent processes:

    ResourcesThreads

    Averages
     
    wow64win.dll
    Total CPU:0.00506824%
    0.272967%
    Kernel CPU:0.00002399%
    0.107585%
    User CPU:0.00504425%
    0.165382%
    CPU cycles:16,516/sec
    5,741,424/sec
    Memory:360 KB
    1.16 MB
    SkyDrive.exe (main module)
    Total CPU:0.00382359%
    Kernel CPU:0.00136729%
    User CPU:0.00245631%
    CPU cycles:346,242/sec
    Context switches:3/sec
    Memory:256 KB
    MSVCR110.dll
    Total CPU:0.00197664%
    Kernel CPU:0.00039460%
    User CPU:0.00158204%
    CPU cycles:446,206/sec
    Memory:840 KB
    ntdll.dll
    Total CPU:0.00159282%
    Kernel CPU:0.00136650%
    User CPU:0.00022631%
    CPU cycles:53,775/sec
    Memory:1.66 MB
    wow64.dll
    Total CPU:0.00135674%
    Kernel CPU:0.00075842%
    User CPU:0.00059832%
    CPU cycles:18,679/sec
    Memory:276 KB
    WnsClientApi.dll
    Total CPU:0.00039424%
    Kernel CPU:0.00010039%
    User CPU:0.00029386%
    CPU cycles:29,812/sec
    Memory:488 KB
    winhttp.dll (Windows HTTP Services by Microsoft)
    Total CPU:0.00027012%
    Kernel CPU:0.00014236%
    User CPU:0.00012776%
    CPU cycles:21,180/sec
    Memory:384 KB
    WININET.dll
    Total CPU:0.00008633%
    Kernel CPU:0.00006361%
    User CPU:0.00002272%
    CPU cycles:29,769/sec
    Memory:1.11 MB
    wow64cpu.dll
    Total CPU:0.00002400%
    Kernel CPU:0.00002400%
    User CPU:0.00000000%
    CPU cycles:447/sec
    Memory:32 KB
    SkyDriveSessions.dll
    Total CPU:0.00000730%
    Kernel CPU:0.00000000%
    User CPU:0.00000730%
    CPU cycles:183/sec
    Memory:1.73 MB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 28.66%
    Windows 8 Pro 15.92%
    Windows 8 14.65%
    Windows 8 Pro with Media Center 12.10%
    Windows 7 Ultimate 10.83%
    Windows 8.1 3.18%
    Windows Vista Home Premium 3.18%
    Windows 8 Enterprise 3.18%
    Windows 7 Professional 2.55%
    Windows 8.1 Pro Preview 1.27%
    Windows 7 Home Premium N 1.27%
    Windows 8 Pro N 1.27%
    Windows Server 2012 Standard Evaluation 1.27%
    Windows 8.1 Pro Preview with Media Center 0.64%

    Distribution by countryDistribution by country

    United States installs about 57.96% of Microsoft SkyDrive.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Hewlett-Packard 25.81%
    ASUS 20.65%
    Dell 15.48%
    Toshiba 14.19%
    Sony 9.03%
    Acer 3.87%
    Lenovo 3.87%
    Intel 2.58%
    Samsung 1.94%
    GIGABYTE 1.29%
    Alienware 1.29%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE