77,019,263 programs installed

Should I remove Windows Intune Endpoint Protection?

What percent of users and experts removed it?
1% remove it99% keep it
Overall Sentiment
Good
What do people think about it?
(click star to rate)
How common is it?
Global Rank #31,582
United States Rank #28,378
Reach 0.0047%

Versions

VersionDistribution
4.5.216.0 43.94%
4.4.304.0 19.70%
4.3.215.0 25.76%
4.2.223.1 4.55%
4.1.522.0 1.52%
4.0.1526.0 1.52%
2.1.1116.0 1.52%
2.0.657.0 1.52%

Other programs by Microsoft

Windows Intune Endpoint Protection

What is Windows Intune Endpoint Protection?  (from Microsoft)

Manage PCs and multiple types of mobile devices in one unified solution, either through the cloud or by extending your existing on-premises infrastructure. Whether using corporate or employee-owned devices, Windows Intune helps provide a security-enhanced environment with comprehensive update and policy management. Use...  Read more

Overview

Windows Intune Endpoint Protection is a software program developed by Microsoft. The most common release is 4.5.216.0, with over 98% of all installations currently using this version. During setup, the program creates a startup registration point in Windows in order to automatically start when any user boots the PC. Upon being installed, the software adds a Windows Service which is designed to run continuously in the background. Manually stopping the service has been seen to cause the program to stop functing properly. It adds a background controller service that is set to automatically run. Delaying the start of this service is possible through the service manager. A scheduled task is added to Windows Task Scheduler in order to launch the program at various scheduled times (the schedule varies depending on the version). The software is designed to connect to the Internet and adds a Windows Firewall exception in order to do so without being interfered with. When installed, it will add a context menu handler to the Windows shell in order to provide quick access to the program. The setup package generally installs about 39 files and is usually about 22.1 MB (23,174,406 bytes). Relative to the overall usage of users who have this installed on their PCs, most are running Windows 7 (SP1) and Windows 8. While about 48% of users of Windows Intune Endpoint Protection come from the United States, it is also popular in United Kingdom and Germany.

Program detailsProgram details

URL: go.microsoft.com/fwlink/?LinkID=206391&mkt=en-us
Installation folder: C:\Program Files\Microsoft Security Client
Uninstaller: C:\Program Files\Microsoft Security Client\Setup.exe /x
Estimated size: 22.1 MB

Program filesFiles installed by Windows Intune Endpoint Protection

  • ConfigSecurityPolicy.exe - Microsoft Security Client Policy Configure
  • IpsConsumer.dll - Microsoft Network Inspection System
  • NisLog.dll - Microsoft Network Inspection System Logging Provider
  • NisNetIP.dll
  • NisPerformanceProvider.dll - Microsoft Network Inspection System performance counters provider
  • NisSrv.exe
  • NisWFP.dll
  • NisIpsPlugin.dll - AntiMalware RealTime Protection (Nis Ips Plugin in AM Service)
  • DbgHelp.dll - Debugging Tools for Windows(R) (Windows Image Helper)
  • SymSrv.dll - Symbol Server
  • MsseWat.dll - Microsoft Security Essentials (Microsoft Security Essentials WGA module)
  • ProtectionManagement.dll - Microsoft Endpoint Protection (Microsoft Endpoint Protection Management Provider)
  • MpAsDesc.dll - Microsoft Malware Protection (Definition Update Descriptions)
  • MpClient.dll - Client Interface
  • MpCmdRun.exe - Microsoft Malware Protection Command Line Utility
  • MpCommu.dll - Communication Module
  • mpevmsg.dll - Event Resource Module
  • MpOAv.dll - IOfficeAntiVirus Module
  • MpRTP.dll - AntiMalware Realtime Monitor
  • MpSvc.dll - Service Module
  • MpTpmAtt.dll - TPM Attestation
  • MpUtil.dll - Sample / Spynet Submission
  • MsMpCom.dll - COM Utility
  • MsMpEng.exe - Antimalware Service Executable
  • mpuxhostproxyoob.dll - Microsoft Security Client (COM Proxy for mpuxhost (MP Modern shell host))
  • MpUxSrvOob.exe - MP modern host server
  • MsMpRes.dll - User Interface Resource Module
  • msseces.exe - Microsoft Security Client User Interface
  • setup.exe - Microsoft Security Client Setup
  • setupres.dll - Microsoft Security Client Setup Resources
  • shellext.dll - Microsoft Security Client Shell Extension
  • MsMpLics.dll - Microsoft Antimalware (License Module)
  • ProtectionMgmt.dll - Protection Management WMIv2 Provider
  • EppManifest.dll - Windows Intune (Intune Resource Module)
  • sqmapi.dll - SQM Client

Program behaviorsBehaviors exhibited

Autoplay Handler
  • shellext.dll is registered as an AutoPlay event handler named 'RhapsodyRipCDAudioOnArrival' with the ProgID of 'Rhapsody.AudioCDRip.3' and the action verb 'rip.
Context Menu Handler
  • shellext.dll added to Windows Explorer under the name 'XXX Groove GFS Context Menu Handler XXX' with a class of {6C467336-8281-4E60-8204-430CED96822D}.
Mozilla Plugin
  • shellext.dll is loaded into Mozilla Firefox under the product name 'Office Authorization' with a plugin key of [email protected]/OfficeAuthz,version=14.0' for all users of the PC.
5 Scheduled Tasks
  • MpCmdRun.exe is scheduled as a task named 'MSE' (runs weekly on Sundays at 22:52).
  • msseces.exe is scheduled as a task with the class '{35BC935B-C039-48C5-95BD-D01740252D58}' (runs on registration).
  • MsMpEng.exe is scheduled as a task with the class '{36EFC519-FFC0-44BA-A865-06780C54FA6D}' (runs on registration).
  • Setup.exe is scheduled as a task with the class '{EAC44AF3-B6F9-401D-8A78-249D0D819684}' (runs on registration).
  • MsMpRes.dll is scheduled as a task named 'Microsoft-Windows-TaskScheduler_Operational_Microsoft-Windows-TaskScheduler_103'.
2 Scheduled Tasks (Boot/Login)
  • MpCmdRun.exe is automatically launched at startup through a scheduled task named Microsoft Security Essentials-Startup.
  • msseces.exe is automatically launched at startup through a scheduled task named MSC (5).
2 Services
  • NisSrv.exe runs as a service named [email protected]:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243' (NisSrv) "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols".
  • MsMpEng.exe runs as a service named 'MsMpSvc' (MsMpSvc).
3 Startup Files (User Run)
  • MpCmdRun.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Microsoft Malware Protection Command Line Utility' and executes as C:\Program Files\Microsoft Security Client\MpCmdRun.exe.
  • msseces.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Microsoft Security Client User Interface' and executes as C:\Program Files\Microsoft Security Client\msseces.exe.
  • MsMpEng.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'New startup' and executes as "C:\Program Files\Microsoft Security Client\MsMpEng.exe".
Startup File (User Run Once)
  • msseces.exe is loaded once in the current user (HKCU) registry as a startup file name 'Application Restart #0' which loads as C:\Program Files\Microsoft Security Client\msseces.exe -Recover.
2 Startup Files (All Users Run)
  • msseces.exe is loaded in the all users (HKLM) registry as a startup file name 'MSSE' which loads as C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey.
  • MsMpEng.exe is loaded in the all users (HKLM) registry as a startup file name 'MsMpEng' which loads as C:\Program Files\Microsoft Security Client\MsMpEng.exe.
4 Windows Firewall Allowed Programs
  • msseces.exe is added as a firewall exception for 'C:\Program Files\Microsoft Security Client\msseces.exe'.
  • shellext.dll is added as a firewall exception for 'C:\users\user\appdata\Local\Temp\30985.exe'.
  • MsMpEng.exe is added as a firewall exception for 'C:\Program Files\Microsoft Security Client\MsMpEng.exe'.
  • MpCmdRun.exe is added as a firewall exception for 'C:\Program Files\Microsoft Security Client\MpCmdRun.exe'.

Program resource utilizationResource utilization averages

MpCmdRun.exe
Memory:564 KB
21.09 MB average
Total CPU:0.1615348063%
0.031193% average
Kernel CPU:0.13167757%
0.016088% average
User CPU:0.02985724%
0.015104% average
MsMpEng.exe
Memory:93.98 MB
Total CPU:0.0073768926%
Kernel CPU:0.00499648%
User CPU:0.00238042%
CPU cycles/sec:31,319,887
Switches/sec:24
I/O reads/min:5.84 MB
I/O writes/min:1.78 MB
NisSrv.exe
Memory:9.39 MB
Total CPU:0.0019590863%
Kernel CPU:0.00047169%
User CPU:0.00148740%
CPU cycles/sec:29,554
I/O reads/min:2 Bytes
I/O writes/min:23 Bytes

How do I remove Windows Intune Endpoint Protection?

Quickly and completely remove Windows Intune Endpoint Protection from your computer by downloading "Should I Remove It?", its 100% FREE and installs in seconds (click the button below).
Or, you can uninstall Windows Intune Endpoint Protection from your computer by using the Add/Remove Program feature in the Window's Control Panel.
  1. On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
    • Windows Vista/7/8: Click Uninstall a Program.
    • Windows XP: Click Add or Remove Programs.
  2. When you find the program Windows Intune Endpoint Protection, click it, and then do one of the following:
    • Windows Vista/7/8: Click Uninstall.
    • Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
  3. Follow the prompts. A progress bar shows you how long it will take to remove Windows Intune Endpoint Protection.

How do I reset my web browser?

If your web browser homepage and search settings have been modfied by Windows Intune Endpoint Protection you can restore them to their previous default settings.
Microsoft Internet Explorer
Mozilla Firefox
Google Chrome

OS VERSIONS
Win 7 (SP1) 52%
Win Vista (SP2) 2%
 
HOW IT STARTS
Automatically starts? Yes
(Found in the run registry)
 
USER ACTIONS
Uninstall it 1%
Keep it 99%

Windows OS versionsWindows

Which Windows OS versions does it run on?
Windows 7 51.52%
Windows 8 46.97%
Windows Vista 1.52%
Which OS releases does it run on?
Windows 7 Professional 27.27%
Windows 7 Enterprise 18.18%
Windows 8.1 Pro 15.15%
Windows 8 Pro 10.61%
Windows 8 Enterprise 9.09%
Windows 8.1 Enterprise 9.09%

Distribution by countryGeography

48.48% of installs come from the United States
Which countries install it?
  United States 48.48%
  United Kingdom 9.09%
  Germany 6.06%
  Australia 4.55%
  DK 4.55%
  Belgium 3.03%
  Netherlands 3.03%
  Japan 3.03%
  Italy 1.52%
  Saudi Arabia 1.52%
  Hungary 1.52%
  Portugal 1.52%
  Finland 1.52%
  Norway 1.52%

OEM distributionPC manufacturers

What PC manufacturers (OEMs) have it installed?
Dell 35.09%
Lenovo 26.32%
Hewlett-Packard 15.79%
Acer 7.02%
GIGABYTE 5.26%
ASUS 3.51%
Samsung 1.75%
Apple 1.75%
Intel 1.75%
Toshiba 1.75%
Common models
Dell Latitude E6530 3.17%
Microsoft Corporation Sur... 3.17%
Dell Precision M4500 3.17%
Gateway NE56R 3.17%
Dell Precision M4700 3.17%
Dell Vostro 3350 1.59%

About Microsoft

Microsoft Corporation develops, manufactures, licenses and supports a variety of products and services related to computing.
Publisher URL: www.microsoft.com

commentsComments

user comment
No one has commented yet. Help others learn more about this software, share your comments.