Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

12.0.104.000 11.76%
11.0.768.000 5.88%
11.0.000.504 5.88%
11.0.000.504 17.65%
11.0.000.057 5.88%
11.0.000.057 5.88%
11.0.000.020 5.88%
10.2.081.000 5.88%
10.2.078.000 5.88%
10.2.074.000 5.88%
10.2.064.000 5.88%
10.2.057.000 5.88%
10.2.047.000 5.88%
10.2.047.000 5.88%

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
RegQueryValueExA, RegOpenKeyExA, RegCreateKeyExA, RegCloseKey, RegDeleteValueA, RegDeleteKeyA, RegQueryInfoKeyA, RegEnumKeyExA, RegSetValueExA
kernel32.dll
InitializeCriticalSection, DeleteCriticalSection, GetLastError, GetProcAddress, GetModuleHandleA, lstrlenA, lstrcmpiA, DisableThreadLibraryCalls, InterlockedIncrement, InterlockedDecrement, GetModuleFileNameA, GetModuleHandleW, IsDBCSLeadByte, FreeLibrary, SizeofResource, LoadResource, FindResourceA, LoadLibraryExA, FindClose, FindFirstFileW, lstrcatA, GlobalUnlock, GlobalLock, CloseHandle, LeaveCriticalSection, CreateEventA, lstrcpynA, lstrcpynW, CreateProcessA, GetFileAttributesA, WriteFile, CreateFileA, GetTempFileNameA, GetTempPathA, GetUserDefaultLangID, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, InterlockedCompareExchange, Sleep, InterlockedExchange, EnterCriticalSection, RaiseException, lstrlenW, WideCharToMultiByte, MultiByteToWideChar, LoadLibraryA, GetSystemTimeAsFileTime, WaitForSingleObject
msvcp90.dll
DllMain
msvcr90.dll
DllMain
ole32.dll
CoTaskMemRealloc, CoTaskMemFree, CoCreateInstance, StringFromGUID2, ReleaseStgMedium, CoTaskMemAlloc
shell32.dll
DragQueryFileA, DragQueryFileW
user32.dll
CharNextA, CharNextW, SetMenuItemBitmaps, InsertMenuA, LoadBitmapA, LoadStringA
Export table
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

zlavscan.dll

zlavscan shell extension by Check Point Software Technologies Ltd. (Signed)

Remove zlavscan.dll
Version:   11.0.000.057
MD5:   6903dc98f5df5418811bb1133ce63a95
SHA1:   2872cc92e94b24d7cfab975ad6cde0bec5546d50

What is zlavscan.dll?

Check Point's ZoneAlarm ForceField is designed to secure Web browsing sessions through the use of browser virtualization, inline download scanning and DNS validation services.

About zlavscan.dll (from Check Point Software Technologies Ltd.)

ZoneAlarm Security Toolbar is keeping you protected and connected.

Overview

zlavscan.dll is loaded as dynamic link library that runs in the context of a process. The file is digitally signed by Check Point Software Technologies Ltd. which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:zlavscan.dll
Publisher:Check Point Software Technologies LTD
Product name:zlavscan shell extension
Typical file path:C:\Program Files\checkpoint\zonealarm\zlavscan.dll
File version:11.0.000.057
Size:95.6 KB (97,896 bytes)
Build date:1/29/2013 11:19 PM
Certificate
Issued to:Check Point Software Technologies Ltd.
Authority (CA):VeriSign
Expiration date:Monday, May 5, 2014
Digital DNA
PE subsystem:Windows Console
File packed:No
Code language:Microsoft Visual C++ 9.0
.NET CLR:No
More details

BehaviorsBehaviors

Context menu handler
Located in '*\shellex\ContextMenuHandlers'
  • Name: 'ZLAVShExt'

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 47.06%
Windows 7 Ultimate 11.76%
Microsoft Windows XP 11.76%
Windows Vista Home Premium 5.88%
Windows Vista Home Basic 5.88%
Windows 8 Pro 5.88%
Windows 7 Ultimate N 5.88%
Windows Vista Ultimate 5.88%

Distribution by countryDistribution by country

United States installs about 52.94% of zlavscan shell extension.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 40.00%
Acer 30.00%
Toshiba 20.00%
Sahara 10.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE