Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

8.1.0.33 10.00%
8.0.0.9 30.00%
7.0.0.22 20.00%
7.0.0.13 10.00%
7.0.0.10 10.00%
7.0.0.9 10.00%
7.0.0.8 10.00%

Relationships

Parent process
Related files

PE structurePE file structure
Show functions
Import table
a2engine.dll
ScanBootRecordsEx, ScanProcessEx, ScanMemoryEx, ScanTracesEx, ScanCookiesEx, ScanDirectoryEx, ScanFileEx, GetDefaultIncludeExtensionList, GetDefaultExcludeExtensionList, CloseScanTaskHandle, ChangeScanTaskPriority, GetScanEngineInformationString, ScanBootRecords, FreeScanBufferString, ScanBuffer, ScanProcess, ScanMemory, ScanTraces, ScanCookies, ScanDirectory, ScanFile, WaitForScanTaskToFinish, StopScanTask, ResumeScanTask, PauseScanTask, RequestScanTaskStatus, ClearWhiteList, RemoveItemFromWhiteList, AddItemToWhiteList, GetScanSettings, SetScanSettings, GetSignatureCount, LoadSignatureDatabase, SetDatabaseDirectoryPath, IsDdaDriverInstalled, UninstallDdaDriver, InstallDdaDriver
advapi32.dll
RegQueryValueExW, RegOpenKeyExW, RegCloseKey, SetSecurityDescriptorDacl, RevertToSelf, ReportEventW, RegisterEventSourceW, RegUnLoadKeyW, RegSetValueExW, RegSaveKeyW, RegRestoreKeyW, RegReplaceKeyW, RegQueryValueExA, RegQueryInfoKeyW, RegOpenKeyExA, RegLoadKeyW, RegFlushKey, RegEnumValueW, RegEnumKeyExA, RegEnumKeyExW, RegDeleteValueW, RegDeleteKeyW, RegCreateKeyExW, RegConnectRegistryW, OpenProcessToken, LookupPrivilegeValueW, LookupPrivilegeNameA, LookupPrivilegeNameW, LookupAccountSidW, LogonUserW, IsValidSid, InitializeSecurityDescriptor, ImpersonateLoggedOnUser, GetUserNameA, GetUserNameW, GetTokenInformation, GetSecurityDescriptorDacl, GetAce, FreeSid, DuplicateTokenEx, DeregisterEventSource, CreateProcessAsUserW, AllocateAndInitializeSid, AdjustTokenPrivileges, UnlockServiceDatabase, StartServiceW, StartServiceCtrlDispatcherW, SetServiceStatus, SetServiceObjectSecurity, RegisterServiceCtrlHandlerW, QueryServiceStatus, QueryServiceObjectSecurity, QueryServiceConfigW, OpenServiceW, OpenSCManagerW, LockServiceDatabase, DeleteService, CreateServiceW, ControlService, CloseServiceHandle, ChangeServiceConfigW, CryptEncrypt, CryptImportKey, CryptDestroyKey, CryptReleaseContext, CryptAcquireContextW, SetNamedSecurityInfoW, SetEntriesInAclA, SetEntriesInAclW, BuildExplicitAccessWithNameA, ChangeServiceConfig2W
comctl32.dll
ImageList_Destroy, ImageList_Add, ImageList_Create, InitializeFlatSB, FlatSB_SetScrollProp, FlatSB_SetScrollPos, FlatSB_SetScrollInfo, FlatSB_GetScrollPos, FlatSB_GetScrollInfo, _TrackMouseEvent, ImageList_GetImageInfo, ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_Copy, ImageList_LoadImageW, ImageList_GetIcon, ImageList_Remove, ImageList_DrawEx, ImageList_Replace, ImageList_Draw, ImageList_SetOverlayImage, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_SetImageCount, ImageList_GetImageCount
crypt32.dll
CryptQueryObject, CertGetNameStringW, CertFindCertificateInStore, CertCloseStore, CryptMsgGetParam, CryptMsgClose
gdi32.dll
UnrealizeObject, TextOutA, StretchDIBits, StretchBlt, StartPage, StartDocW, SetWindowOrgEx, SetWinMetaFileBits, SetViewportOrgEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetMapMode, SetEnhMetaFileBits, SetDIBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SetAbortProc, SelectPalette, SelectObject, SaveDC, RoundRect, RestoreDC, Rectangle, RectVisible, RealizePalette, Polyline, Polygon, PolyBezierTo, PolyBezier, PlayEnhMetaFile, Pie, PatBlt, MoveToEx, MaskBlt, LineTo, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsW, GetTextExtentPointW, GetTextExtentPoint32A, GetTextExtentPoint32W, GetSystemPaletteEntries, GetStockObject, GetRgnBox, GetPixel, GetPaletteEntries, GetObjectW, GetMapMode, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileDescriptionW, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetCurrentObject, GetClipBox, GetBrushOrgEx, GetBitmapBits, FrameRgn, ExtTextOutW, ExtFloodFill, ExcludeClipRect, EnumFontsW, EnumFontFamiliesExW, EndPage, EndDoc, Ellipse, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreateRectRgnIndirect, CreateRectRgn, CreatePenIndirect, CreatePalette, CreateICW, CreateHalftonePalette, CreateFontIndirectA, CreateFontIndirectW, CreateFontA, CreateDIBitmap, CreateDIBSection, CreateDCW, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileW, CombineRgn, Chord, BitBlt, Arc, AbortDoc, TranslateCharsetInfo
iphlpapi.dll
GetAdaptersInfo, GetNumberOfInterfaces
kernel32.dll
lstrcmpiA, LoadLibraryA, LocalFree, LocalAlloc, GetACP, Sleep, VirtualFree, VirtualAlloc, GetSystemInfo, GetTickCount, QueryPerformanceCounter, GetVersion, GetCurrentThreadId, VirtualQuery, WideCharToMultiByte, SetCurrentDirectoryW, MultiByteToWideChar, lstrlenW, lstrcpynW, LoadLibraryExW, IsValidLocale, GetSystemDefaultUILanguage, GetStartupInfoA, GetProcAddress, GetModuleHandleW, GetModuleFileNameW, GetUserDefaultUILanguage, GetLocaleInfoW, GetLastError, GetCurrentDirectoryW, GetCommandLineW, FreeLibrary, FindFirstFileW, FindClose, ExitProcess, ExitThread, CreateThread, CompareStringW, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, CreateFileW, CloseHandle, TlsSetValue, TlsGetValue, DllMain, GetVolumePathNamesForVolumeNameW, GetVolumeNameForVolumeMountPointW, FindVolumeClose, FindNextVolumeW, FindFirstVolumeW, SetFilePointerEx, GetLongPathNameW
msimg32.dll
AlphaBlend
ntdll.dll
RtlInitUnicodeString, NtQuerySymbolicLinkObject, NtOpenSymbolicLinkObject, NtOpenDirectoryObject, NtClose
ole32.dll
CoTaskMemFree, StringFromCLSID, OleUninitialize, OleInitialize, CoTaskMemAlloc, CoCreateGuid, CoCreateInstance, IsEqualGUID
oleaut32.dll
SysFreeString, SysReAllocStringLen, SysAllocStringLen, SafeArrayPtrOfIndex, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopy, VariantClear, VariantInit
sfc.dll
SfcIsFileProtected
shell32.dll
SHFileOperationW, ShellExecuteA, ShellExecuteW, SHGetSpecialFolderPathW
user32.dll
LoadStringW, MessageBoxA, CharNextW, DllMain
version.dll
VerQueryValueA, VerQueryValueW, GetFileVersionInfoSizeA, GetFileVersionInfoSizeW, GetFileVersionInfoA, GetFileVersionInfoW
winspool.drv
OpenPrinterW, EnumPrintersW, DocumentPropertiesW, ClosePrinter, GetDefaultPrinterW
wintrust.dll
WinVerifyTrust, CryptCATAdminReleaseCatalogContext, CryptCATCatalogInfoFromContext, CryptCATAdminEnumCatalogFromHash, CryptCATAdminCalcHashFromFileHandle, CryptCATAdminReleaseContext, CryptCATAdminAcquireContext
Export table
EurekaLog_AttachedFilesRequestEvent
EurekaLog_CallCreateThread
EurekaLog_CallExceptObject
EurekaLog_CallExitThread
EurekaLog_CallGeneralRaise
EurekaLog_CallResumeThread
EurekaLog_CustomButtonClickEvent
EurekaLog_CustomDataRequestEventEx
EurekaLog_CustomWebFieldsRequestEvent
EurekaLog_ExceptionActionNotifyEvent
EurekaLog_ExceptionErrorNotifyEvent
EurekaLog_ExceptionNotifyEvent
EurekaLog_HandledExceptionNotifyEvent
EurekaLog_LastDelphiException
EurekaLog_PasswordRequestEvent
EurekaLog_PasswordRequestEventEx
ExceptionManager

a2service.exe

Emsisoft Anti-Malware by Emsisoft GmbH (Signed)

Remove a2service.exe
Version:   7.0.0.10
MD5:   c753789dfc2e3bcc3a273ff325ac0e44
SHA1:   3c739f6176eeb2fc25bba52d8cc968b866e0aaaa
SHA256:   b5977389f248d466c0561d3745a2b5ddd4a0a2f0aaea555302493af6341f6759

Overview

a2service.exe runs as a service under the name a2AntiMalware (a2AntiMalware) with extensive SYSTEM privileges (full administrator access). This is typically installed with the program Emsisoft Anti-Malware published by Emsisoft GmbH. The file is digitally signed by Emsisoft GmbH which was issued by the DigiCert Inc certificate authority (CA).

DetailsDetails

File name:a2service.exe
Publisher:Emsisoft GmbH
Product name:Emsisoft Anti-Malware
Description:Emsisoft Anti-Malware Service
Typical file path:C:\Program Files\emsisoft anti-malware\a2service.exe
File version:7.0.0.10
Product version:7.0.0.0
Size:2.94 MB (3,085,736 bytes)
Certificate
Issued to:Emsisoft GmbH
Authority (CA):DigiCert Inc
Effective date:Thursday, April 12, 2012
Expiration date:Tuesday, June 16, 2015
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
Emsisoft Anti-Malware
 Emsisoft GmbH
8% remove
Emsisoft Anti-Malware (formerly named a-squared Anti-Malware) is a antivirus and antispyware protection suite developed by Austria-based Emsisoft GmbH. The program makes use of three different security layers and has a dual-engine scanner (BitDefender and Emsisoft's own Anti-Malware scanner) with more than 13 million signatures. Behavior blocker which is developed inhouse since 2005 and is able to detect unknown zero-day attacks without...

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • a2AntiMalware
  • 'a2AntiMalware' (Emsisoft Anti-Malware 6.0 - Service)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00193321%
0.028634%
Kernel CPU:0.00092674%
0.013761%
User CPU:0.00100646%
0.014873%
Kernel CPU time:3,744,024 ms/min
100,923,805ms/min
Memory
Private memory:37.33 MB
21.59 MB
Private (maximum):6.97 MB
Private (minimum):220 KB
Non-paged memory:37.33 MB
21.59 MB
Virtual memory:131.75 MB
140.96 MB
Virtual memory (peak):133.09 MB
169.69 MB
Working set:3.44 MB
18.61 MB
Working set (peak):36.14 MB
37.95 MB
Resource allocations
Threads:20
12
Handles:233
600

BehaviorsProcess properties

Integrety level:Undefined
Platform:64-bit
Command line:"C:\Program Files\emsisoft anti-malware\a2service.exe"
Owner:SYSTEM
Windows Service
Service name:a2AntiMalware
Display name:a2AntiMalware
Description:“Scans the PC for unwanted software and provides protection from malicious code”
Type:Win32OwnProcess
Parent process:services.exe (Services and Controller app by Microsoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Microsoft Windows XP 40.00%
Windows 7 Home Premium 30.00%
Windows 8 10.00%
Windows 7 Professional 10.00%
Windows 7 Ultimate 10.00%

Distribution by countryDistribution by country

Slovakia installs about 40.00% of Emsisoft Anti-Malware.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Sony 40.00%
Dell 40.00%
GIGABYTE 20.00%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE