Should I block it?

No, this file is 100% safe to run.

Relationships

Parent processes
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
GetTokenInformation, LookupAccountSidW, RegOpenKeyExA, RegQueryValueExA, ConvertSidToStringSidW, LookupPrivilegeValueW, AdjustTokenPrivileges, RegCloseKey, RegQueryValueExW, RegOpenKeyExW, FreeSid, RevertToSelf, AccessCheck, IsValidSecurityDescriptor, SetSecurityDescriptorOwner, ReportEventW, DeregisterEventSource, RegisterEventSourceW, ImpersonateLoggedOnUser, OpenProcessToken, RegDisablePredefinedCache, SetThreadToken, RegEnumValueW, EqualSid, GetSecurityInfo, GetSecurityDescriptorDacl, BuildExplicitAccessWithNameW, SetEntriesInAclW, SetSecurityInfo, CreateProcessAsUserW, GetUserNameW, RegCreateKeyExW, RegSetValueExW, ImpersonateSelf, OpenThreadToken, SetSecurityDescriptorGroup, SetSecurityDescriptorDacl, AddAccessAllowedAce, InitializeAcl, GetLengthSid, AllocateAndInitializeSid, DuplicateTokenEx, InitializeSecurityDescriptor
comctl32.dll
_TrackMouseEvent
gdi32.dll
GetTextExtentPoint32W, CreateSolidBrush, CreatePen, CreateCompatibleBitmap, CreateCompatibleDC, SelectObject, SetPixel, BitBlt, GetPixel, RoundRect
kernel32.dll
ExpandEnvironmentStringsA, HeapSize, HeapReAlloc, InterlockedExchangeAdd, HeapDestroy, GetCurrentThreadId, IsProcessorFeaturePresent, IsDebuggerPresent, UnhandledExceptionFilter, GetSystemTimeAsFileTime, SetUnhandledExceptionFilter, DecodePointer, EncodePointer, HeapSetInformation, InterlockedCompareExchange, GetEnvironmentVariableW, GetLogicalDriveStringsW, GetFileAttributesExW, GetPrivateProfileSectionW, GlobalMemoryStatusEx, RaiseException, GetTimeFormatW, GetCurrentDirectoryW, OpenFileMappingW, CreateFileMappingW, UnmapViewOfFile, MapViewOfFile, OpenEventW, lstrcpynW, CreateDirectoryW, QueryDosDeviceW, Beep, MoveFileExW, GetLongPathNameW, GetProcessHeap, HeapAlloc, HeapFree, InterlockedExchange, RemoveDirectoryW, GetWindowsDirectoryW, GetTempPathW, ReleaseSemaphore, CreateSemaphoreW, InitializeCriticalSectionAndSpinCount, GetVolumeInformationW, FileTimeToSystemTime, BackupRead, GetSystemInfo, VerSetConditionMask, VerifyVersionInfoW, GlobalAlloc, GlobalFree, GetStartupInfoW, TerminateProcess, GetLocaleInfoW, GetUserDefaultUILanguage, GetCurrentThread, CreateMutexW, FormatMessageW, LocalAlloc, GetSystemDirectoryW, LoadLibraryA, lstrlenW, GetVersionExW, QueryPerformanceCounter, SetErrorMode, SetLastError, SetFileAttributesW, CreateProcessW, LoadLibraryExW, GetPrivateProfileIntW, WritePrivateProfileStringW, DeviceIoControl, MultiByteToWideChar, GetPriorityClass, SetPriorityClass, CreateToolhelp32Snapshot, OpenThread, Thread32Next, Thread32First, FlushFileBuffers, ResumeThread, SuspendThread, GetDiskFreeSpaceExW, ExitThread, GetProcAddress, WriteFile, GetDriveTypeW, SetFilePointer, GetSystemTime, FindNextFileW, FindClose, GetFileAttributesW, GetTickCount, FindFirstFileW, InterlockedDecrement, InterlockedIncrement, GetComputerNameW, GetExitCodeProcess, CopyFileW, GetModuleHandleW, GetProcessAffinityMask, GetCurrentProcess, LocalFree, GetLastError, OpenProcess, CreateThread, GetCurrentProcessId, WaitForMultipleObjects, CreateEventW, LockResource, ResetEvent, SetThreadPriority, GetModuleFileNameW, SizeofResource, Sleep, TerminateThread, LoadLibraryW, SetEvent, WaitForSingleObject, LoadResource, FreeLibrary, FindResourceW, FindResourceExW, SystemTimeToFileTime, DeleteFileW, CloseHandle, DeleteCriticalSection, EnterCriticalSection, CreateFileW, ReadFile, LeaveCriticalSection, InitializeCriticalSection, GetFileSize, GetLocalTime, GetPrivateProfileStringW, GetDateFormatW
mfc100u.dll
DllMain
msvcp100.dll
DllMain
msvcr100.dll
DllMain
netapi32.dll
NetApiBufferFree, NetWkstaGetInfo, DsEnumerateDomainTrustsW, NetServerEnum
ole32.dll
CoCreateInstance, CoInitialize, CoUninitialize
shell32.dll
ShellExecuteW
user32.dll
IsWindowVisible, GetDesktopWindow, LoadImageW, LoadIconW, DrawIconEx, DestroyIcon, GetMonitorInfoW, GetShellWindow, ReleaseDC, GetDC, ScreenToClient, GetWindowRect, SendMessageW, FillRect, InflateRect, CopyRect, DrawStateW, GetActiveWindow, GetLastActivePopup, MessageBoxW, GetKeyState, EnableWindow, TranslateMessage, PeekMessageW, InvalidateRect, DispatchMessageW, GetParent, MessageBeep, ExitWindowsEx, wsprintfW, LoadStringW, GetSystemMetrics, IsWindow, GetWindowInfo, GetForegroundWindow, MonitorFromWindow
version.dll
GetFileVersionInfoW, GetFileVersionInfoSizeW, VerQueryValueW
winhttp.dll
WinHttpCloseHandle, WinHttpGetProxyForUrl, WinHttpOpen, WinHttpGetIEProxyConfigForCurrentUser
winmm.dll
sndPlaySoundW

avscan.exe

Avira Product Family by Avira Operations GmbH & Co. KG (Signed)

Remove avscan.exe
Version:   14.0.0.383
MD5:   16d5c1349ab024ffad48d8eb62afed13
SHA1:   e6c06f1e441ccfb83e105a419a9fe83453ede5e1

Overview

avscan.exe executes as a process under the SYSTEM account with extensive privileges (the system and the administrator accounts have the same file privileges) typically within the context of its parent sched.exe (Avira Product Family by Avira Operations GmbH & Co. KG). It is installed with a couple of know programs including Avira Free Antivirus published by Avira GmbH and Avira Free Antivirus published by Avira GmbH. The file is digitally signed by Avira Operations GmbH & Co. KG which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:avscan.exe
Publisher:Avira Operations GmbH & Co. KG
Product name:Avira Product Family
Description:On-Demand Scanner
Typical file path:C:\Program Files\avira\antivir desktop\avscan.exe
File version:14.0.0.383
Size:946.07 KB (968,776 bytes)
Build date:9/30/2013 2:55 PM
Certificate
Issued to:Avira Operations GmbH & Co. KG
Authority (CA):VeriSign
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C++ 10.0
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
Avira Free Antivirus
 Avira GmbH
25% remove
Avira AntiVir Personal includes a branded version of the Ask.com Toolbar, a web browser extenstion that provides search advertising and results. Upon installation the user is presented with the option to install the Ask toolbar. If accepted, the toolbar will be installed in the user's web browser (Internet Explorer, Chrome and Firefox) and will modify the home page and search settings.

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.04627575%
0.028634%
Kernel CPU:0.04480125%
0.013761%
User CPU:0.00147451%
0.014873%
Kernel CPU time:18,572 ms/min
100,923,805ms/min
CPU cycles:12,998,708/sec
17,470,203/sec
Memory
Private memory:77.77 MB
21.59 MB
Private (maximum):92.62 MB
Private (minimum):75.73 MB
Non-paged memory:77.77 MB
21.59 MB
Virtual memory:189.54 MB
140.96 MB
Virtual memory (peak):233.89 MB
169.69 MB
Working set:84.81 MB
18.61 MB
Working set (peak):137.63 MB
37.95 MB
Page faults:657,215/min
2,039/min
I/O
I/O read transfer:14.05 MB/sec
1.02 MB/min
I/O read operations:646/sec
343/min
I/O write transfer:608.88 KB/sec
274.99 KB/min
I/O write operations:29/sec
227/min
I/O other transfer:31.74 KB/sec
448.09 KB/min
I/O other operations:288/sec
1,671/min
Resource allocations
Threads:6
12
Handles:180
600
GUI GDI count:76
103
GUI GDI peak:82
142
GUI USER count:36
49
GUI USER peak:38
71

BehaviorsProcess properties

Integrety level:System
Platform:64-bit
Command lines:
  • "C:\Program Files\avira\antivir desktop\avscan.exe" /cfg="C:\Program Files\avira\antivir desktop\sysscan.avp" /guimode=1
  • "C:\Program Files\avira\antivir desktop\avscan.exe" /cfg="C:\ProgramData\avira\antivir desktop\temp\avguard_52737f79\guard_slideup.avp"
Owner:SYSTEM
Parent processes:

ResourcesThreads

Averages
 
avscan.exe (main module)
Total CPU:14.23113085%
0.272967%
Kernel CPU:1.35054112%
0.107585%
User CPU:12.88058973%
0.165382%
CPU cycles:225,704,234/sec
5,741,424/sec
Context switches:2/sec
79/sec
Memory:968 KB
1.16 MB
ntdll.dll
Total CPU:0.00006520%
Kernel CPU:0.00000000%
User CPU:0.00006520%
CPU cycles:37,556/sec
Context switches:1/sec
Memory:1.23 MB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 50.00%
Windows 7 Ultimate 50.00%

Distribution by countryDistribution by country

Philippines installs about 50.00% of Avira Product Family.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Toshiba 50.00%
ASUS 50.00%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE