Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

4,4,3,64051 20.00%
4,0,3,57478 20.00%
3,6,2,47687 20.00%
3,6,2,44641 20.00%
3,4,2,41470 20.00%

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
OpenSCManagerW, RegQueryValueExW, RegQueryInfoKeyW, InitializeSecurityDescriptor, RegDeleteKeyW, SetSecurityDescriptorDacl, RegDeleteValueW, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetSecurityInfo, RegOpenKeyExW, GetSecurityDescriptorSacl, RegEnumKeyExW, RegCloseKey, RegSetValueExW, OpenProcessToken, GetTokenInformation, RegFlushKey, GetUserNameW, LookupAccountNameW, LookupPrivilegeValueW, ImpersonateLoggedOnUser, RegOpenCurrentUser, FreeSid, EqualSid, AllocateAndInitializeSid, CloseServiceHandle, QueryServiceStatus, OpenServiceW, RegCreateKeyExW, CreateProcessAsUserW, DuplicateTokenEx, SetTokenInformation, RegQueryValueExA, ConvertSidToStringSidW, AdjustTokenPrivileges, RevertToSelf
comctl32.dll
InitCommonControlsEx
directui.dll
DirectUI_ComboBox_SetCurSel, DirectUI_GetControlRect, DirectUI_Button_SetCheck, DirectUI_TrackPopupMenu, DirectUI_MoveEx, DirectUI_GetStringItem, DirectUI_LoadSkinResourceFromFolder, DirectUI_GetStringLength, DirectUI_UpdateSkin, DirectUI_SetControlPos, DirectUI_EnableControl, DirectUI_ComboBox_AddString, DirectUI_SubclassWindow, DirectUI_ComboBox_GetCurSel
imm32.dll
ImmDisableIME
iphlpapi.dll
GetAdaptersAddresses
kernel32.dll
SetProcessShutdownParameters, ReleaseMutex, CloseHandle, LocalFree, GetPrivateProfileStringW, WritePrivateProfileSectionW, WritePrivateProfileStringW, GetVersionExW, CreateDirectoryW, LoadLibraryW, SetLastError, Process32FirstW, ProcessIdToSessionId, Process32NextW, CreateToolhelp32Snapshot, GetCurrentProcessId, WideCharToMultiByte, WTSGetActiveConsoleSessionId, GetFileSize, WriteFile, ReadFile, CreateFileW, IsDBCSLeadByteEx, SystemTimeToFileTime, GetLocalTime, DeleteFileW, GetFileSizeEx, CreateProcessW, InitializeCriticalSectionAndSpinCount, lstrlenA, SetFilePointer, SetEndOfFile, CreateFileA, GlobalAlloc, GlobalFree, Sleep, GetSystemInfo, GlobalMemoryStatusEx, SetErrorMode, GetCommandLineW, SetEnvironmentVariableA, CompareStringW, CompareStringA, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetLocaleInfoW, GetStringTypeW, GetStringTypeA, IsValidLocale, EnumSystemLocalesA, GetLocaleInfoA, GetUserDefaultLCID, GetDateFormatA, GetTimeFormatA, SetConsoleCtrlHandler, GetTickCount, QueryPerformanceCounter, GetEnvironmentStringsW, FreeEnvironmentStringsW, FlushFileBuffers, GetStartupInfoA, CreateEventW, SetHandleCount, GetConsoleMode, GetConsoleCP, IsValidCodePage, GetOEMCP, GetCurrentThreadId, GetCurrentThread, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, GetModuleFileNameA, GetStdHandle, ExitProcess, FatalAppExitA, HeapCreate, GetCPInfo, LCMapStringW, LCMapStringA, RtlUnwind, GetStartupInfoW, CreateThread, ExitThread, GetSystemTimeAsFileTime, GetFileAttributesW, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, LoadLibraryA, GetModuleHandleA, GetProcessHeap, HeapSize, HeapReAlloc, HeapFree, SizeofResource, OpenProcess, InitializeCriticalSection, GetModuleHandleW, SetEvent, InterlockedCompareExchange, WaitForSingleObject, GetCurrentProcess, InterlockedDecrement, InterlockedIncrement, LoadLibraryExW, LoadResource, FreeLibrary, FindResourceW, FindResourceExW, UnmapViewOfFile, MapViewOfFile, CreateMutexW, Module32NextW, VirtualProtect, Module32FirstW, IsWow64Process, AddVectoredExceptionHandler, RemoveVectoredExceptionHandler, LockResource, CreateFileMappingW, EnterCriticalSection, GetProcAddress, GetLastError, InterlockedExchange, GetPrivateProfileIntW, RaiseException, FlushInstructionCache, lstrlenW, MultiByteToWideChar, GetTimeZoneInformation, GetModuleFileNameW, HeapAlloc, HeapDestroy, OpenEventW, DeleteCriticalSection, GetACP, lstrcmpiW, GetFileType, LeaveCriticalSection, DeviceIoControl
log.dll
WriteLog, CreateLog
ole32.dll
CoUninitialize, CoCreateInstance, CoTaskMemRealloc, CoTaskMemAlloc, CoCreateGuid, CoTaskMemFree, CoInitialize
rpcrt4.dll
UuidCreate, UuidToStringW, RpcStringFreeW
shell32.dll
SHGetSpecialFolderPathW, SHAppBarMessage, SHGetFolderPathW, Shell_NotifyIconW
shlwapi.dll
PathAppendW, StrStrIW, SHDeleteKeyW, PathFindFileNameW, PathAddBackslashW, PathAddExtensionW, PathRemoveFileSpecW, PathIsDirectoryW, PathFileExistsW, StrRChrW, PathFindExtensionW
user32.dll
TranslateMessage, PeekMessageW, SetWindowLongW, CreateWindowExW, SendMessageW, IsWindow, RegisterClassExW, DefWindowProcW, GetWindowThreadProcessId, DispatchMessageW, GetClassInfoExW, LoadCursorW, PostMessageW, LoadImageW, RegisterWindowMessageW, CharNextW, GetMessageW, SetCursor, DestroyWindow, DestroyIcon, GetSystemMetrics, LoadStringW, LoadIconW, KillTimer, SetTimer, GetWindow, CallWindowProcW, GetMonitorInfoW, SetWindowTextW, DestroyMenu, UnregisterClassA, GetParent, TranslateAcceleratorW, GetWindowRect, MonitorFromPoint, SetForegroundWindow, LoadStringA, PostQuitMessage, AttachThreadInput, MessageBeep, WindowFromPoint, GetClientRect, SetFocus, GetMenuItemInfoW, PtInRect, GetForegroundWindow, TrackPopupMenuEx, InvalidateRect, GetWindowLongW, AppendMenuW, EnableMenuItem, MonitorFromWindow, GetDesktopWindow, SetWindowPos, GetCursorPos, ShowWindow, CreatePopupMenu, CreateDialogParamW, GetMenuItemCount, RemoveMenu, SetMenuDefaultItem, MapWindowPoints
userenv.dll
CreateEnvironmentBlock, DestroyEnvironmentBlock
version.dll
GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW
winhttp.dll
WinHttpSetCredentials, WinHttpReadData, WinHttpAddRequestHeaders, WinHttpOpen, WinHttpQueryHeaders, WinHttpCloseHandle, WinHttpConnect, WinHttpWriteData, WinHttpSendRequest, WinHttpSetOption, WinHttpReceiveResponse, WinHttpOpenRequest, WinHttpCreateUrl
wtsapi32.dll
WTSQueryUserToken, WTSEnumerateSessionsW, WTSFreeMemory

bavtray.exe

Baidu Antivirus by Baidu Online Network Technology (Beijing)Co. (Signed)

Remove bavtray.exe
Version:   3,6,2,47687
MD5:   4196e5f5400ed3c1eff4db5acbbac423
SHA1:   bc20d8cc7e5214b66b4c9c6118b336f0ba8413f2

Overview

bavtray.exe executes as a process with the local user's privileges. It is set to be start when the PC boots and any user logs into Windows (added to the Run registry key for the all users under the local machine). It is installed with a couple of know programs including Baidu Antivirus published by Baidu, Inc. and Baidu Antivirus published by Baidu, Inc.. The file is digitally signed by Baidu Online Network Technology (Beijing)Co. which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:bavtray.exe
Publisher:Baidu, Inc.
Product name:Baidu Antivirus
Description:Baidu Antivirus Tray Application
Typical file path:C:\Program Files\baidu security\baidu antivirus\bavtray.exe
File version:3,6,2,47687
Size:677.35 KB (693,608 bytes)
Build date:10/24/2013 3:34 PM
Certificate
Issued to:Baidu Online Network Technology (Beijing)Co.
Authority (CA):VeriSign
Digital DNA
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
Baidu, Inc.
18% remove
Baidu Antivirus protects your computer against malware, phishing and malicious websites, worms, and trojans. Remove viruses. Free download and permanently free in future use. Baidu Antivirus consists of Antivirus, Cloud Scan, HIPS, Firewall, Anti-phishing.

BehaviorsBehaviors

Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'Baidu Antivirus' → "C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" -auto

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 8.1 Pro 20.00%
Windows 8.1 20.00%
Windows 7 Professional 20.00%
Microsoft Windows XP 20.00%
Windows 7 Ultimate 20.00%

Distribution by countryDistribution by country

Egypt installs about 40.00% of Baidu Antivirus.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 40.00%
Compaq 40.00%
Acer 20.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE