Should I block it?

40%
40% of PCs block this file from running.
Possible reason:
Performance resource utilization

VersionsAdditional versions

7.0.0.5451 1.37%
7.0.0.5260 1.37%
7.0.0.5247 1.37%
7.0.0.5068 1.37%
6.1.0.4463 20.55%
6.0.0.3603 69.86%
6.0.0.3361 4.11%

Relationships

Parent process
Related files

PE structurePE file structure

Show functions
Import table
.\antivirus\bdfltlib.dll
FlSetOptVarlen, FlSetOpt, FlStopScanner, FlStartScanner2, FlStartDriver, FlQueryDriver
advapi32.dll
SetSecurityDescriptorDacl, RegSetValueExA, RegSetValueExW, RegQueryValueExA, RegQueryValueExW, RegQueryInfoKeyW, RegOpenKeyExA, RegOpenKeyExW, RegEnumKeyA, RegDeleteValueA, RegCreateKeyExA, RegCloseKey, OpenProcessToken, LookupPrivilegeValueW, InitializeSecurityDescriptor, GetUserNameA, FreeSid, DuplicateTokenEx, CreateProcessAsUserW, AllocateAndInitializeSid, AdjustTokenPrivileges, StartServiceW, QueryServiceStatus, QueryServiceConfigW, OpenServiceW, OpenSCManagerW, DeleteService, CreateServiceW, ControlService, CloseServiceHandle, ChangeServiceConfigW, EnumServicesStatusW, GetUserNameW
comctl32.dll
ImageList_Destroy, ImageList_Create, InitCommonControls
comdlg32.dll
PrintDlgW, GetSaveFileNameA
datastate.dll
Func, Server, Clear
gdi32.dll
TextOutA, StartPage, StartDocA, SetTextColor, SetMapMode, SetBkMode, SetBkColor, SelectObject, SelectClipRgn, MoveToEx, LineTo, GetTextMetricsW, GetTextFaceA, GetTextExtentPoint32A, GetStockObject, GetRgnBox, GetObjectW, GetDeviceCaps, GdiFlush, EndPage, EndDoc, DeleteObject, DeleteDC, CreateSolidBrush, CreateRectRgnIndirect, CreatePen, CreateFontA, CreateFontW, CreateDIBSection, CreateDCW, CreateCompatibleDC, CombineRgn, BitBlt
kernel32.dll
TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleW, lstrlenW, lstrcmpA, WritePrivateProfileStringW, WriteFile, WinExec, WaitForSingleObject, WaitForMultipleObjects, VirtualQuery, VirtualProtect, VirtualFree, VirtualAlloc, UnmapViewOfFile, TerminateThread, TerminateProcess, SystemTimeToFileTime, SuspendThread, Sleep, SizeofResource, SetWaitableTimer, SetUnhandledExceptionFilter, SetThreadPriority, SetProcessWorkingSetSize, SetLastError, SetFilePointer, SetFileAttributesA, SetEvent, SetEndOfFile, ResumeThread, ResetEvent, RemoveDirectoryA, ReleaseSemaphore, ReleaseMutex, ReadProcessMemory, ReadFile, RaiseException, QueryPerformanceFrequency, QueryPerformanceCounter, QueryDosDeviceW, OutputDebugStringW, OpenProcess, OpenMutexW, OpenFileMappingA, OpenFileMappingW, MoveFileExW, MapViewOfFile, LockResource, LocalSize, LocalFree, LoadResource, LoadLibraryExA, LoadLibraryW, LeaveCriticalSection, IsBadReadPtr, InitializeCriticalSection, GlobalUnlock, GlobalReAlloc, GlobalMemoryStatus, GlobalHandle, GlobalLock, GlobalFree, GlobalAlloc, GetWindowsDirectoryA, GetWindowsDirectoryW, GetVersionExA, GetVersionExW, GetVersion, GetTimeZoneInformation, GetTickCount, GetThreadPriority, GetThreadLocale, GetThreadContext, GetTempPathA, GetSystemTime, GetSystemDirectoryW, GetShortPathNameW, GetProcAddress, GetPriorityClass, GetModuleHandleA, GetModuleFileNameA, GetModuleFileNameW, GetLogicalDriveStringsW, GetLocaleInfoA, GetLocalTime, GetLastError, GetFileType, GetFileTime, GetFileSize, GetFileAttributesA, GetFileAttributesW, GetDriveTypeW, GetDiskFreeSpaceA, GetCurrentThreadId, GetCurrentThread, GetCurrentProcessId, GetCurrentProcess, GetComputerNameA, GetCommandLineA, GetCommandLineW, FreeResource, InterlockedIncrement, InterlockedExchange, InterlockedDecrement, InterlockedCompareExchange, FreeLibrary, FormatMessageA, FindResourceA, FindResourceW, FindNextFileA, FindFirstFileA, FindClose, FileTimeToSystemTime, FileTimeToLocalFileTime, FileTimeToDosDateTime, ExpandEnvironmentStringsA, ExpandEnvironmentStringsW, ExitThread, ExitProcess, EnterCriticalSection, DuplicateHandle, DeleteFileA, DeleteFileW, DeleteCriticalSection, CreateWaitableTimerW, CreateThread, CreateSemaphoreW, CreateRemoteThread, CreateProcessA, CreateProcessW, CreatePipe, CreateMutexA, CreateMutexW, CreateFileMappingA, CreateFileMappingW, CreateFileA, CreateFileW, CreateEventW, CreateDirectoryA, CopyFileA, CopyFileW, CloseHandle, CancelWaitableTimer, Beep, RtlUnwind, GetLongPathNameW
ofcommon.dll
IsEnableUse
ole32.dll
CoCreateInstance, CoSetProxyBlanket, CoInitializeSecurity, CoUninitialize, CoInitialize
oleaut32.dll
VariantClear
psapi.dll
GetProcessImageFileNameW
rtl120.bpl
DllMain, @Sysconst@_SOSError, @Sysconst@_SModuleAccessViolation, @Sysconst@_SExternalException, @Sysconst@_SWriteAccess, @Sysconst@_SReadAccess, @Sysconst@_SPrivilege, @Sysconst@_SControlC, @Sysconst@_SStackOverflow, @Sysconst@_SInvalidCast, @Sysconst@_SUnderflow, @Sysconst@_SOverflow, @Sysconst@_SZeroDivide, @Sysconst@_SInvalidOp, @Sysconst@_SIntOverflow, @Sysconst@_SRangeError, @Sysconst@_SDivByZero, @Activex@Failed$qqrl, @Activex@Succeeded$qqrl, @Classes@initialization$qqrv, @Classes@Finalization$qqrv, @Classes@TDataModule@ReadState$qqrp15Classes@TReader, @Classes@TDataModule@DefineProperties$qqrp14Classes@TFiler, @Classes@TDataModule@DoDestroy$qqrv, @Classes@TDataModule@DoCreate$qqrv, @Classes@TDataModule@BeforeDestruction$qqrv, @Classes@TDataModule@AfterConstruction$qqrv, @Classes@TDataModule@$bctr$qqrp18Classes@TComponent, @Classes@TComponent@QueryInterface$qqsrx5_GUIDpv, @Classes@TComponent@UpdateRegistry$qqrox20System@UnicodeStringt2, @Classes@TComponent@SafeCallException$qqrp14System@TObjectpv, @Classes@TComponent@SetName$qqrx20System@UnicodeString, @Classes@TComponent@ValidateRename$qqrp18Classes@TComponentx20System@UnicodeStringt2, @Classes@TComponent@WriteState$qqrp15Classes@TWriter, @Classes@TComponent@ReadState$qqrp15Classes@TReader, @Classes@TComponent@Loaded$qqrv, @Classes@TComponent@DefineProperties$qqrp14Classes@TFiler, @Classes@TComponent@Notification$qqrp18Classes@TComponent18Classes@TOperation, @Classes@TComponent@BeforeDestruction$qqrv, @Classes@TComponent@$bdtr$qqrv, @Classes@TComponent@$bctr$qqrp18Classes@TComponent, @Classes@TThread@Terminate$qqrv, @Classes@TThread@Resume$qqrv, @Classes@TThread@Synchronize$qqrp15Classes@TThreadynpqqrv$v, @Classes@TThread@DoTerminate$qqrv, @Classes@TThread@AfterConstruction$qqrv, @Classes@TThread@$bdtr$qqrv, @Classes@TThread@$bctr$qqro, @Classes@CheckSynchronize$qqri, @Classes@TFileStream@$bctr$qqrx20System@UnicodeStringus, @Classes@TStream@SetSize64$qqrxj, @Classes@TStream@SetPosition$qqrxj, @Classes@TStringList@SetCaseSensitive$qqrxo, @Classes@TStringList@$bctr$qqrv, @Classes@TStringList@CustomSort$qqrpqqrp19Classes@TStringListii$i, @Classes@TStringList@Sort$qqrv, @Classes@TStringList@SetUpdateState$qqro, @Classes@TStringList@SetSorted$qqro, @Classes@TStringList@SetCapacity$qqri, @Classes@TStringList@PutObject$qqrip14System@TObject, @Classes@TStringList@Put$qqrix20System@UnicodeString, @Classes@TStringList@InsertItem$qqrix20System@UnicodeStringp14System@TObject, @Classes@TStringList@InsertObject$qqrix20System@UnicodeStringp14System@TObject, @Classes@TStringList@Insert$qqrix20System@UnicodeString, @Classes@TStringList@IndexOf$qqrx20System@UnicodeString, @Classes@TStringList@GetObject$qqri, @Classes@TStringList@GetCount$qqrv, @Classes@TStringList@GetCapacity$qqrv, @Classes@TStringList@Get$qqri, @Classes@TStringList@Find$qqrx20System@UnicodeStringri, @Classes@TStringList@Exchange$qqrii, @Classes@TStringList@Delete$qqri, @Classes@TStringList@Clear$qqrv, @Classes@TStringList@Changing$qqrv, @Classes@TStringList@Changed$qqrv, @Classes@TStringList@AddObject$qqrx20System@UnicodeStringp14System@TObject, @Classes@TStringList@Add$qqrx20System@UnicodeString, @Classes@TStringList@$bdtr$qqrv, @Classes@TStrings@GetValueFromIndex$qqri, @Classes@TStrings@SetNameValueSeparator$qqrxb, @Classes@TStrings@GetNameValueSeparator$qqrv, @Classes@TStrings@SetLineBreak$qqrx20System@UnicodeString, @Classes@TStrings@SetValue$qqrx20System@UnicodeStringt1, @Classes@TStrings@SetTextStr$qqrx20System@UnicodeString, @Classes@TStrings@SetText$qqrpb, @Classes@TStrings@SaveToStream$qqrp15Classes@TStreamp18Sysutils@TEncoding, @Classes@TStrings@SaveToStream$qqrp15Classes@TStream, @Classes@TStrings@SaveToFile$qqrx20System@UnicodeStringp18Sysutils@TEncoding, @Classes@TStrings@SaveToFile$qqrx20System@UnicodeString, @Classes@TStrings@Move$qqrii, @Classes@TStrings@LoadFromStream$qqrp15Classes@TStreamp18Sysutils@TEncoding, @Classes@TStrings@LoadFromStream$qqrp15Classes@TStream, @Classes@TStrings@LoadFromFile$qqrx20System@UnicodeStringp18Sysutils@TEncoding, @Classes@TStrings@LoadFromFile$qqrx20System@UnicodeString, @Classes@TStrings@IndexOfObject$qqrp14System@TObject, @Classes@TStrings@IndexOfName$qqrx20System@UnicodeString, @Classes@TStrings@GetValue$qqrx20System@UnicodeString, @Classes@TStrings@GetTextStr$qqrv, @Classes@TStrings@GetText$qqrv, @Classes@TStrings@GetName$qqri, @Classes@TStrings@Error$qqrp20System@TResStringReci, @Classes@TStrings@EndUpdate$qqrv, @Classes@TStrings@DefineProperties$qqrp14Classes@TFiler, @Classes@TStrings@BeginUpdate$qqrv, @Classes@TStrings@Assign$qqrp19Classes@TPersistent, @Classes@TStrings@AddStrings$qqrp16Classes@TStrings, @Classes@TPersistent@AssignTo$qqrp19Classes@TPersistent, @Classes@TPersistent@Assign$qqrp19Classes@TPersistent, @Classes@TList@Notify$qqrpv25Classes@TListNotification, @Classes@TList@IndexOf$qqrpv, @Classes@TList@Grow$qqrv, @Classes@TList@Get$qqri, @Classes@TList@Error$qqrx20System@UnicodeStringi, @Classes@TList@Delete$qqri, @Classes@TList@Clear$qqrv, @Classes@TList@Add$qqrpv, @Classes@TList@$bdtr$qqrv, @$xp$18Classes@TComponent, @Classes@TComponent@, @$xp$15Classes@TThread, @Classes@TThread@, @Classes@TFileStream@, @$xp$19Classes@TStringList, @Classes@TStringList@, @Classes@TList@, @Classes@EListError@, @Typinfo@initialization$qqrv, @Typinfo@Finalization$qqrv, @Typinfo@GetEnumName$qqrp17Typinfo@TTypeInfoi, @Sysutils@initialization$qqrv, @Sysutils@Finalization$qqrv, @Sysutils@TEncoding@GetUnicode$qqrv, @Sysutils@SafeLoadLibrary$qqrx20System@UnicodeStringui, @Sysutils@FreeAndNil$qqrpv, @Sysutils@RaiseLastOSError$qqrv, @Sysutils@GetModuleName$qqrui, @Sysutils@StringReplace$qqrx20System@UnicodeStringt1t149System@%Set$t21Sysutils@Sysutils__15$iuc$0$iuc$1%, @Sysutils@AnsiPos$qqrx20System@UnicodeStringt1, @Sysutils@ExcludeTrailingPathDelimiter$qqrx20System@UnicodeString, @Sysutils@IncludeTrailingPathDelimiter$qqrx20System@UnicodeString, @Sysutils@IsPathDelimiter$qqrx20System@UnicodeStringi, @Sysutils@StrNextChar$qqrpxb, @Sysutils@Exception@ToString$qqrv, @Sysutils@Exception@RaisingException$qqrp25Sysutils@TExceptionRecord, @Sysutils@Exception@GetBaseException$qqrv, @Sysutils@Exception@$bdtr$qqrv, @Sysutils@Exception@$bctr$qqrp20System@TResStringRec, @Sysutils@Exception@$bctr$qqrx20System@UnicodeString, @Sysutils@OutOfMemoryError$qqrv, @Sysutils@Abort$qqrv, @Sysutils@SysErrorMessage$qqrui, @Sysutils@StrToDateTime$qqrx20System@UnicodeStringrx24Sysutils@TFormatSettings, @Sysutils@FormatDateTime$qqrx20System@UnicodeString16System@TDateTimerx24Sysutils@TFormatSettings, @Sysutils@FormatDateTime$qqrx20System@UnicodeString16System@TDateTime, @Sysutils@DateTimeToStr$qqrx16System@TDateTime, @Sysutils@Now$qqrv, @Sysutils@SystemTimeToDateTime$qqrrx11_SYSTEMTIME, @Sysutils@EncodeTime$qqrusususus, @Sysutils@Format$qqrx20System@UnicodeStringpx14System@TVarRecxi, @Sysutils@StrDispose$qqrpb, @Sysutils@StrAlloc$qqrui, @Sysutils@StrPas$qqrpxb, @Sysutils@StrCopy$qqrpbpxb, @Sysutils@ExtractFileExt$qqrx20System@UnicodeString, @Sysutils@ExtractFileName$qqrx20System@UnicodeString, @Sysutils@ExtractFileDir$qqrx20System@UnicodeString, @Sysutils@ExtractFilePath$qqrx20System@UnicodeString, @Sysutils@ChangeFileExt$qqrx20System@UnicodeStringt1, @Sysutils@RenameFile$qqrx20System@UnicodeStringt1, @Sysutils@DeleteFile$qqrx20System@UnicodeString, @Sysutils@FindClose$qqrr19Sysutils@TSearchRec, @Sysutils@FindNext$qqrr19Sysutils@TSearchRec, @Sysutils@FindFirst$qqrx20System@UnicodeStringir19Sysutils@TSearchRec, @Sysutils@FileIsReadOnly$qqrx20System@UnicodeString, @Sysutils@FileSetAttr$qqrx20System@UnicodeStringi, @Sysutils@ForceDirectories$qqr20System@UnicodeString, @Sysutils@DirectoryExists$qqrx20System@UnicodeString, @Sysutils@FileExists$qqrx20System@UnicodeString, @Sysutils@FileClose$qqri, @Sysutils@FileSeek$qqrixji, @Sysutils@FileSeek$qqriii, @Sysutils@FileCreate$qqrx20System@UnicodeStringi, @Sysutils@FileCreate$qqrx20System@UnicodeString, @Sysutils@FileOpen$qqrx20System@UnicodeStringui, @Sysutils@BoolToStr$qqroo, @Sysutils@StrToIntDef$qqrx20System@UnicodeStringi, @Sysutils@StrToInt$qqrx20System@UnicodeString, @Sysutils@IntToHex$qqrji, @Sysutils@IntToHex$qqrii, @Sysutils@IntToStr$qqrj, @Sysutils@UIntToStr$qqrui, @Sysutils@IntToStr$qqri, @Sysutils@Trim$qqrx20System@UnicodeString, @Sysutils@SameText$qqrx20System@UnicodeStringt1, @Sysutils@CompareText$qqrx20System@UnicodeStringt1, @Sysutils@CompareStr$qqrx20System@UnicodeStringt1, @Sysutils@LowerCase$qqrx20System@UnicodeString, @Sysutils@UpperCase$qqrx20System@UnicodeString, @Sysutils@CharInSet$qqrbrx29System@%Set$tc$iuc$0$iuc$255%, @Sysutils@GUIDToString$qqrrx5_GUID, @Sysutils@CreateGUID$qqsr5_GUID, @$xp$24Sysutils@TFormatSettings, @Sysutils@Win32MajorVersion, @Sysutils@EAccessViolation@, @Sysutils@EInvalidCast@, @Sysutils@EInvalidPointer@, @Sysutils@EExternalException@, @Sysutils@EArgumentOutOfRangeException@, @Sysutils@Exception@, @$xp$19Sysutils@TSearchRec, @Rtlconsts@_SListIndexError, @Math@SetExceptionMask$qqrx46System@%Set$t18Math@TFPUException$iuc$0$iuc$5%, @Math@Min$qqrxixi, @Strutils@PosEx$qqrx20System@UnicodeStringt1i, @Strutils@RightStr$qqrx17System@WideStringxi, @Variants@initialization$qqrv, @Variants@Finalization$qqrv, @Variants@@VarCmpEQ$qqrrx8TVarDatat1, @Variants@@OleVarFromUStr$qqrr8TVarDatax20System@UnicodeString, @Variants@@VarToUStr$qqrr20System@UnicodeStringrx8TVarData, @Variants@@VarClr$qqrr8TVarData, @Varutils@initialization$qqrv, @Varutils@Finalization$qqrv, @Contnrs@TObjectList@GetItem$qqri, @Contnrs@TObjectList@$bctr$qqrv, @Contnrs@TObjectList@Add$qqrp14System@TObject, @Contnrs@TObjectList@, @Registry@initialization$qqrv, @Registry@Finalization$qqrv, @Registry@TRegistry@ValueExists$qqrx20System@UnicodeString, @Registry@TRegistry@WriteInteger$qqrx20System@UnicodeStringi, @Registry@TRegistry@ReadString$qqrx20System@UnicodeString, @Registry@TRegistry@WriteString$qqrx20System@UnicodeStringt1, @Registry@TRegistry@GetDataType$qqrx20System@UnicodeString, @Registry@TRegistry@DeleteKey$qqrx20System@UnicodeString, @Registry@TRegistry@OpenKey$qqrx20System@UnicodeStringo, @Registry@TRegistry@SetRootKey$qqrp6HKEY__, @Registry@TRegistry@CloseKey$qqrv, @Registry@TRegistry@$bctr$qqrv, @Registry@TRegistry@, @Inifiles@initialization$qqrv, @Inifiles@Finalization$qqrv, @Inifiles@TIniFile@UpdateFile$qqrv, @Inifiles@TIniFile@DeleteKey$qqrx20System@UnicodeStringt1, @Inifiles@TIniFile@EraseSection$qqrx20System@UnicodeString, @Inifiles@TIniFile@ReadSectionValues$qqrx20System@UnicodeStringp16Classes@TStrings, @Inifiles@TIniFile@ReadSection$qqrx20System@UnicodeStringp16Classes@TStrings, @Inifiles@TIniFile@ReadSections$qqrp16Classes@TStrings, @Inifiles@TIniFile@ReadString$qqrx20System@UnicodeStringt1t1, @Inifiles@TIniFile@$bdtr$qqrv, @Inifiles@TMemIniFile@WriteString$qqrx20System@UnicodeStringt1t1, @Inifiles@TMemIniFile@SetStrings$qqrp16Classes@TStrings, @Inifiles@TMemIniFile@ReadString$qqrx20System@UnicodeStringt1t1, @Inifiles@TMemIniFile@ReadSectionValues$qqrx20System@UnicodeStringp16Classes@TStrings, @Inifiles@TMemIniFile@ReadSections$qqrp16Classes@TStrings, @Inifiles@TMemIniFile@ReadSection$qqrx20System@UnicodeStringp16Classes@TStrings, @Inifiles@TMemIniFile@GetStrings$qqrp16Classes@TStrings, @Inifiles@TMemIniFile@EraseSection$qqrx20System@UnicodeString, @Inifiles@TMemIniFile@DeleteKey$qqrx20System@UnicodeStringt1, @Inifiles@TMemIniFile@$bdtr$qqrv, @Inifiles@TMemIniFile@$bctr$qqrx20System@UnicodeString, @Inifiles@TCustomIniFile@ReadSections$qqrx20System@UnicodeStringp16Classes@TStrings, @Inifiles@TCustomIniFile@WriteBinaryStream$qqrx20System@UnicodeStringt1p15Classes@TStream, @Inifiles@TCustomIniFile@ReadBinaryStream$qqrx20System@UnicodeStringt1p15Classes@TStream, @Inifiles@TCustomIniFile@ValueExists$qqrx20System@UnicodeStringt1, @Inifiles@TCustomIniFile@WriteBool$qqrx20System@UnicodeStringt1o, @Inifiles@TCustomIniFile@WriteTime$qqrx20System@UnicodeStringt116System@TDateTime, @Inifiles@TCustomIniFile@WriteFloat$qqrx20System@UnicodeStringt1d, @Inifiles@TCustomIniFile@WriteDateTime$qqrx20System@UnicodeStringt116System@TDateTime, @Inifiles@TCustomIniFile@WriteDate$qqrx20System@UnicodeStringt116System@TDateTime, @Inifiles@TCustomIniFile@ReadTime$qqrx20System@UnicodeStringt116System@TDateTime, @Inifiles@TCustomIniFile@ReadFloat$qqrx20System@UnicodeStringt1d, @Inifiles@TCustomIniFile@ReadDateTime$qqrx20System@UnicodeStringt116System@TDateTime, @Inifiles@TCustomIniFile@ReadDate$qqrx20System@UnicodeStringt116System@TDateTime, @Inifiles@TCustomIniFile@ReadBool$qqrx20System@UnicodeStringt1o, @Inifiles@TCustomIniFile@WriteInteger$qqrx20System@UnicodeStringt1i, @Inifiles@TCustomIniFile@ReadInteger$qqrx20System@UnicodeStringt1i, @Inifiles@TCustomIniFile@$bctr$qqrx20System@UnicodeString, @Inifiles@TIniFile@, @Inifiles@TMemIniFile@, @Syncobjs@initialization$qqrv, @Syncobjs@Finalization$qqrv, @Syncobjs@TCriticalSection@Leave$qqrv, @Syncobjs@TCriticalSection@Enter$qqrv, @Syncobjs@TCriticalSection@$bctr$qqrv, @Syncobjs@TCriticalSection@, @Uxtheme@initialization$qqrv, @Uxtheme@Finalization$qqrv, @Multimon@initialization$qqrv, @Multimon@Finalization$qqrv, @Dwmapi@initialization$qqrv, @Dwmapi@Finalization$qqrv, @Helpintfs@initialization$qqrv, @Helpintfs@Finalization$qqrv, @Mapi@initialization$qqrv, @Mapi@Finalization$qqrv, @Flatsb@initialization$qqrv, @Flatsb@Finalization$qqrv, @Comobj@initialization$qqrv, @Comobj@Finalization$qqrv, @Generics_defaults@_LookupVtableInfo$qqr42Generics_defaults@TDefaultGenericInterfacep17Typinfo@TTypeInfoi, @Dateutils@MilliSecondsBetween$qqrx16System@TDateTimet1, @Dateutils@SecondsBetween$qqrx16System@TDateTimet1, @Dateutils@HoursBetween$qqrx16System@TDateTimet1, @Sysutils@StrLIComp$qqrpxbt1ui, @Registry@TRegistry@HasSubKeys$qqrv, @Registry@TRegistry@ReadInteger$qqrx20System@UnicodeString, @Registry@TRegistry@GetValueNames$qqrp16Classes@TStrings, @Registry@TRegistry@GetKeyNames$qqrp16Classes@TStrings, @Sysutils@Win32MinorVersion, @Registry@TRegistry@KeyExists$qqrx20System@UnicodeString
shell32.dll
ShellExecuteExA, ShellExecuteA, ShellExecuteW, SHGetSpecialFolderPathW, SHGetFolderLocation, SHGetPathFromIDListW, SHGetPathFromIDListA, SHGetSpecialFolderLocation, SHGetMalloc
user32.dll
CreateWindowExA, CreateWindowExW, WindowFromPoint, TranslateMessage, SystemParametersInfoW, ShowWindow, SetWindowTextA, SetWindowPos, SetWindowLongA, SetTimer, SetRect, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetCapture, SetActiveWindow, SendMessageTimeoutA, SendMessageA, SendMessageW, ScreenToClient, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageW, RegisterClassA, PostThreadMessageA, PostThreadMessageW, PostQuitMessage, PostMessageA, PostMessageW, PeekMessageA, PeekMessageW, OpenClipboard, OffsetRect, MessageBoxA, MessageBeep, LoadImageA, LoadCursorW, KillTimer, IsWindowVisible, IsWindowUnicode, IsWindowEnabled, IsWindow, IsIconic, IsDialogMessageW, InvalidateRect, InflateRect, GetWindowThreadProcessId, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongW, GetWindowDC, GetSystemMetrics, GetSystemMenu, GetSysColorBrush, GetSysColor, GetWindow, GetMessageA, GetMessageW, GetKeyState, GetIconInfo, GetFocus, GetDC, GetCursorPos, GetCursor, GetClientRect, GetClassNameA, GetCapture, FrameRect, FindWindowW, FillRect, EnumWindows, EndPaint, EnableWindow, EmptyClipboard, DrawTextA, DrawIconEx, DrawFrameControl, DrawFocusRect, DispatchMessageW, DestroyWindow, DefWindowProcA, DefWindowProcW, CloseClipboard, CallWindowProcW, BringWindowToTop, BeginPaint, AttachThreadInput
userenv.dll
DestroyEnvironmentBlock, CreateEnvironmentBlock
vcl120.bpl
@Svcmgr@initialization$qqrv, @Svcmgr@Finalization$qqrv, @Svcmgr@TServiceApplication@Installing$qqrv, @Svcmgr@TService@DoCustomControl$qqrui, @Svcmgr@TService@DoShutdown$qqrv, @Svcmgr@TService@DoInterrogate$qqrv, @Svcmgr@TService@DoContinue$qqrv, @Svcmgr@TService@DoPause$qqrv, @Svcmgr@TService@DoStop$qqrv, @Svcmgr@TService@DoStart$qqrv, @Svcmgr@TService@Controller$qqrui, @Svcmgr@TService@$bdtr$qqrv, @Svcmgr@TService@$bctr$qqrp18Classes@TComponenti, @Svcmgr@Application, @$xp$15Svcmgr@TService, @Svcmgr@TService@, @Dialogs@initialization$qqrv, @Dialogs@Finalization$qqrv, @Comctrls@initialization$qqrv, @Comctrls@Finalization$qqrv, @Actnlist@initialization$qqrv, @Actnlist@Finalization$qqrv, @Graphics@initialization$qqrv, @Graphics@Finalization$qqrv, @Themes@initialization$qqrv, @Themes@Finalization$qqrv, @Controls@initialization$qqrv, @Controls@Finalization$qqrv, @Menus@initialization$qqrv, @Menus@Finalization$qqrv, @Forms@initialization$qqrv, @Forms@Finalization$qqrv, @Forms@TApplication@ProcessMessages$qqrv, @Forms@Application, @Graphutil@initialization$qqrv, @Graphutil@Finalization$qqrv, @Extctrls@initialization$qqrv, @Extctrls@Finalization$qqrv, @Printers@initialization$qqrv, @Printers@Finalization$qqrv, @Clipbrd@initialization$qqrv, @Clipbrd@Finalization$qqrv, @Extactns@initialization$qqrv, @Extactns@Finalization$qqrv, @Extdlgs@initialization$qqrv, @Extdlgs@Finalization$qqrv, @Buttons@initialization$qqrv, @Buttons@Finalization$qqrv
version.dll
VerQueryValueA, VerQueryValueW, GetFileVersionInfoSizeA, GetFileVersionInfoSizeW, GetFileVersionInfoA, GetFileVersionInfoW
wsock32.dll
WSACleanup, WSAStartup, gethostbyname, socket, setsockopt, sendto, send, select, recvfrom, recv, inet_addr, htons, connect, closesocket, bind

ascavsvc.exe

Advanced SystemCare Ultimate by IObit Information Technology (Signed)

Remove ascavsvc.exe
Version:   6.1.0.4463
MD5:   323ab823727aeacf7a5b7f38a7a89774
SHA1:   593ed20937e92fc3aabc306820e5a55927be3ebd
SHA256:   3a52cb5fe9f33bc21440235c3897a1a1dc23a9cc3861c4342388df9ebfdef633

Overview

ascavsvc.exe runs as a service under the name ASCAntivirusSrv (ASCAntivirusSrv) with extensive SYSTEM privileges (full administrator access). This is typically installed with the program Advanced SystemCare Ultimate 6 published by IObit. The file is digitally signed by IObit Information Technology which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:ascavsvc.exe
Publisher:IOBit
Product name:Advanced SystemCare Ultimate
Description:Advanced SystemCare Ultimate Service
Typical file path:C:\Program Files\iobit\advanced systemcare ultimate\ascavsvc.exe
File version:6.1.0.4463
Product version:6.0.0.0
Size:609.31 KB (623,936 bytes)
Build date:7/3/2013 12:42 AM
Certificate
Issued to:IObit Information Technology
Authority (CA):VeriSign
Effective date:Monday, December 7, 2009
Expiration date:Friday, January 4, 2013
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
IObit
24% remove
Advanced SystemCare Ultimate 6 is a stand-alone product. Besides the newly built-in antivirus functionality, it includes all the features of Advanced SystemCare PRO. PRO users who uninstalled Advanced SystemCare during the trial can easily revert it back at any time.

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • ASCAntivirusSrv
  • 'ASCAntivirusSrv' (AdvancedSystemCareAntivirus)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00321782%
0.028634%
Kernel CPU:0.00211680%
0.013761%
User CPU:0.00110102%
0.014873%
Kernel CPU time:45,002 ms/min
100,923,805ms/min
CPU cycles:4,913,036/sec
17,470,203/sec
Context switches:17/sec
284/sec
Memory
Private memory:77.64 MB
21.59 MB
Private (maximum):62.51 MB
Private (minimum):4.19 MB
Non-paged memory:77.64 MB
21.59 MB
Virtual memory:375.17 MB
140.96 MB
Virtual memory (peak):405.22 MB
169.69 MB
Working set:30.33 MB
18.61 MB
Working set (peak):97.99 MB
37.95 MB
Page faults:519,492/min
2,039/min
I/O
I/O read transfer:1.26 MB/sec
1.02 MB/min
I/O read operations:2,665/sec
343/min
I/O write transfer:167.43 KB/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:145.08 KB/sec
448.09 KB/min
I/O other operations:1,062/sec
1,671/min
Resource allocations
Threads:21
12
Handles:289
600
GUI GDI count:38
103
GUI USER count:25
49

BehaviorsProcess properties

Integrety level:System
Platform:64-bit
Command line:"C:\Program Files\iobit\advanced systemcare ultimate\ascavsvc.exe"
Owner:SYSTEM
Windows Service
Service name:ASCAntivirusSrv
Display name:ASCAntivirusSrv
Description:“Advanced SystemCare Antivirus Service”
Type:Win32OwnProcess
Parent process:services.exe (Services and Controller app by Microsoft)

ResourcesThreads

Averages
 
ascavsvc.exe (main module)
Total CPU:0.01700676%
0.272967%
Kernel CPU:0.00901994%
0.107585%
User CPU:0.00798683%
0.165382%
CPU cycles:340,549/sec
5,741,424/sec
Memory:636 KB
1.16 MB
ntdll.dll
Total CPU:0.00269263%
Kernel CPU:0.00269263%
User CPU:0.00000000%
CPU cycles:12,216/sec
Memory:1.66 MB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 39.73%
Windows 7 Ultimate 19.18%
Microsoft Windows XP 13.70%
Windows 8 Pro 10.96%
Windows 7 Home Basic 5.48%
Windows 8 Pro with Media Center 4.11%
Windows 8 2.74%
Windows 7 Professional 2.74%
Windows 8 Release Preview 1.37%

Distribution by countryDistribution by country

United States installs about 35.62% of Advanced SystemCare Ultimate.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 25.71%
Lenovo 17.14%
Acer 15.71%
ASUS 11.43%
Hewlett-Packard 10.00%
Toshiba 5.71%
MSI 5.71%
American Megatrends 5.71%
Sony 2.86%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE