Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

4,4,3,64051 6.25%
4,0,3,57478 6.25%
3,6,2,47687 6.25%
3,6,2,44641 6.25%
3,4,2,41470 6.25%
3,3,1,33119 6.25%
3,1,1,30291 31.25%
3,1,1,29578 18.75%
3,1,1,28642 6.25%
3,1,1,21903 6.25%

Relationships

Parent process
Child process
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
RevertToSelf, RegOpenCurrentUser, RegCloseKey, RegQueryValueExW, RegOpenKeyExW, RegEnumKeyExW, OpenProcessToken, EqualSid, GetTokenInformation, QueryServiceStatus, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, SetSecurityDescriptorSacl, ConvertStringSecurityDescriptorToSecurityDescriptorW, GetSecurityDescriptorSacl, SetSecurityInfo, StartServiceW, OpenServiceW, OpenSCManagerW, CloseServiceHandle, CreateServiceW, RegEnumValueW, RegDeleteKeyW, RegQueryInfoKeyW, RegSetValueExW, ConvertSidToStringSidW, OpenThreadToken, ImpersonateLoggedOnUser, CreateProcessAsUserW, SetTokenInformation, AdjustTokenPrivileges, FreeSid, SetEntriesInAclW, AllocateAndInitializeSid, RegDeleteValueW, GetNamedSecurityInfoW, LookupPrivilegeValueW, SetNamedSecurityInfoW, LookupAccountNameW, RegCreateKeyExW, GetUserNameW, RegisterServiceCtrlHandlerW, SetServiceStatus, StartServiceCtrlDispatcherW, ImpersonateNamedPipeClient, DuplicateTokenEx, GetSidSubAuthorityCount, GetSidSubAuthority, RegOpenKeyW, RegSetValueW, RegCreateKeyW, GetSidIdentifierAuthority
crypt32.dll
CertFindCertificateInStore, CertFreeCertificateContext, CertGetNameStringW, CryptQueryObject, CertCloseStore, CryptMsgGetParam, CryptMsgClose
gdi32.dll
GetStockObject
imm32.dll
ImmDisableIME
iphlpapi.dll
GetAdaptersAddresses
kernel32.dll
DllMain
log.dll
CloseLog, CreateLog, WriteLog
ole32.dll
CoInitializeSecurity, CoInitialize, CoUninitialize, StringFromGUID2, CoCreateInstance, CoTaskMemFree, CoSetProxyBlanket, CoInitializeEx
pdh.dll
PdhOpenQueryW, PdhAddCounterW, PdhCloseQuery, PdhCollectQueryData, PdhGetFormattedCounterValue
psapi.dll
GetModuleFileNameExW, EnumProcessModules, GetProcessImageFileNameW
rpcrt4.dll
UuidCreate, UuidToStringW, RpcStringFreeW
setupapi.dll
SetupDiGetDeviceRegistryPropertyW, SetupDiGetDeviceInterfaceDetailW, CM_Get_DevNode_Registry_PropertyW, SetupDiEnumDeviceInterfaces, SetupDiSetClassInstallParamsW, CM_Get_Device_IDW, CM_Enumerate_Classes, SetupDiCallClassInstaller, CM_Get_DevNode_Status, CM_Request_Device_EjectW, SetupDiDestroyDeviceInfoList, SetupDiEnumDeviceInfo, SetupDiGetClassDevsW, CM_Get_Parent, CM_Get_Child
shell32.dll
SHGetFolderPathW, ShellExecuteExW, SHGetDesktopFolder, ShellExecuteW, SHGetSpecialFolderPathW
shlwapi.dll
PathAppendW, PathIsDirectoryW, PathAddBackslashW, PathFindFileNameW, PathFileExistsW, PathRenameExtensionW, PathRemoveFileSpecW, PathIsFileSpecW, StrRChrW, PathAddExtensionW, StrStrIW, StrRetToStrW, SHDeleteKeyW
user32.dll
KillTimer, GetSystemMetrics, wsprintfW, FindWindowExW, GetWindowThreadProcessId, IsWindow, GetWindowLongW, SendMessageTimeoutW, SendMessageW, PostQuitMessage, DefWindowProcW, PostMessageW, GetClassInfoW, CreateWindowExW, SetWindowLongW, MsgWaitForMultipleObjectsEx, PeekMessageW, TranslateMessage, DispatchMessageW, GetMessageW, RegisterClassW, SetTimer, DestroyWindow, CloseDesktop, OpenDesktopW, UnregisterDeviceNotification, PostThreadMessageW, RegisterDeviceNotificationW, LoadIconW, LoadCursorW, UnregisterClassW
userenv.dll
ExpandEnvironmentStringsForUserW, CreateEnvironmentBlock, DestroyEnvironmentBlock
version.dll
GetFileVersionInfoW, GetFileVersionInfoSizeW, VerQueryValueW
winhttp.dll
WinHttpOpenRequest, WinHttpCrackUrl, WinHttpSendRequest, WinHttpReceiveResponse, WinHttpCloseHandle, WinHttpConnect, WinHttpOpen, WinHttpQueryHeaders
ws2_32.dll
WSCEnumProtocols, WSCDeinstallProvider, WSCGetProviderPath
wtsapi32.dll
WTSQueryUserToken, WTSEnumerateSessionsW, WTSFreeMemory

bavsvc.exe

Baidu Antivirus by Baidu Online Network Technology (Beijing)Co. (Signed)

Remove bavsvc.exe
Version:   3,4,2,41470
MD5:   48adc986357b73ae0c051475dfa4eb9c
SHA1:   da3667f88d3b6ad304a9bb18bfafc4f596d20380
SHA256:   d47f7363f9ea0bc6a268c2d9a10efc2f127b92b5cf38b86a914abfd681860019

Overview

bavsvc.exe runs as a service under the name BAVSvc (BAVSvc) with extensive SYSTEM privileges (full administrator access). It is installed with a couple of know programs including Baidu Antivirus published by Baidu, Inc. and Baidu Antivirus published by Baidu, Inc.. The file is digitally signed by Baidu Online Network Technology (Beijing)Co. which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:bavsvc.exe
Publisher:Baidu, Inc.
Product name:Baidu Antivirus
Description:Baidu Antivirus Service
Typical file path:C:\Program Files\baidu security\cloud security\bavsvc.exe
File version:3,4,2,41470
Size:1.48 MB (1,551,720 bytes)
Build date:8/30/2013 3:55 PM
Certificate
Issued to:Baidu Online Network Technology (Beijing)Co.
Authority (CA):VeriSign
Digital DNA
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
Baidu, Inc.
18% remove
Baidu Antivirus protects your computer against malware, phishing and malicious websites, worms, and trojans. Remove viruses. Free download and permanently free in future use. Baidu Antivirus consists of Antivirus, Cloud Scan, HIPS, Firewall, Anti-phishing.

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • BAVSvc
  • 'BAVSvc' (Baidu Antivirus Service)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.05217010%
0.028634%
Kernel CPU:0.04097069%
0.013761%
User CPU:0.01119941%
0.014873%
Kernel CPU time:3,775 ms/min
100,923,805ms/min
Memory
Private memory:23.37 MB
21.59 MB
Private (maximum):13.98 MB
Private (minimum):4.95 MB
Non-paged memory:23.37 MB
21.59 MB
Virtual memory:175.91 MB
140.96 MB
Virtual memory (peak):226.53 MB
169.69 MB
Working set:9.63 MB
18.61 MB
Working set (peak):27.32 MB
37.95 MB
Resource allocations
Threads:54
12
Handles:397
600

BehaviorsProcess properties

Integrety level:System
Platform:64-bit
Command line:"C:\Program Files\baidu security\baidu antivirus\bavsvc.exe"
Owner:SYSTEM
Windows Service
Service name:BAVSvc
Display name:BAVSvc
Description:“Baidu Antivirus Service”
Type:Win32OwnProcess, InteractiveProcess
Parent process:services.exe (Services and Controller app by Microsoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Microsoft Windows XP 31.25%
Windows 7 Professional 25.00%
Windows 7 Ultimate 25.00%
Windows 8.1 Pro 6.25%
Windows 8.1 6.25%
Windows 7 Home Premium 6.25%

Distribution by countryDistribution by country

Egypt installs about 25.00% of Baidu Antivirus.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Acer 31.25%
Intel 25.00%
Hewlett-Packard 12.50%
Compaq 12.50%
American Megatrends 12.50%
GIGABYTE 6.25%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE