DefWatch.exe
Symantec AntiVirus by Symantec Corporation (Signed)
Version: | 10.1.6.6000 |
MD5: | 9709d3d9e592d3217353f3fafe29faa3 |
SHA1: | d26b21d28051a6d1fdc6accb532ea4a01c7f0c41 |
SHA256: | 94dfeb72257e2953b52691aadb63f3bdff72428145a1d5cfd1d7649c92f3dd75 |
Overview
defwatch.exe runs as a service under the name Symantec AntiVirus Definition Watcher (DefWatch) with extensive SYSTEM privileges (full administrator access). It is installed with a couple of know programs including Symantec AntiVirus published by Symantec Corporation and Symantec Client Security published by Symantec Corporation. The file is digitally signed by Symantec Corporation which was issued by the VeriSign certificate authority (CA).
Details
File name: | defwatch.exe |
Publisher: | Symantec Corporation |
Product name: | Symantec AntiVirus |
Description: | Virus Definition Daemon |
Typical file path: | C:\Program Files\symantec client security\symantec antivirus\defwatch.exe |
File version: | 10.1.6.6000 |
Size: | 30.69 KB (31,424 bytes) |
Certificate |
Issued to: | Symantec Corporation |
Authority (CA): | VeriSign |
Effective date: | Monday, November 8, 2004 |
Expiration date: | Monday, November 21, 2005 |
Digital DNA |
PE subsystem: | Windows GUI |
File packed: | No |
Code language: | Microsoft Visual C++ 7.1 |
.NET CLR: | No |
More details
Programs
The following programs will install this file
Symantec AntiVirus Corporate Edition was the previous offering from Symantec in this market. Symantec Endpoint Protection, developed by Symantec Corporation, is an antivirus and personal firewall product leveled at centrally managed corporate environments security for servers and workstations.
“Antivirus protection alone is not a sufficient defense against today's complex Internet security threats. One breed of threats blend characteristics of viruses, worms,Trojan horses, and malicious code with server and Internet vulnerabilities. By using multiple methods and techniques, blended threats such as CodeRed, Bugbear, and Opaserv can rapidly initiate, transmit, and spread, causing widespread damage.The newest breed of security ri...”
Behaviors
Service
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
- 'DefWatch' (Symantec AntiVirus Definition Watcher)
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00021313% | |
Kernel CPU: | 0.00000717% | |
User CPU: | 0.00020595% | |
Kernel CPU time: | 103,125 ms/min | |
Memory |
Private memory: | 1.79 MB | |
Private (maximum): | 4.96 MB | |
Private (minimum): | 4.94 MB | |
Non-paged memory: | 1.79 MB | |
Virtual memory: | 38.22 MB | |
Virtual memory (peak): | 45.74 MB | |
Working set: | 4.94 MB | |
Working set (peak): | 5.88 MB | |
Resource allocations |
Threads: | 5 | |
Handles: | 52 | |
GUI GDI count: | 5 | |
GUI USER count: | 2 | |
Process properties
Integrety level: | Undefined |
Platform: | 32-bit |
Command line: | "C:\Program Files\symantec antivirus\defwatch.exe" |
Owner: | SYSTEM |
Windows Service |
Service name: | DefWatch |
Display name: | Symantec AntiVirus Definition Watcher |
Description: | “Monitors and maintains virus definitions.” |
Type: | Win32OwnProcess, InteractiveProcess |
Distribution by Windows OS
OS version | distribution |
Microsoft Windows XP |
75.00% |
|
Windows Vista Home Premium |
25.00% |
|
Distribution by country
Turkey installs about 25.00% of Symantec AntiVirus.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Hewlett-Packard |
100.00% |
|