RTVScan.exe
Symantec AntiVirus by Symantec Corporation (Signed)
| Version: | 11.0.5002.290 |
| MD5: | ba2fb8f8ab24d0279caa98a4c118150e |
| SHA1: | 26a309fe8c352aa924e5e07a46a24bac47b5d094 |
Overview
rtvscan.exe runs as a service under the name Symantec Endpoint Protection (Symantec AntiVirus) with extensive SYSTEM privileges (full administrator access). It is installed with a couple of know programs including Symantec Endpoint Protection published by Symantec Corporation, Symantec Endpoint Protection - CAH from Symantec Corporation and Symantec Endpoint Protection - CAH by Symantec Corporation. The file is digitally signed by Symantec Corporation which was issued by the VeriSign certificate authority (CA).
Details
| File name: | rtvscan.exe |
| Publisher: | Symantec Corporation |
| Product name: | Symantec AntiVirus |
| Typical file path: | C:\Program Files\symantec client security\symantec antivirus\rtvscan.exe |
| File version: | 11.0.5002.290 |
| Size: | 2.36 MB (2,477,304 bytes) |
| Build date: | 9/18/2009 3:55 AM |
| Certificate |
| Issued to: | Symantec Corporation |
| Authority (CA): | VeriSign |
| Effective date: | Tuesday, October 30, 2007 |
| Expiration date: | Wednesday, November 24, 2010 |
| Digital DNA |
| PE subsystem: | Windows Console |
| File packed: | No |
| Code language: | Microsoft Visual C++ 8.0 |
| .NET CLR: | No |
More details
Programs
The following programs will install this file
“Customers have embraced Symantec Endpoint Protection 12 faster than any previous release. In Symantec Endpoint Protection 12.1.2, we've worked hard to further the Unrivaled Security, Blazing Performance and support for Virtual Environments. By layering technologies like Insight and SONAR, antivirus scans are reduced and maximum performance is achieved while stopping cyber-criminals and even zero-day threats in their tracks. Endpoint pro...”
“Customers have embraced Symantec Endpoint Protection 12 faster than any previous release. In Symantec Endpoint Protection 12.1.2, we've worked hard to further the Unrivaled Security, Blazing Performance and support for Virtual Environments. By layering technologies like Insight and SONAR, antivirus scans are reduced and maximum performance is achieved while stopping cyber-criminals and even zero-day threats in their tracks. Endpoint pro...”
Behaviors
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00065714% | |
| Kernel CPU: | 0.00023101% | |
| User CPU: | 0.00042613% | |
| Kernel CPU time: | 131,328 ms/min | |
| Context switches: | 26/sec | |
| Memory |
| Private memory: | 16.29 MB | |
| Private (maximum): | 84.46 MB | |
| Private (minimum): | 520 KB | |
| Non-paged memory: | 16.29 MB | |
| Virtual memory: | 134.19 MB | |
| Virtual memory (peak): | 795.78 MB | |
| Working set: | 4.86 MB | |
| Working set (peak): | 96.5 MB | |
| Resource allocations |
| Threads: | 32 | |
| Handles: | 643 | |
| GUI GDI count: | 4 | |
| GUI USER count: | 2 | |
Process properties
| Integrety level: | Undefined |
| Platform: | 32-bit |
| Command line: | "C:\Program Files\symantec\symantec endpoint protection\rtvscan.exe" |
| Owner: | SYSTEM |
| Windows Service |
| Service name: | Symantec AntiVirus |
| Display name: | Symantec Endpoint Protection |
| Description: | “Provides real-time virus scanning, reporting, and management functionality for Symantec AntiVirus.” |
| Type: | Win32OwnProcess, InteractiveProcess |
| Parent process: | services.exe (Services and Controller app by Microsoft) |
Threads
Averages
| Rtvscan.exe (main module) |
| Total CPU: | 0.08302533% | |
| Kernel CPU: | 0.04158344% | |
| User CPU: | 0.04144188% | |
| Context switches: | 3/sec | |
| Memory: | 2.41 MB | |
| ADVAPI32.dll |
| Total CPU: | 0.00526705% | |
| Kernel CPU: | 0.00138992% | |
| User CPU: | 0.00387714% | |
| Memory: | 620 KB | |
| ntdll.dll |
| Total CPU: | 0.00004877% | |
| Kernel CPU: | 0.00002439% | |
| User CPU: | 0.00002439% | |
| Memory: | 704 KB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
| OS version | distribution |
| Microsoft Windows XP |
47.37% |
|
| Windows 7 Home Premium |
26.32% |
|
| Windows 7 Enterprise |
10.53% |
|
| Windows Vista Home Premium |
5.26% |
|
| Windows Vista Ultimate |
5.26% |
|
| Windows 7 Professional |
5.26% |
|
Distribution by country
United States installs about 57.89% of Symantec AntiVirus.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Dell |
47.62% |
|
| Hewlett-Packard |
23.81% |
|
| Lenovo |
19.05% |
|
| Intel |
9.52% |
|
