RTVScan.exe
Symantec AntiVirus by Symantec Corporation (Signed)
Version: | 11.0.6100.463 |
MD5: | d880fbd65b6f4885ac89628225b91398 |
SHA1: | d54381a26657ae99bc26ebb674102c61cb1a98f5 |
SHA256: | bb5b35d663772c1bc66e1705b2fec21a23d26f51fcba8227f0c3c6dee4bdf6ab |
Overview
rtvscan.exe runs as a service under the name Symantec Endpoint Protection (Symantec AntiVirus) with extensive SYSTEM privileges (full administrator access). This is typically installed with the program Symantec Endpoint Protection published by Symantec Corporation. The file is digitally signed by Symantec Corporation which was issued by the VeriSign certificate authority (CA).
Details
File name: | rtvscan.exe |
Publisher: | Symantec Corporation |
Product name: | Symantec AntiVirus |
Typical file path: | C:\Program Files\symantec client security\symantec antivirus\rtvscan.exe |
File version: | 11.0.6100.463 |
Size: | 1.75 MB (1,832,072 bytes) |
Certificate |
Issued to: | Symantec Corporation |
Authority (CA): | VeriSign |
Effective date: | Tuesday, October 30, 2007 |
Expiration date: | Wednesday, November 24, 2010 |
Digital DNA |
PE subsystem: | Windows Console |
File packed: | No |
Code language: | Microsoft Visual C++ 8.0 |
.NET CLR: | No |
More details
Programs
The following program will install this file
“Customers have embraced Symantec Endpoint Protection 12 faster than any previous release. In Symantec Endpoint Protection 12.1.2, we've worked hard to further the Unrivaled Security, Blazing Performance and support for Virtual Environments. By layering technologies like Insight and SONAR, antivirus scans are reduced and maximum performance is achieved while stopping cyber-criminals and even zero-day threats in their tracks. Endpoint pro...”
Behaviors
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00010661% | |
Kernel CPU: | 0.00005589% | |
User CPU: | 0.00005072% | |
Kernel CPU time: | 900,844 ms/min | |
Context switches: | 2/sec | |
Memory |
Private memory: | 77.07 MB | |
Private (maximum): | 390.53 MB | |
Private (minimum): | 908 KB | |
Non-paged memory: | 77.07 MB | |
Virtual memory: | 643.08 MB | |
Virtual memory (peak): | 931.38 MB | |
Working set: | 5.23 MB | |
Working set (peak): | 409.88 MB | |
Page faults: | 30,469,943/min | |
I/O |
I/O read transfer: | 16.12 MB/sec | |
I/O read operations: | 5,224/sec | |
I/O write transfer: | 1.27 MB/sec | |
I/O write operations: | 326/sec | |
I/O other transfer: | 232.53 KB/sec | |
I/O other operations: | 5,864/sec | |
Resource allocations |
Threads: | 35 | |
Handles: | 785 | |
GUI GDI count: | 4 | |
GUI USER count: | 3 | |
Process properties
Integrety level: | Undefined |
Platform: | 32-bit |
Command line: | "C:\Program Files\symantec\symantec endpoint protection\rtvscan.exe" |
Owner: | SYSTEM |
Windows Service |
Service name: | Symantec AntiVirus |
Display name: | Symantec Endpoint Protection |
Description: | “Provides real-time virus scanning, reporting, and management functionality for Symantec AntiVirus.” |
Type: | Win32OwnProcess, InteractiveProcess |
Parent process: | services.exe (Services and Controller app by Microsoft) |
Threads
Averages
MFC80.DLL |
Total CPU: | 0.01774569% | |
Kernel CPU: | 0.00945569% | |
User CPU: | 0.00829000% | |
Memory: | 1.06 MB | |
Rtvscan.exe (main module) |
Total CPU: | 0.01060902% | |
Kernel CPU: | 0.00223841% | |
User CPU: | 0.00837061% | |
Memory: | 1.81 MB | |
advapi32.dll (Advanced Windows 32 Base API by Microsoft) |
Total CPU: | 0.00071685% | |
Kernel CPU: | 0.00025276% | |
User CPU: | 0.00046409% | |
Memory: | 620 KB | |
MSVCR80.dll |
Total CPU: | 0.00055121% | |
Kernel CPU: | 0.00054292% | |
User CPU: | 0.00000829% | |
Memory: | 620 KB | |
ntdll.dll |
Total CPU: | 0.00030252% | |
Kernel CPU: | 0.00026108% | |
User CPU: | 0.00004144% | |
Memory: | 712 KB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
OS version | distribution |
Microsoft Windows XP |
47.37% |
|
Windows 7 Home Premium |
26.32% |
|
Windows 7 Enterprise |
10.53% |
|
Windows Vista Home Premium |
5.26% |
|
Windows Vista Ultimate |
5.26% |
|
Windows 7 Professional |
5.26% |
|
Distribution by country
United States installs about 57.89% of Symantec AntiVirus.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Dell |
47.62% |
|
Hewlett-Packard |
23.81% |
|
Lenovo |
19.05% |
|
Intel |
9.52% |
|