File details
File name: avastsvc.exe
Name: avast! Antivirus
Description: avast! Service
Version: 7.0.1466.549
Size: 43.76 KB
Original file name: AvastSvc.exe
Digital certificate
Certificate authority:
VeriSign
Expiration date: 1/31/2014
Resource utilization
 | CPU utilization averages |
Total CPU: 0.0064344909%
Privileged CPU:
0.0056986556%

User CPU:
0.00073583528712%

Privileged CPU time: 1482631939.77 ms
Privileged CPU time /min: 124,954 ms
CPU cycle count:
86,417,899
CPU cycle count /min: 244,452,746
Context switches /sec:
43
 | Memory utilization averages |
Committed memory:
304.24 MB
Peak committed memory: 422.9 MB
Paged memory:
41.49 MB
Peak paged memory: 115.93 MB
Paged system memory:
348.83 KB
Non-paged system memory: 364.83 KB
Working set memory:
33.62 MB
Peak working set memory: 127.27 MB
Min working set memory: 5.24 MB
Private memory:
41.49 MB
Page faults:
4,696,981
Page faults /min: 1,263
 | Process I/O averages |
Total read operations:
277,538
Read operations /min: 58
Total read transfer: 416.76 MB
Read transfer /min: 1.27 MB
Total write operations:
126,503
Write operations /min: 30
Total write transfer: 457.48 MB
Write transfer /min: 142.6 KB
Total other operations:
3,860,256
Other operations /min: 533
Total other transfer: 280.77 MB
Other Transfer /min: 467.42 KB
 | GUI Object Averages |
GDI objects:
4
USER objects:
10
Resources
Handle count average: 1,352
Thread count average: 68
Thread resource averages
Total CPU: 1.612852113217%
Privileged CPU: 0.108667340961%
User CPU: 1.504184772255%
CPU Cycle count /sec: 42,522,417
Context switches /sec: 9
Module memory size: 9.3 MB
sechost.dll

Total CPU: 0.429201286505%
Privileged CPU: 0.214623902209%
User CPU: 0.214577384296%
CPU Cycle count /sec: 11,185,633
Context switches /sec: 12
Module memory size: 100 KB
ntdll.dll

Total CPU: 0.135784297391%
Privileged CPU: 0.032588231374%
User CPU: 0.103196066017%
CPU Cycle count /sec: 7,527,409
Context switches /sec: 19
Module memory size: 1.23 MB
Total CPU: 0.089145481853%
Privileged CPU: 0.041823741740%
User CPU: 0.047321740113%
CPU Cycle count /sec: 2,363,864
Context switches /sec: 2
Module memory size: 72 KB
Total CPU: 0.047968716553%
Privileged CPU: 0.014157847406%
User CPU: 0.033810869147%
CPU Cycle count /sec: 1,345,306
Module memory size: 68 KB
Total CPU: 0.033603419258%
Privileged CPU: 0.014079813446%
User CPU: 0.019523605812%
CPU Cycle count /sec: 836,901
Context switches /sec: 1
Module memory size: 368 KB
msvcr90.dll

Total CPU: 0.023809354750%
Privileged CPU: 0.019264651008%
User CPU: 0.004544703742%
CPU Cycle count /sec: 665,477
Context switches /sec: 1
Module memory size: 652 KB
msvcr90.dll

Total CPU: 0.016543632750%
Privileged CPU: 0.010283879818%
User CPU: 0.006259752933%
Module memory size: 652 KB
Total CPU: 0.010130303419%
Privileged CPU: 0.009662427476%
User CPU: 0.000467875943%
CPU Cycle count /sec: 197,299
Module memory size: 88 KB
Total CPU: 0.010099555173%
Privileged CPU: 0.005222026043%
User CPU: 0.004877529131%
CPU Cycle count /sec: 253,361
Module memory size: 244 KB
Total CPU: 0.008734113032%
Privileged CPU: 0.002127999341%
User CPU: 0.006606113690%
CPU Cycle count /sec: 208,310
Module memory size: 48 KB
msvcr90.dll

Total CPU: 0.007386625484%
Privileged CPU: 0.002641571514%
User CPU: 0.004745053971%
CPU Cycle count /sec: 116,447
Module memory size: 652 KB
wow64.dll

Total CPU: 0.006525343670%
Privileged CPU: 0.004015596105%
User CPU: 0.002509747565%
CPU Cycle count /sec: 197,911
Module memory size: 252 KB
advapi32.dll

Total CPU: 0.001714512592%
Privileged CPU: 0.000469842393%
User CPU: 0.001244670199%
CPU Cycle count /sec: 31,521
Module memory size: 792 KB
wow64.dll

Total CPU: 0.001574874336%
Privileged CPU: 0.001267638107%
User CPU: 0.000307236229%
CPU Cycle count /sec: 67,442
Module memory size: 252 KB
advapi32.dll

Total CPU: 0.001175466256%
Privileged CPU: 0.000440799846%
User CPU: 0.000734666410%
Module memory size: 620 KB
Total CPU: 0.001159491368%
Privileged CPU: 0.000936524373%
User CPU: 0.000222966995%
CPU Cycle count /sec: 104,262
Context switches /sec: 1
Module memory size: 216 KB
ntdll.dll

Total CPU: 0.000342970393%
Privileged CPU: 0.000318472508%
User CPU: 0.000024497885%
Module memory size: 712 KB
wow64.dll

Total CPU: 0.000251257700%
Privileged CPU: 0.000221697970%
User CPU: 0.000029559729%
CPU Cycle count /sec: 6,767
Module memory size: 252 KB
Total CPU: 0.000240171617%
Privileged CPU: 0.000120085808%
User CPU: 0.000120085808%
CPU Cycle count /sec: 266,224
Context switches /sec: 17
Module memory size: 52 KB
Process details
Runs as (owner): System
Integrety level: System
Windows platform: 32-bit
Runs as a service: Yes
Parent Processes
Child Process
Process Commands
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\?????\AvastSvc.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
Service details
Name: avast! Antivirus
Service type:
Win32ShareProcess
Description: “Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler.”
Network connectivity
TCP: r-056-042-234-077.avast.com on port 61490
TCP: r-055-044-234-077.avast.com on port 51506
TCP: r-055-042-234-077.ff.avast.com on port 60292
TCP: r-055-042-234-077.avast.com on port 62674
TCP: r-054-044-234-077.avast.com on port 50748
TCP: r-053-041-234-077.avast.com on port 54643
TCP: r-051-044-234-077.ff.avast.com on port 52580
TCP: r-051-044-234-077.avast.com on port 50154
TCP: KD111111111111.ppp-bb.dion.ne.jp on port 51176
TCP: a69-192-3-32.deploy.akamaitechnologies.com on port 4682
TCP: a23-62-99-113.deploy.akamaitechnologies.com on port 56043
TCP: localhost on port 27275
Image hashes
MD5: 04ac21e821f259845bd7367cee057290
SHA-1: 0e07e6f1e131d16a5463c0fc9db1b0d2178f3500
SHA-256: ae6042e4992781be6853838936d582cb2f2bc821201a25b63e0b2ec22e68bdec
PE image details
Subsystem: Windows GUI
Langauge*: Microsoft Visual C++ 9.0
File packed: No
Import Table
advapi32.dll

RegDeleteKeyA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
ashbase.dll

aswcmnbs.dll

svcServiceStart
aswcmnbsDllMain
secPreventHookDllInjection
cmnbFree
cmnbInit
fsGetAvastProgramPath
kernel32.dll

GetFileAttributesW
IsBadCodePtr
GetProcAddress
GetModuleHandleA
IsBadReadPtr
GetCurrentProcess
GetModuleFileNameW
LoadLibraryA
GetVersionExW
GetPrivateProfileStringW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedCompareExchange
GetStartupInfoW
VirtualProtect
TerminateProcess
Sleep
InterlockedExchange
CreateProcessW
CloseHandle
msvcp90.dll
msvcr90.dll
shlwapi.dll

PathAppendW
PathRemoveFileSpecW