Should I block it?

No, this file is 100% safe to run.

Additional versions

3, 0, 0, 168	66.67%
3, 0, 0, 168	22.22%
3, 0, 0, 147	11.11%

Relationships

PE file structure

Show functions

Import table

advapi32.dll

GetSecurityDescriptorSacl, RegDeleteKeyW, LookupAccountNameW, IsValidSid, GetSidIdentifierAuthority, GetSidSubAuthorityCount, GetSidSubAuthority, GetSecurityDescriptorDacl, SetNamedSecurityInfoW, RegQueryInfoKeyW, RegEnumKeyExW, RegCreateKeyExW, RegCloseKey, RegQueryValueExW, RegCreateKeyW, RegOpenKeyExW, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetSecurityInfo, RegSetValueExW, FreeSid, CheckTokenMembership, AllocateAndInitializeSid, RegDeleteValueW

comctl32.dll

_TrackMouseEvent

gdi32.dll

SetTextColor, SetBkMode, SelectObject, GetObjectW, GetStockObject, CreateFontIndirectW, DeleteDC, DeleteObject, CreateDIBSection

gidbin1.dll

GIDSDKShowEvents, GIDSDKShowPref, GIDSDKAddEvent, GIDSDKShowBadDWarn, GIDSDKGetAppID

kernel32.dll

MapViewOfFile, WaitForSingleObject, CreateThread, ResetEvent, CreateProcessW, ProcessIdToSessionId, GetCurrentProcessId, CreateEventW, GetModuleHandleW, WTSGetActiveConsoleSessionId, lstrcpynW, FreeLibrary, lstrcpynA, lstrlenA, lstrlenW, InterlockedExchange, GetModuleFileNameW, SetLastError, lstrcmpiW, lstrcpyW, CompareStringW, InterlockedIncrement, InterlockedDecrement, InitializeCriticalSection, MultiByteToWideChar, SizeofResource, LoadResource, FindResourceW, LoadLibraryExW, DeleteFileW, RemoveDirectoryW, CreateFileW, GetWindowsDirectoryW, DeviceIoControl, GetTempPathW, CreateDirectoryW, GetNativeSystemInfo, GetSystemInfo, WideCharToMultiByte, LocalAlloc, GetVolumeInformationW, HeapFree, GetProcessHeap, GetModuleHandleA, SetStdHandle, UnmapViewOfFile, SetFilePointer, IsValidCodePage, GetOEMCP, GetACP, GetCPInfo, GetTickCount, QueryPerformanceCounter, GetFileType, SetHandleCount, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, GetModuleFileNameA, GetStdHandle, WriteFile, ExitProcess, HeapSize, HeapReAlloc, HeapCreate, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, GetFileAttributesW, GetSystemTimeAsFileTime, GetStartupInfoA, GetCommandLineA, RtlUnwind, VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, LoadLibraryA, HeapAlloc, InterlockedCompareExchange, CloseHandle, OpenFileMappingW, LocalFree, CreateFileMappingW, GetConsoleMode, InitializeCriticalSectionAndSpinCount, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, GetCurrentProcess, GetConsoleCP, FlushInstructionCache, LeaveCriticalSection, EnterCriticalSection, GetVersionExW, LoadLibraryW, GetProcAddress, RaiseException, DeleteCriticalSection, GetCurrentThreadId, Sleep, OpenEventW, SetEvent, CreateMutexW, GetLastError, ReleaseMutex, GetLocaleInfoA, FlushFileBuffers, SetEnvironmentVariableA, SetEnvironmentVariableW, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, SetEndOfFile, CreateFileA, ReadFile

ole32.dll

CoTaskMemFree, CoTaskMemAlloc, CoCreateInstance, CoUninitialize, CoTaskMemRealloc, CoInitialize

shell32.dll

DoEnvironmentSubstW, ShellExecuteW, ShellExecuteExW, Shell_NotifyIconW, SHGetFolderPathW

user32.dll

OffsetRect, GetWindowTextLengthW, GetWindowTextW, GetClassNameW, GetDlgCtrlID, GetParent, ScreenToClient, GetCapture, ReleaseCapture, GetFocus, SetCursor, EndPaint, BeginPaint, DrawFocusRect, GetForegroundWindow, DialogBoxParamW, GetDlgItem, EndDialog, CallWindowProcW, GetSysColor, IsWindowEnabled, DrawTextW, CharNextW, SetCapture, FillRect, RemoveMenu, GetMenuItemCount, AppendMenuW, TrackPopupMenuEx, CreatePopupMenu, InvalidateRect, GetWindowRect, LoadBitmapW, EnableWindow, GetSystemMetrics, ToUnicodeEx, GetKeyboardLayout, GetKeyboardState, VkKeyScanExW, GetKeyState, MapVirtualKeyExW, SetRectEmpty, PeekMessageW, PtInRect, MapWindowPoints, IsWindow, MessageBeep, GetClientRect, SetWindowPos, MonitorFromPoint, GetMonitorInfoW, DefWindowProcW, LoadStringA, GetWindowLongW, SetFocus, GetSubMenu, CreateMenu, SetMenuItemInfoW, GetMenuItemInfoW, InsertMenuW, TrackPopupMenu, KillTimer, UnhookWinEvent, MessageBoxW, PostQuitMessage, SetTimer, SetWindowTextW, SetWinEventHook, GetDC, ReleaseDC, SendMessageW, PostMessageW, GetCursorPos, SetForegroundWindow, DestroyMenu, SetWindowLongW, CreateWindowExW, wvsprintfW, GetClassInfoExW, LoadCursorW, LoadImageW, RegisterClassExW, LoadStringW, LoadMenuW, LoadAcceleratorsW, ShowWindow, UpdateWindow, DestroyWindow, GetMessageW, TranslateMessage, DispatchMessageW, GetActiveWindow, UnregisterClassA

version.dll

VerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW

wininet.dll

InternetReadFile, InternetSetOptionW, InternetConnectW, InternetCloseHandle, HttpSendRequestW, HttpOpenRequestW, InternetErrorDlg, HttpQueryInfoW, InternetOpenW

wtsapi32.dll

WTSUnRegisterSessionNotification, WTSRegisterSessionNotification

GIDD.exe

GID Desktop Application by StrikeForce Technologies (Signed)

Remove GIDD.exe

Version:	3, 0, 0, 168
MD5:	493c7df03d478de0f7b47d64c680c3ec
SHA1:	4c5c2caef65dd0f76daecf097927a08db764fa14
SHA256:	8b09f7324106c0d677d28239ec68909cc83c66824895c03232ed06e2d0c66717

Overview

gidd.exe executes as a process with the local user's privileges. It is set to be start when the PC boots and any user logs into Windows (added to the Run registry key for the all users under the local machine). This is typically installed with the program GuardedID published by StrikeForce Technologies, Inc. The file is digitally signed by StrikeForce Technologies which was issued by the GlobalSign nv-sa certificate authority (CA).

Details

File name:	gidd.exe
Publisher:	StrikeForce Technologies Inc.
Product name:	GID Desktop Application
Typical file path:	C:\Program Files\sft\guardedid\gidd.exe
File version:	3, 0, 0, 168
Product version:	3, 0, 0, 0
Size:	386.26 KB (395,528 bytes)
Certificate
Issued to:	StrikeForce Technologies
Authority (CA):	GlobalSign nv-sa
Effective date:	Monday, July 12, 2010
Expiration date:	Thursday, September 8, 2011
Digital DNA
File packed:	No
.NET CLR:	No

More details

Programs

The following program will install this file

GuardedID

StrikeForce Technologies, Inc

22% remove

“GuardedID Provides Powerful Online Identity Theft Protection GuardedID's innovative keystroke encryption and anti-keylogging technology protects you from identity thief's favorite new tool - keyloggers. Industry experts state, however, that approximately 80% of keyloggers are escaping detection by leading anti-virus programs. This means that even with a current anti-virus program there is a good chance that a keylogger may be installed ...”

Behaviors

Startup files (all users) run

Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'

'GIDDesktop' → C:\Program Files\SFT\GuardedID\gidd.exe /s

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

CPU
Total CPU:	0.00014165%	0.028634%
Kernel CPU:	0.00003836%	0.013761%
User CPU:	0.00010329%	0.014873%
Kernel CPU time:	13,229 ms/min	100,923,805ms/min
CPU cycles:	513,781/sec	17,470,203/sec
Memory
Private memory:	7.75 MB	21.59 MB
Private (maximum):	8.29 MB
Private (minimum):	1.47 MB
Non-paged memory:	7.75 MB	21.59 MB
Virtual memory:	114.81 MB	140.96 MB
Virtual memory (peak):	117.31 MB	169.69 MB
Working set:	3.61 MB	18.61 MB
Working set (peak):	8.59 MB	37.95 MB
Page faults:	94,363/min	2,039/min
I/O
I/O read transfer:	1.92 KB/sec	1.02 MB/min
I/O read operations:	1/sec	343/min
I/O write transfer:	6 Bytes/sec	274.99 KB/min
I/O write operations:	1/sec	227/min
I/O other transfer:	11.7 KB/sec	448.09 KB/min
I/O other operations:	209/sec	1,671/min
Resource allocations
Threads:	5	12
Handles:	138	600
GUI GDI count:	22	103
GUI GDI peak:	25	142
GUI USER count:	16	49
GUI USER peak:	18	71

Process properties

Integrety level:	Medium
Platform:	64-bit
Command line:	"C:\Program Files\sft\guardedid\gidd.exe" /s
Owner:	User

Threads

Averages

GIDD.exe (main module)
Total CPU:	0.01723453%	0.272967%
Kernel CPU:	0.00957159%	0.107585%
User CPU:	0.00766294%	0.165382%
CPU cycles:	486,800/sec	5,741,424/sec
Context switches:	4/sec	79/sec
Memory:	404 KB	1.16 MB
ntdll.dll
Total CPU:	0.00001040%
Kernel CPU:	0.00001040%
User CPU:	0.00000000%
CPU cycles:	226/sec
Memory:	1.66 MB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

gidbin3.dll (GuardedID by StrikeForce Technologies)

Distribution by Windows OS

OS version	distribution
Windows 7 Home Premium	44.44%
Windows Vista Home Premium	33.33%
Microsoft Windows XP	11.11%
Windows 7 Enterprise	11.11%

Distribution by country

United States installs about 100.00% of GID Desktop Application.

Remove Adware and Spyware Programs, FREE Download!