Should I block it?

45%
45% of PCs block this file from running.
Possible reason:
Performance resource utilization

VersionsAdditional versions

4,0,7,67974 1.96%
4,0,1,55642 5.88%
4,0,0,48542 1.96%
3,7,1,43052 15.69%
3,7,1,42591 1.96%
3,7,1,41782 1.96%
3,7,1,39149 5.88%
3,2,0,29 11.76%
3,2,0,25 1.96%
3,0,0,4 1.96%
1,18,0,9 1.96%
1,17,0,4 9.80%
1,16,0,7 19.61%
1,16,0,6 1.96%
1,13,0,17 15.69%

Relationships

Parent process
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
SetSecurityDescriptorSacl, GetSecurityDescriptorSacl, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegOpenUserClassesRoot, CreateProcessAsUserW, FreeSid, SetNamedSecurityInfoW, SetEntriesInAclW, GetNamedSecurityInfoW, StartServiceW, RegDeleteValueW, EqualSid, AllocateAndInitializeSid, GetTokenInformation, CloseServiceHandle, QueryServiceStatus, OpenServiceW, OpenSCManagerW, RevertToSelf, RegOpenCurrentUser, ImpersonateLoggedOnUser, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, ConvertSidToStringSidW, LookupAccountNameW, GetUserNameW, RegSetValueExW, RegQueryValueExW, RegOpenKeyExW, RegCreateKeyExW, RegCloseKey, RegisterServiceCtrlHandlerW, SetServiceStatus, StartServiceCtrlDispatcherW, SetSecurityInfo, RegOpenKeyW, RegEnumKeyExW, SetTokenInformation, RegDeleteKeyW, DuplicateTokenEx
bhips.dll
BHips_SetProtectOpt, BHips_RegisterCallback, BHips_AddProtectRegPath, BHips_AddProtectFilePath, BHips_AddProtectProcessDirPath, BHips_DrvInst, BHips_Startup
datareport.dll
Stop, RD_WW, Start
gdi32.dll
PtVisible, GetStockObject, DeleteDC, ScaleWindowExtEx, SetWindowExtEx, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, ExtTextOutW, TextOutW, GetClipBox, SetTextColor, SetMapMode, RestoreDC, SaveDC, SetBkColor, GetDeviceCaps, DeleteObject, CreateBitmap, RectVisible
iphlpapi.dll
GetAdaptersAddresses
kernel32.dll
DllMain
log.dll
WriteLog, CreateLog
ole32.dll
CoTaskMemFree
oleacc.dll
LresultFromObject, CreateStdAccessibleObject
shell32.dll
SHGetFolderPathW, ShellExecuteExW, CommandLineToArgvW
shlwapi.dll
PathAppendW, PathAddBackslashW, PathFindFileNameW, PathFileExistsW, PathRenameExtensionW, PathRemoveFileSpecW, StrRChrW, SHRegGetValueW, SHDeleteValueW, SHDeleteKeyW, PathIsDirectoryW, PathRemoveExtensionW, StrStrIW
user32.dll
DestroyMenu, GrayStringW, DrawTextExW, DrawTextW, TabbedTextOutW, RegisterWindowMessageW, LoadIconW, WinHelpW, GetCapture, GetClassLongW, SetPropW, GetPropW, RemovePropW, GetForegroundWindow, GetTopWindow, DestroyWindow, GetMessageTime, GetMessagePos, MapWindowPoints, SetMenu, GetClientRect, CreateWindowExW, GetClassInfoExW, GetClassInfoW, AdjustWindowRectEx, DefWindowProcW, CallWindowProcW, CopyRect, GetMenu, SystemParametersInfoA, GetWindowPlacement, SetMenuItemBitmaps, GetMenuCheckMarkDimensions, LoadBitmapW, ModifyMenuW, EnableMenuItem, CheckMenuItem, PostQuitMessage, SetForegroundWindow, IsIconic, PostMessageW, SetWindowPos, SetWindowLongW, IsWindow, GetDlgItem, SetWindowsHookExW, CallNextHookEx, GetMessageW, TranslateMessage, DispatchMessageW, GetKeyState, PeekMessageW, ValidateRect, GetFocus, SetTimer, KillTimer, FindWindowExW, MsgWaitForMultipleObjectsEx, RegisterClassW, ClientToScreen, GetWindow, GetDlgCtrlID, GetWindowRect, GetClassNameW, PtInRect, SetWindowTextW, GetWindowTextW, GetWindowThreadProcessId, SendMessageW, GetParent, GetWindowLongW, GetLastActivePopup, IsWindowEnabled, EnableWindow, MessageBoxW, UnhookWindowsHookEx, LoadCursorW, GetSystemMetrics, GetDC, ReleaseDC, GetSysColor, GetSysColorBrush, GetMenuState, GetMenuItemID, GetMenuItemCount, GetSubMenu, ExitWindowsEx, wsprintfW, SendMessageTimeoutW
userenv.dll
CreateEnvironmentBlock, DestroyEnvironmentBlock
version.dll
GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW
wininet.dll
InternetConnectW, HttpOpenRequestW, InternetSetOptionW, InternetReadFile, HttpQueryInfoW, InternetCloseHandle, InternetCrackUrlW, InternetOpenW, HttpSendRequestW
winspool.drv
DocumentPropertiesW, OpenPrinterW, ClosePrinter
wtsapi32.dll
WTSEnumerateSessionsW, WTSFreeMemory, WTSQueryUserToken

pcfastersvc.exe

Baidu PC Faster by Baidu Online Network Technology (Beijing)Co. (Signed)

Remove pcfastersvc.exe
Version:   1,16,0,7
MD5:   21c5a9f38065f217b3f391b486a725f4
SHA1:   958e83f5abc67690c134219afd5635e86db49fb6
SHA256:   849c392ee1e14bc14bfedf73d68d062a8ca20f34ceed6409f3354519cd81a6b1

Overview

pcfastersvc.exe runs as a service under the name PCFasterSvc_{PCFaster_4.0.0.0} (PCFasterSvc_{PCFaster_4.0.0.0}) with extensive SYSTEM privileges (full administrator access). This is typically installed with the program Baidu PC Faster published by Baidu, Inc. and is most likely removed by most users once installed (65% removed). The file is digitally signed by Baidu Online Network Technology (Beijing)Co. which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:pcfastersvc.exe
Publisher:Baidu Inc.
Product name:Baidu PC Faster
Description:Baidu PC Faster Service
Typical file path:C:\Program Files\baidu security\pc faster\pcfastersvc.exe
File version:1,16,0,7
Size:542.91 KB (555,944 bytes)
Certificate
Issued to:Baidu Online Network Technology (Beijing)Co.
Authority (CA):VeriSign
Digital DNA
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
Baidu, Inc.
  65% remove
The software is typically bundled with third party installers such as Open Candy. "Offer your users a free system maintenance and utility suite to help them get the most out of their PC’s performance."

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • PCFasterSvc_{PCFaster_4.0.0.0}
  • 'PCFasterSvc_{PCFaster_4.0.0.0}' (Baidu PC Faster Service 4.0.0.0)
  • 'PCFasterSvc_{PCFaster_3.7.0.0}' (Baidu PC Faster Service 3.7.0.0)
  • 'PCFasterSvc_{PCFaster_3.2.0.29}' (Baidu PC Faster Service 3.2.0.29)
  • 'PCFasterSvc' (Baidu PC Faster Service)
Network connections
  • [TCP] mx-ll-110.164.2-43.static.3bb.co.th (110.164.2.43:80)

  • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.01490156%
    0.028634%
    Kernel CPU:0.00886443%
    0.013761%
    User CPU:0.00603712%
    0.014873%
    Kernel CPU time:42,918 ms/min
    100,923,805ms/min
    CPU cycles:6,242,049/sec
    17,470,203/sec
    Context switches:80/sec
    284/sec
    Memory
    Private memory:14.5 MB
    21.59 MB
    Private (maximum):35.13 MB
    Private (minimum):10.24 MB
    Non-paged memory:14.5 MB
    21.59 MB
    Virtual memory:108.97 MB
    140.96 MB
    Virtual memory (peak):185.46 MB
    169.69 MB
    Working set:12.89 MB
    18.61 MB
    Working set (peak):57.44 MB
    37.95 MB
    Page faults:3,280,449/min
    2,039/min
    I/O
    I/O read transfer:35.03 KB/sec
    1.02 MB/min
    I/O read operations:42/sec
    343/min
    I/O write transfer:21.54 KB/sec
    274.99 KB/min
    I/O write operations:68/sec
    227/min
    I/O other transfer:5.39 KB/sec
    448.09 KB/min
    I/O other operations:145/sec
    1,671/min
    Resource allocations
    Threads:23
    12
    Handles:371
    600
    GUI GDI count:5
    103
    GUI USER count:18
    49

    BehaviorsProcess properties

    Integrety level:Undefined
    Platform:32-bit
    Command line:"C:\Program Files\baidu security\pc faster\pcfastersvc.exe"
    Owner:SYSTEM
    Windows Service
    Service name:PCFasterSvc_{PCFaster_4.0.0.0}
    Display name:PCFasterSvc_{PCFaster_4.0.0.0}
    Description:“Baidu PC Faster Service 4.0.0.0”
    Type:Win32OwnProcess, InteractiveProcess
    Parent process:services.exe (Services and Controller app by Microsoft)

    ResourcesThreads

    Averages
     
    leakrepair.dll (Baidu PC Faster by Baidu)
    Total CPU:0.18555940%
    0.272967%
    Kernel CPU:0.07152102%
    0.107585%
    User CPU:0.11403839%
    0.165382%
    CPU cycles:436,836/sec
    5,741,424/sec
    Memory:1.24 MB
    1.16 MB
    systeminformation.dll (Baidu PC Faster by Baidu)
    Total CPU:0.10608711%
    Kernel CPU:0.09379695%
    User CPU:0.01229016%
    CPU cycles:2,175,976/sec
    Context switches:5/sec
    Memory:104 KB
    cleanerengine.dll (Baidu PC Faster by Baidu)
    Total CPU:0.06682118%
    Kernel CPU:0.06028856%
    User CPU:0.00653262%
    Memory:1.63 MB
    ADVAPI32.dll
    Total CPU:0.04595876%
    Kernel CPU:0.03133552%
    User CPU:0.01462324%
    Memory:620 KB
    sechost.dll
    Total CPU:0.01024659%
    Kernel CPU:0.00453777%
    User CPU:0.00570881%
    CPU cycles:418,859/sec
    Memory:100 KB
    PCFasterSvc.exe (main module)
    Total CPU:0.00715244%
    Kernel CPU:0.00527583%
    User CPU:0.00187661%
    CPU cycles:213,681/sec
    Context switches:2/sec
    Memory:572 KB
    sysrepair.dll (Baidu PC Faster by Baidu)
    Total CPU:0.00037968%
    Kernel CPU:0.00016272%
    User CPU:0.00021696%
    Memory:1.18 MB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Microsoft Windows XP 31.37%
    Windows 7 Ultimate 29.41%
    Windows 7 Professional 17.65%
    Windows 7 Home Premium 5.88%
    Windows 8.1 3.92%
    Windows 8.1 Enterprise 3.92%
    Windows 8 Pro 3.92%
    Windows 8.1 Pro 1.96%
    Windows 7 Enterprise 1.96%

    Distribution by countryDistribution by country

    Thailand installs about 39.22% of Baidu PC Faster.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Acer 25.00%
    Hewlett-Packard 19.44%
    GIGABYTE 13.89%
    Compaq 11.11%
    Intel 11.11%
    ASUS 5.56%
    MSI 5.56%
    Toshiba 5.56%
    American Megatrends 2.78%
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE