Should I block it?

45%
45% of PCs block this file from running.
Possible reason:
Performance resource utilization

VersionsAdditional versions

4,0,7,67974 1.96%
4,0,1,55642 5.88%
4,0,0,48542 1.96%
3,7,1,43052 15.69%
3,7,1,42591 1.96%
3,7,1,41782 1.96%
3,7,1,39149 5.88%
3,2,0,29 11.76%
3,2,0,25 1.96%
3,0,0,4 1.96%
1,18,0,9 1.96%
1,17,0,4 9.80%
1,16,0,7 19.61%
1,16,0,6 1.96%
1,13,0,17 15.69%

Relationships

Parent process
Child processes
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
SetSecurityDescriptorSacl, GetSecurityDescriptorSacl, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegOpenUserClassesRoot, CreateProcessAsUserW, FreeSid, SetNamedSecurityInfoW, SetEntriesInAclW, GetNamedSecurityInfoW, StartServiceW, RegDeleteValueW, EqualSid, AllocateAndInitializeSid, GetTokenInformation, CloseServiceHandle, QueryServiceStatus, OpenServiceW, OpenSCManagerW, RevertToSelf, RegOpenCurrentUser, ImpersonateLoggedOnUser, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, ConvertSidToStringSidW, LookupAccountNameW, GetUserNameW, RegSetValueExW, RegQueryValueExW, RegOpenKeyExW, RegCreateKeyExW, RegCloseKey, RegisterServiceCtrlHandlerW, SetServiceStatus, StartServiceCtrlDispatcherW, SetSecurityInfo, RegOpenKeyW, RegEnumKeyExW, SetTokenInformation, RegDeleteKeyW, DuplicateTokenEx
bhips.dll
BHips_SetProtectOpt, BHips_RegisterCallback, BHips_AddProtectRegPath, BHips_AddProtectFilePath, BHips_AddProtectProcessDirPath, BHips_DrvInst, BHips_Startup
datareport.dll
Stop, RD_WW, Start
gdi32.dll
PtVisible, GetStockObject, DeleteDC, ScaleWindowExtEx, SetWindowExtEx, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, ExtTextOutW, TextOutW, GetClipBox, SetTextColor, SetMapMode, RestoreDC, SaveDC, SetBkColor, GetDeviceCaps, DeleteObject, CreateBitmap, RectVisible
iphlpapi.dll
GetAdaptersAddresses
kernel32.dll
DllMain
log.dll
WriteLog, CreateLog
ole32.dll
CoTaskMemFree
oleacc.dll
LresultFromObject, CreateStdAccessibleObject
shell32.dll
SHGetFolderPathW, ShellExecuteExW, CommandLineToArgvW
shlwapi.dll
PathAppendW, PathAddBackslashW, PathFindFileNameW, PathFileExistsW, PathRenameExtensionW, PathRemoveFileSpecW, StrRChrW, SHRegGetValueW, SHDeleteValueW, SHDeleteKeyW, PathIsDirectoryW, PathRemoveExtensionW, StrStrIW
user32.dll
DestroyMenu, GrayStringW, DrawTextExW, DrawTextW, TabbedTextOutW, RegisterWindowMessageW, LoadIconW, WinHelpW, GetCapture, GetClassLongW, SetPropW, GetPropW, RemovePropW, GetForegroundWindow, GetTopWindow, DestroyWindow, GetMessageTime, GetMessagePos, MapWindowPoints, SetMenu, GetClientRect, CreateWindowExW, GetClassInfoExW, GetClassInfoW, AdjustWindowRectEx, DefWindowProcW, CallWindowProcW, CopyRect, GetMenu, SystemParametersInfoA, GetWindowPlacement, SetMenuItemBitmaps, GetMenuCheckMarkDimensions, LoadBitmapW, ModifyMenuW, EnableMenuItem, CheckMenuItem, PostQuitMessage, SetForegroundWindow, IsIconic, PostMessageW, SetWindowPos, SetWindowLongW, IsWindow, GetDlgItem, SetWindowsHookExW, CallNextHookEx, GetMessageW, TranslateMessage, DispatchMessageW, GetKeyState, PeekMessageW, ValidateRect, GetFocus, SetTimer, KillTimer, FindWindowExW, MsgWaitForMultipleObjectsEx, RegisterClassW, ClientToScreen, GetWindow, GetDlgCtrlID, GetWindowRect, GetClassNameW, PtInRect, SetWindowTextW, GetWindowTextW, GetWindowThreadProcessId, SendMessageW, GetParent, GetWindowLongW, GetLastActivePopup, IsWindowEnabled, EnableWindow, MessageBoxW, UnhookWindowsHookEx, LoadCursorW, GetSystemMetrics, GetDC, ReleaseDC, GetSysColor, GetSysColorBrush, GetMenuState, GetMenuItemID, GetMenuItemCount, GetSubMenu, ExitWindowsEx, wsprintfW, SendMessageTimeoutW
userenv.dll
CreateEnvironmentBlock, DestroyEnvironmentBlock
version.dll
GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW
wininet.dll
InternetConnectW, HttpOpenRequestW, InternetSetOptionW, InternetReadFile, HttpQueryInfoW, InternetCloseHandle, InternetCrackUrlW, InternetOpenW, HttpSendRequestW
winspool.drv
DocumentPropertiesW, OpenPrinterW, ClosePrinter
wtsapi32.dll
WTSEnumerateSessionsW, WTSFreeMemory, WTSQueryUserToken

pcfastersvc.exe

Baidu PC Faster by Baidu Online Network Technology (Beijing)Co. (Signed)

Remove pcfastersvc.exe
Version:   1,17,0,4
MD5:   db6c21b9fc08174b3a85544f2b560244
SHA1:   7b648ca5a7fe2a1d0c2082c288599b61a504682a
SHA256:   8e4f3e482e8bf28ed185429bb9ddcf99674962786b22da62075a319f3e9a7c2d

Overview

pcfastersvc.exe runs as a service under the name PCFasterSvc_{PCFaster_4.0.0.0} (PCFasterSvc_{PCFaster_4.0.0.0}) with extensive SYSTEM privileges (full administrator access). This is typically installed with the program Baidu PC Faster published by Baidu, Inc. and is most likely removed by most users once installed (65% removed). The file is digitally signed by Baidu Online Network Technology (Beijing)Co. which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:pcfastersvc.exe
Publisher:Baidu Inc.
Product name:Baidu PC Faster
Description:Baidu PC Faster Service
Typical file path:C:\Program Files\baidu security\pc faster\pcfastersvc.exe
File version:1,17,0,4
Size:539.39 KB (552,336 bytes)
Certificate
Issued to:Baidu Online Network Technology (Beijing)Co.
Authority (CA):VeriSign
Digital DNA
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
Baidu PC Faster
 Baidu, Inc.
  65% remove
The software is typically bundled with third party installers such as Open Candy. "Offer your users a free system maintenance and utility suite to help them get the most out of their PC’s performance."

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • PCFasterSvc_{PCFaster_4.0.0.0}
  • 'PCFasterSvc_{PCFaster_4.0.0.0}' (Baidu PC Faster Service 4.0.0.0)
  • 'PCFasterSvc_{PCFaster_3.7.0.0}' (Baidu PC Faster Service 3.7.0.0)
  • 'PCFasterSvc_{PCFaster_3.2.0.29}' (Baidu PC Faster Service 3.2.0.29)
  • 'PCFasterSvc' (Baidu PC Faster Service)
Network connections
  • [TCP] 180.76.2.169:80

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.02452544%
    0.028634%
    Kernel CPU:0.01253098%
    0.013761%
    User CPU:0.01199446%
    0.014873%
    Kernel CPU time:744,511 ms/min
    100,923,805ms/min
    Context switches:91/sec
    284/sec
    Memory
    Private memory:13.63 MB
    21.59 MB
    Private (maximum):17.05 MB
    Private (minimum):9.3 MB
    Non-paged memory:13.63 MB
    21.59 MB
    Virtual memory:126.57 MB
    140.96 MB
    Virtual memory (peak):171.58 MB
    169.69 MB
    Working set:11.3 MB
    18.61 MB
    Working set (peak):39.18 MB
    37.95 MB
    Resource allocations
    Threads:25
    12
    Handles:424
    600
    GUI GDI count:8
    103
    GUI USER count:14
    49

    BehaviorsProcess properties

    Integrety level:Undefined
    Platform:32-bit
    Command line:"C:\Program Files\baidu security\pc faster\pcfastersvc.exe"
    Owner:SYSTEM
    Windows Service
    Service name:PCFasterSvc_{PCFaster_4.0.0.0}
    Display name:PCFasterSvc_{PCFaster_4.0.0.0}
    Description:“Baidu PC Faster Service 4.0.0.0”
    Type:Win32OwnProcess, InteractiveProcess
    Parent process:services.exe (Services and Controller app by Microsoft)

    ResourcesThreads

    Averages
     
    systeminformation.dll (Baidu PC Faster by Baidu)
    Total CPU:0.71453724%
    0.272967%
    Kernel CPU:0.70003770%
    0.107585%
    User CPU:0.01449954%
    0.165382%
    CPU cycles:17,665,910/sec
    5,741,424/sec
    Context switches:690/sec
    79/sec
    Memory:104 KB
    1.16 MB
    ntdll.dll
    Total CPU:0.10043816%
    Kernel CPU:0.08927929%
    User CPU:0.01115887%
    CPU cycles:2,177,308/sec
    Context switches:2/sec
    Memory:1.23 MB
    leakrepair.dll (Baidu PC Faster by Baidu)
    Total CPU:0.07606759%
    Kernel CPU:0.06832637%
    User CPU:0.00774121%
    CPU cycles:1,238,262/sec
    Context switches:3/sec
    Memory:1.28 MB
    ADVAPI32.dll
    Total CPU:0.01632621%
    Kernel CPU:0.01274240%
    User CPU:0.00358380%
    Context switches:10/sec
    Memory:620 KB
    cleanerengine.dll (Baidu PC Faster by Baidu)
    Total CPU:0.00900454%
    Kernel CPU:0.00825554%
    User CPU:0.00074899%
    CPU cycles:183,666/sec
    Memory:1.63 MB
    sechost.dll
    Total CPU:0.00214685%
    Kernel CPU:0.00173079%
    User CPU:0.00041606%
    CPU cycles:224,250/sec
    Context switches:9/sec
    Memory:100 KB
    PCFasterSvc.exe (main module)
    Total CPU:0.00162228%
    Kernel CPU:0.00094781%
    User CPU:0.00067448%
    CPU cycles:77,677/sec
    Context switches:3/sec
    Memory:564 KB
    sysrepair.dll (Baidu PC Faster by Baidu)
    Total CPU:0.00016645%
    Kernel CPU:0.00016645%
    User CPU:0.00000000%
    CPU cycles:3,852/sec
    Memory:1.18 MB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Microsoft Windows XP 31.37%
    Windows 7 Ultimate 29.41%
    Windows 7 Professional 17.65%
    Windows 7 Home Premium 5.88%
    Windows 8.1 3.92%
    Windows 8.1 Enterprise 3.92%
    Windows 8 Pro 3.92%
    Windows 8.1 Pro 1.96%
    Windows 7 Enterprise 1.96%

    Distribution by countryDistribution by country

    Thailand installs about 39.22% of Baidu PC Faster.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Acer 25.00%
    Hewlett-Packard 19.44%
    GIGABYTE 13.89%
    Compaq 11.11%
    Intel 11.11%
    ASUS 5.56%
    MSI 5.56%
    Toshiba 5.56%
    American Megatrends 2.78%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE