Icon status | Invisible |
Icon setting | Hidden when inactive |
Executable file | C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe |
Version | 1.0.3.57 |
Parent process | C:\Windows\explorer.exe |
Can be uninstalled | Yes |
Autorun | Started form registry |
Key | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run |
Value | pdiface |
Encrypted | No |
Size on disk | 253.2 Kb |
Minimum recorded memory usage | 240 Kb |
Average recorded memory usage | 12.8 Mb |
Maximum recorded memory usage | 35.3 Mb |
Date when maximum memory usage occured | 21.08.2013 21:34:28 |
Minimum recorded CPU usage | 0% |
Average recorded CPU usage | 0% |
Maximum recorded CPU usage | 100% |
Date when maximum CPU usage occured | 15.08.2013 21:09:54 |
Started at | 12.09.2013 19:32:12 |
Total CPU time | 1 seconds |
Imported functions | [-] Imported from WINHTTP.dllWinHttpCloseHandle WinHttpConnect WinHttpCrackUrl WinHttpOpen WinHttpOpenRequest WinHttpQueryHeaders WinHttpReceiveResponse WinHttpSendRequest
[-] Imported from gdiplus.dllGdipAlloc GdipCloneBrush GdipCloneImage GdipCreateBitmapFromScan0 GdipCreateFont GdipCreateFontFamilyFromName GdipCreateFromHDC GdipCreateSolidFill GdipDeleteBrush GdipDeleteFont GdipDeleteFontFamily GdipDeleteGraphics GdipDisposeImage GdipDrawImageRectI GdipDrawString GdipFillEllipseI GdipFillPieI GdipFillRectangleI GdipFree GdipGetImageGraphicsContext GdipLoadImageFromFile GdiplusShutdown GdiplusStartup GdipMeasureString
[-] Imported from ADVAPI32.dllAllocateAndInitializeSid GetNamedSecurityInfoW RegCloseKey RegCreateKeyExW RegCreateKeyW RegDeleteKeyW RegDeleteValueW RegOpenKeyExW RegQueryValueExW RegSetValueExW SetEntriesInAclW SetNamedSecurityInfoW
[-] Imported from KERNEL32.dllCloseHandle CreateDirectoryW CreateEventW CreateFileW CreateSemaphoreW CreateThread DecodePointer DeleteCriticalSection DeleteFileW EncodePointer EnterCriticalSection ExitProcess FreeLibrary GetCommandLineW GetCurrentProcess GetCurrentProcessId GetCurrentThreadId GetFileAttributesW GetFileSizeEx GetLastError GetLocalTime GetModuleFileNameW GetProcAddress GetStartupInfoW GetSystemTimeAsFileTime GetTempFileNameW GetTickCount HeapSetInformation InitializeCriticalSection InterlockedCompareExchange InterlockedExchange IsDebuggerPresent LeaveCriticalSection LoadLibraryA LoadLibraryW LocalAlloc LocalFree lstrcpynW MultiByteToWideChar OutputDebugStringW QueryPerformanceCounter QueryPerformanceFrequency RaiseException ReadFile ReleaseSemaphore ResetEvent SetEvent SetLastError SetUnhandledExceptionFilter Sleep TerminateProcess UnhandledExceptionFilter WaitForMultipleObjects WaitForSingleObject WriteFile
[-] Imported from USER32.dllBeginPaint CreatePopupMenu CreateWindowExW DefWindowProcW DestroyIcon DestroyMenu DestroyWindow DispatchMessageW DrawMenuBar EndDialog EndPaint GetClientRect GetCursorPos GetForegroundWindow GetMenuItemCount GetMessageW GetParent GetSubMenu GetSystemMetrics GetWindowLongW GetWindowRect InsertMenuItemW InvalidateRect IsWindow IsWindowVisible KillTimer LoadAcceleratorsW LoadCursorW LoadIconW LoadStringW MessageBoxW PostMessageW PostQuitMessage RealGetWindowClassW RegisterClassExW RegisterWindowMessageW ReleaseCapture RemoveMenu SendMessageW SetCapture SetCursor SetForegroundWindow SetLayeredWindowAttributes SetTimer SetWindowLongW SetWindowPos SetWindowRgn ShowWindow TrackPopupMenu TranslateAcceleratorW TranslateMessage
[-] Imported from ole32.dllCLSIDFromString CoCreateInstance CoInitializeSecurity CoSetProxyBlanket CoUninitialize OleCreate OleInitialize OleSetContainedObject StgCreateDocfile
[-] Imported from MSVCR100.dll??_U@YAPAXI@Z ??_V@YAXPAX@Z ??0exception@std@@QAE@ABQBD@Z ??0exception@std@@QAE@ABV01@@Z ??1exception@std@@UAE@XZ ??2@YAPAXI@Z ??3@YAXPAX@Z ?_type_info_dtor_internal_method@type_in... ?terminate@@YAXXZ ?what@exception@std@@UBEPBDXZ __CxxFrameHandler3 __dllonexit __set_app_type __setusermatherr __wgetmainargs _amsg_exit _cexit _commode _configthreadlocale _controlfp_s _crt_debugger_hook _CxxThrowException _except_handler4_common _exit _fmode _fseeki64 _ftelli64 _initterm_e _initterm _invoke_watson _itow _localtime64_s _localtime64 _lock _mktime64 _onexit _purecall _set_invalid_parameter_handler _time64 _unlock _vscwprintf _vsnprintf_s _vsnwprintf_s _waccess _wassert _wcmdln _wcsdup _wcsicmp _wcsnicmp _wfopen _wtoi _XcptFilter calloc exit fclose fread free malloc memcpy memmove memset realloc strcpy_s strncpy vsprintf_s vswprintf_s wcscat_s wcschr wcscpy_s wcsncmp wcsncpy_s wcsncpy wcsrchr wcsstr
[-] Imported from UsageReporting.dll?BeginReport@?$UsageReportingClientT@_W@... ?Create@?$UsageReportingClientT@_W@BitDe... ?Destroy@?$UsageReportingClientT@_W@BitD... ?EndReport@?$UsageReportingClientT@_W@Bi... ?Report@?$UsageReportingClientT@_W@BitDe... ?SetProperty@?$UsageReportingClientT@_W@...
|
Some relevant texts from the exe file | [-] Click here to hide detailshttp://ocsp.verisign.com0 http://crl.verisign.com/pca3-g5.crl04 http://logo.verisign.com/vslogo.gif04 https://www.verisign.com/rpa0 https://www.verisign.com/cps0* /http://csc3-2010-aia.verisign.com/CSC3-2010.cer0 http://ocsp.verisign.com0; /http://csc3-2010-crl.verisign.com/CSC3-2010.crl0D http://ocsp.verisign.com0> https://www.verisign.com/cps0 http://crl.verisign.com/pca3.crl0 +http://ts-crl.ws.symantec.com/tss-ca-g2.crl0( +http://ts-aia.ws.symantec.com/tss-ca-g2.cer0< http://ts-ocsp.ws.symantec.com07 .http://crl.thawte.com/ThawteTimestampingCA.crl0 http://ocsp.thawte.com0 http://www.w3.org/1999/xhtml http://www.bitdefender.com http://www.twitter.com/intent/tweet?text=Download !This program cannot be run in DOS mode. htmlayout.dll Component Categories scan_requested message_new_install display:none; retry_button message_inner display:block; \ipm\ipm_offline\clwnd.html id_settings_content tdisplay:none; id_report_content icon_close icon_settings icon_report icon_close_box xdisplay:none; start_scan_button see_logs_button event_count switch_proactive_scan proactive_scan switch_start_windows start_windows switch_anonym_stat switch_auto_updates auto_update update_button FacebookLink GoogleLink frequency_switch av_inst_off issue_fix_av_inst issue_fix_av_off as_inst_off issue_fix_as_inst issue_fix_as_off issue_fix_fw_inst issue_fix_fw_off uac_on_off issue_fix_uac win_update_off issue_fix_winupd see_logs_infected count_viruses no_viruses view_scan_reports ErrorFileNotFound ErrorAccessDenied ErrorNoAssociation install\lang\eula.html control.exe \install\htmlayout.dll NewVersionClickUpdate ProductName PedroIfaceCrash Local\PdrSaveState Local\PdrWaitStop Local\PdrUpdate Local\PdrShowClWindow Local\PdrIfaceOn Local\PdrShowIface [wWinMain] Could not create IPC thread. errCode: ProductActive settings_window wdisplay:none; circle_window main_circle edisplay:block; xdisplay:block; ndisplay:block; NoInfectedFoundStatus YellowOkStatus AllIsNotOkStatus scan_infected wdisplay:block; id_marketing_content edisplay:none; settings_window_name InfectionsTitle scan_error_system scan_error_os scan_error_option scan_error_procs scan_error_comm scan_error_key scan_error_seq scan_error_unknown ndisplay:none; InternalError InternetError ServiceResponsive ServiceUnresponsive sswdisplay:none; no_info_available last_virus_found no_virus_found win_update fdisplay:none; issue_infected issue_winupd issue_av_off fdisplay:block; issue_av_inst issue_as_off issue_as_inst issue_fw_off issue_fw_inst report_circle some_issue period_date red_issue_report_title yellow_issue_report_title green_issue_report_title red_subtitle yellow_subtitle green_subtitle ldisplay:none; message_update elimage_status first_image_no_scanning image_status first_image_no_scanning eStartingScan eeimage_status first_image_no_scanning image_status no_issues_image eimage_status issues_image eimage_status some_issues_image eimage_status update_image eimage_status unresp_image tdisplay:block; button_line OneInfectedFoundStatus [InfectionCount] InfectedFoundStatus ReportTitle NoInfectedItemsFound InfectedItemsFound SOFTWARE\60SecondState SOFTWARE\Bitdefender 60Seconds Invalid encoding out_end == out_begin + out_length :anonymous Invalid node type dest.type() == source.type() !wide_stream wide_stream sizeof(wchar_t) == 0 File was not found Error reading from file/stream Could not allocate memory Internal error occurred Could not determine tag type Error parsing comment Error parsing CDATA section Error parsing document type declaration Error parsing PCDATA section Error parsing start element tag Error parsing element attribute Error parsing end element tag Start-end tags mismatch Unknown error root_page !root_page->prev !root_page->memory contents || size == 0 <?xml version= encoding= static_cast<unsigned int>(*mantissa - s < result + sizeof(result) / sizeof(result[0]) Invalid variable type Invalid node set type _result.error Internal error Expression does not evaluate to node set actual_length <= read_length write + chunk->size <= buffer + total write == buffer + total 60 Second Virus Scanner \proactive SOFTWARE\Microsoft\Windows\CurrentVersion\Run ManufacturerName ProductVersion [ProductName] [ManufacturerName] [ProductVersion] xlf:trans-unit xlf:source [ReadWeeklyReport] Could not read pdiface.exe -noshow images\frames\scanning images\magnifier images\report images\pink_area.png images\bg_scanning_glow.png images\report_chart_under.png images\report_chart_over.png ScanDuration ScannedProcesses ScannedFiles TimeoutMsg1 TimeoutMsg2 60-Second Virus Scanner \ipm\ipm_offline\ red_noav.html red_noav_cl.html red_virus.html ipm_offline_ <!DOCTYPE html PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN ><head></head><body scroll= url.dll,FileProtocolHandler rundll32.exe [WorkerDeleteOldLogs] Start [WorkerDeleteOldLogs] Could not delete [WorkerDeleteOldLogs] Function exit with errCode: [ReadWeeklyReports] Could not read [WriteWeeklyReports] Could not write [SYS] An invalid format string was supplied: [CIpc::Connect] Could not get bin path. errCode: d\npcomm.dll NPCGetNewEndpoint NPCReleaseEndpoint [CIpc::Connect] Could not get endpoint [CIpc::Connect] Could not get client ( [CIpc::Connect] Could not init client( pedroGenericCrash [NpcommMessageCallback] No Handler for msg WerReportAddDump WerReportCreate WerReportSubmit WerReportCloseHandle Faultrep.dll ReportFault invalid map/set<T> iterator map/set<T> too long invalid string position gUsage::Report( Usage::Report = Usage::Report( drag-window @wHtmlayoutWindow result.offset >= 0 static_cast<size_t>(result.offset) <= length Usage::Init( Usage::Init: Already initialized. Usage::Init: Couldn t get CSIDL_COMMON_APPDATA. t append company name to path. t append product name to path. Usage::Init: Created path [ Usage::Init: SHCreateDirectory error [ t initialize t get security info for database path. t add entry in ACL. t set security info for database path. t append database name to path. Usage::Init = Usage::UnInit( Usage::UnInit = Usage::SetProperty( Usage::SetProperty = Usage::BeginReport = Usage::BeginReport( Usage::EndReport( Usage::EndReport = HTMLayout_UseElement HTMLayoutGetElementHwnd HTMLayout_UnuseElement HTMLayoutSetElementInnerText16 HTMLayoutVisitElements HTMLayoutUpdateElement HTMLayoutGetAttributeByName HTMLayoutGetElementHtmlCB HTMLayoutDataReady HTMLayoutSetCallback HTMLayoutLoadHtmlEx ValueStringDataSet HTMLayoutGetChildrenCount HTMLayoutControlSetValue HTMLayoutSetElementState ValueClear HTMLayoutControlGetType HTMLayoutGetNthChild HTMLayoutSetAttributeByName HTMLayoutGetElementInnerTextCB HTMLayoutGetElementLocation HTMLayoutGetRootElement HTMLayoutWindowAttachEventHandler HTMLayoutProcND HTMLayoutGetElementState HTMLayoutGetParentElement _CxxThrowException .?AVtype_info@@ .?AUISyncRWLock@@ .?AVexception@std@@ .?AUIOleInPlaceUIWindow@@ .?AUIOleInPlaceFrame@@ .?AUIOleWindow@@ .?AUIOleInPlaceSite@@ .?AUIAdviseSink@@ .?AUIDispatch@@ .?AUIUnknown@@ .?AUIOleClientSite@@ .?AVAXClientSite@@ .?AUdrag_window@htmlayout@@ .?AUbehavior@htmlayout@@ .?AUevent_handler@htmlayout@@ .?AUfind_first_callback@element@dom@htmlayout@@ .?AVcallback@dom@htmlayout@@ .?AVSolidBrush@Gdiplus@@ .?AVImage@Gdiplus@@ .?AVBitmap@Gdiplus@@ .?AVGdiplusBase@Gdiplus@@ .?AVBrush@Gdiplus@@ .?AUDOMEventsHandlerType@@ .?AVReplaceContentByString@@ QuickScan Gadget VS_VERSION_INFO StringFileInfo FileVersion CompanyName FileDescription 60-Second Interface InternalName LegalCopyright OriginalFilename pdiface.exe Bitdefender 60-Second Virus Scanner VarFileInfo Translation Bitdefender Laboratories urn:schemas-microsoft-com:asm.v1 manifestVersion= <trustInfo xmlns= urn:schemas-microsoft-com:asm.v3 <security> uiAccess= ></requestedExecutionLevel> </security> </trustInfo> ;-;5;:;A;H;R;];e;o;w; 8)858A8M8U8d8o8z8 :!:+:8:=:B:\:a:q:y: >/>5>?>J>U>[>e>o> 0+01070E0a0o0 2-272A2K2U2_2i2s2}2 :*:0:7:>:E:L:S:Z:a:i:q:y: :1:B:J:Q:\:f:q: Durbanville1 Thawte Certification1 Thawte Timestamping CA0 Symantec Corporation100. Symantec Time Stamping Services CA - G20 TimeStamp-2048-10 Symantec Corporation1402 +Symantec Time Stamping Services Signer - G40 TimeStamp-2048-20 .Class 3 Public Primary Certification Authority0 VeriSign Trust Network1:08 image/gif0!0 Washington1 Microsoft Corporation1)0 Microsoft Code Verification Root0 VeriSign Trust Network1;09 VeriSign Class 3 Code Signing 2010 CA0 Bucharest1 VeriSign Class 3 Code Signing 2010 CA Symantec Time Stamping Services CA - G2
|