» dwc.dll
Overview
Analysis
File Details

dwc.dll

DriverAgent WebScan

Secure Installer Inc

This is part of the Air Installer, a download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The module dwc.dll by Secure Installer Inc has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the AirInstaller Download Manager installer.

File name:

dwc.dll

Publisher:

eSupport.com, Inc. (signed by Secure Installer Inc)

Product:

DriverAgent WebScan

Version:

3.2016.12.29

MD5:

5f35663b3ff498131897c4909144bec2

SHA-1:

33f32084dd0d46107083b7d2c53a32194433db5e

SHA-256:

3854f979824e744260f470f590f4484ab83d31f999769409af4fbb950076a0ed

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

5/13/2024 9:37:18 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Air Software (M)

17.2.28.14

File size:

785.1 KB (803,960 bytes)

Product version:

2.2013

File type:

Dynamic link library (Win32 DLL)

Bundler/Installer:

AirInstaller Download Manager

Language:

English (United States)

Common path:

C:\Program Files\driverrestore\dwc.dll

Digital Signature

Signed by:

Secure Installer Inc

Authority:

Symantec Corporation

Valid from:

10/27/2015 6:00:00 PM

Valid to:

11/18/2018 5:59:59 PM

Subject:

CN=Secure Installer Inc, O=Secure Installer Inc, L=Pleasanton, S=California, C=US, SERIALNUMBER=C3712890, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=California, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:

CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

22AA79DFC593B122228F38161FC4414F

File PE Metadata

Compilation timestamp:

12/29/2016 12:25:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x962B4

Entry point:

55, 8B, EC, 83, C4, C4, B8, 28, 45, 49, 00, E8, 18, 13, F7, FF, E8, FB, ED, F6, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.6521

Developed / compiled with:

Microsoft Visual C++

Code size:

595.5 KB (609,792 bytes)

Remove dwc.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.