» Microsoft.Win32.TaskScheduler.dll
Overview
Analysis
File Details

Microsoft.Win32.TaskScheduler.dll

TaskService

One Floor App

One Floor App (Simply Tech/Widdit) distributes and bundles potentially unwanted programs (PUPs) using its OneFloorApp install manager (SimplyInstaller). Microsoft.Win32.TaskScheduler.dll is the library provides the functionality to manage the Windows Task Manager scheduled tasks and is recompiled by One Floor App. The library Microsoft.Win32.TaskScheduler.dll, “Task Scheduler Wrapper” by One Floor App has been known to be a potentially unwanted program that has been detected by 1 anti-malware scanner. The program is a setup application that uses the Widdit Setup installer. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself.

File name:

Publisher:

CodePlex Community (signed by One Floor App)

Product:

TaskService

Description:

Task Scheduler Wrapper

Version:

1.9.3.0

MD5:

e3c95dfc6c5f6f679c50150310bf77cc

SHA-1:

386672a00d5c014076e76a5620554a5cb3b79b70

SHA-256:

102d5f90c4c32ea4cddfda0307cf03667d80ad7957c2c1ecb3f2d1a532e59c24

Scanner detections:

1 / 68

Status:

Inconclusive but possibly unwanted (It is part of a common redistributable library)

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/25/2024 8:10:41 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Common.PartOf.PUP.Widdit.OneFloorApp (M)

16.2.15.15

File size:

172.6 KB (176,704 bytes)

Product version:

1.9.3.0

Original file name:

Microsoft.Win32.TaskScheduler.dll

File type:

Dynamic link library (Win32 DLL)

Bundler/Installer:

Widdit Setup

Common path:

C:\Program Files\certifiedtoolbar\microsoft.win32.taskscheduler.dll

Digital Signature

Signed by:

One Floor App

Authority:

COMODO CA Limited

Valid from:

4/7/2014 2:00:00 AM

Valid to:

4/7/2016 1:59:59 AM

Subject:

CN=One Floor App, O=One Floor App, STREET=2 Ben Gurion, L=Ramat Gan, S=Israel, PostalCode=52573, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00A0F147ADC25ABB7A212B2A70DB63456F

File PE Metadata

Compilation timestamp:

2/11/2013 5:58:56 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:N1/Oj/kqEgV0yEHBAnpK37nXMNQ81h90qikUTTnGpIWAM4QfNqu4tymd8l33AkGG:N1arbCqikUT24+blyYz

Entry address:

0x2B1CE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 10, 00, 00, 00, 18, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 30, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 48, 00, 00, 00, 58, C0, 02, 00, 70, 03... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

164.5 KB (168,448 bytes)

Scan Microsoft.Win32.TaskScheduler.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.