» Microsoft.Win32.TaskScheduler.dll
Overview
Analysis
File Details

Microsoft.Win32.TaskScheduler.dll

TaskService

Secure Installer Inc

This is part of the Air Installer, a download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. Microsoft.Win32.TaskScheduler.dll is the library provides the functionality to manage the Windows Task Manager scheduled tasks and is recompiled by Secure Installer Inc. The module Microsoft.Win32.TaskScheduler.dll, “Task Scheduler Wrapper” by Secure Installer Inc has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.

File name:

Publisher:

CodePlex Community (signed by Secure Installer Inc)

Product:

TaskService

Description:

Task Scheduler Wrapper

Version:

1.9.4.0

MD5:

bfaed0735cb32b85dc0daf35c1c6c9b6

SHA-1:

ffc75673f17ccacfc64c77e6f015b8a3bc1d10ad

SHA-256:

36e282d3403503d48d1cebdb8424c7a83afb957251c1a9c8ff8fceae5a731151

Scanner detections:

1 / 68

Status:

Adware

Explanation:

This is the library provides the functionality to manage the Windows Task Manager scheduled tasks. While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:

5/13/2024 1:09:52 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Air Software (M)

17.2.28.14

File size:

173.1 KB (177,272 bytes)

Product version:

1.9.4.0

Original file name:

Microsoft.Win32.TaskScheduler.dll

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\driverrestore\microsoft.win32.taskscheduler.dll

Digital Signature

Signed by:

Secure Installer Inc

Authority:

Symantec Corporation

Valid from:

10/27/2015 6:00:00 PM

Valid to:

11/18/2018 5:59:59 PM

Subject:

CN=Secure Installer Inc, O=Secure Installer Inc, L=Pleasanton, S=California, C=US, SERIALNUMBER=C3712890, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=California, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:

CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

22AA79DFC593B122228F38161FC4414F

File PE Metadata

Compilation timestamp:

3/21/2013 10:27:45 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

.NET CLR dependent:

Yes

Entry address:

0x2B30E

Entry point:

FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.0325

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

165 KB (168,960 bytes)

Remove Microsoft.Win32.TaskScheduler.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.