dmwu.exe
By Perion Network Ltd. (Signed)
| MD5: | 11c3a981748cc27f740d6101d6bd7b79 |
| SHA1: | 7bfc1966bd13516e79a7d8736c3909098aca6f50 |
| SHA256: | 098a0f62cd84bfa6505127058ec48da45c8251b48f24fc146e2a0189370abcb8 |
What is dmwu.exe?
dmwu.exe is the installation service for Web Optimizer, an ad-supported program. Web Optimizer by Perion Network Ltd. is a web browser extension and browser helper object (BHO) for Internet Explorer and Firefox (extension) and distributed through Perion Networks. The Web Optimizer extension includes a search bar which provides modified search redirection results and a search provider. Web Optimizer will attempt to change the default home page of the user's web browser as well.
Overview
dmwu.exe runs as a service under the name Updater Service (IBUpdaterService) with extensive SYSTEM privileges (full administrator access). It has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. The file is digitally signed by Perion Network Ltd. which was issued by the VeriSign certificate authority (CA).
Details
| File name: | dmwu.exe |
| Typical file path: | C:\Windows\System32\dmwu.exe |
| Size: | 1.2 MB (1,261,936 bytes) |
| Certificate |
| Issued to: | Perion Network Ltd. |
| Authority (CA): | VeriSign |
| Effective date: | Tuesday, April 24, 2012 |
| Expiration date: | Friday, April 24, 2015 |
| Digital DNA |
| PE subsystem: | Windows GUI |
| File packed: | No |
| Code language: | Microsoft Visual C++ 10.0 |
| .NET CLR: | No |
More details
Behaviors
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
- 'IBUpdaterService' (Updater Service)
- WebOptimizer
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
- Firewall exception for 'C:\WINDOWS\system32\dmwu.exe'
Network connections
Access through an approved Windows firewall exception
[UDP] listens on port 51902
[UDP] listens on port 60018
[UDP] listens on port 56660
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00364965% | |
| Kernel CPU: | 0.00142745% | |
| User CPU: | 0.00222220% | |
| Kernel CPU time: | 32,287 ms/min | |
| CPU cycles: | 445,275/sec | |
| Memory |
| Private memory: | 13.31 MB | |
| Private (maximum): | 16.62 MB | |
| Private (minimum): | 7.13 MB | |
| Non-paged memory: | 13.31 MB | |
| Virtual memory: | 99.36 MB | |
| Virtual memory (peak): | 101.83 MB | |
| Working set: | 13.2 MB | |
| Working set (peak): | 16.9 MB | |
| Page faults: | 7,544,962/min | |
| I/O |
| I/O read transfer: | 87 Bytes/sec | |
| I/O read operations: | 1/sec | |
| I/O other transfer: | 276 Bytes/sec | |
| I/O other operations: | 16/sec | |
| Resource allocations |
| Threads: | 11 | |
| Handles: | 975 | |
Process properties
| Integrety level: | System |
| Platform: | 64-bit |
| Command line: | C:\Windows\System32\dmwu.exe |
| Owner: | SYSTEM |
| Windows Service |
| Service name: | IBUpdaterService |
| Display name: | Updater Service |
| Description: | “Updater Service” |
| Type: | Win32OwnProcess |
| Parent process: | services.exe (Services and Controller app by Microsoft) |
Threads
Averages
| sechost.dll |
| Total CPU: | 0.03921240% | |
| Kernel CPU: | 0.00789890% | |
| User CPU: | 0.03131350% | |
| CPU cycles: | 887,201/sec | |
| Memory: | 280 KB | |
| dmwu.exe (main module) |
| Total CPU: | 0.00014308% | |
| Kernel CPU: | 0.00014207% | |
| User CPU: | 0.00000102% | |
| CPU cycles: | 2,250/sec | |
| Memory: | 1.22 MB | |
| ntdll.dll |
| Total CPU: | 0.00001467% | |
| Kernel CPU: | 0.00001467% | |
| User CPU: | 0.00000000% | |
| CPU cycles: | 1,964/sec | |
| Memory: | 1.66 MB | |
| WININET.dll |
| Total CPU: | 0.00000407% | |
| Kernel CPU: | 0.00000000% | |
| User CPU: | 0.00000407% | |
| CPU cycles: | 265/sec | |
| Memory: | 1.36 MB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Ultimate |
30.00% |
|
| Windows 7 Home Premium |
24.29% |
|
| Microsoft Windows XP |
17.14% |
|
| Windows 7 Professional |
10.00% |
|
| Windows 8 |
5.71% |
|
| Windows Vista Home Premium |
5.71% |
|
| Windows 8 Single Language |
2.86% |
|
| Windows 8.1 Pro with Media Center |
1.43% |
|
| Windows 8 Pro |
1.43% |
|
| Windows 8 Release Preview |
1.43% |
|
Distribution by country
United States installs about 34.29% of dmwu.exe.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Hewlett-Packard |
28.81% |
|
| Acer |
23.73% |
|
| Toshiba |
16.95% |
|
| Sony |
10.17% |
|
| Dell |
10.17% |
|
| MSI |
3.39% |
|
| ASUS |
3.39% |
|
| GIGABYTE |
3.39% |
|
