dmwu.exe
By Perion Network Ltd. (Signed)
| MD5: | f85eb9654b4c771470cd13a0a170d3b9 |
| SHA1: | 81a5dcbfe2305d75eb40667e482150411e20502a |
| SHA256: | d14ef833bf2678c29d60c26b366823f12c6ca09fb1f355c53f80e617885d5489 |
What is dmwu.exe?
dmwu.exe is the installation service for Web Optimizer, an ad-supported program. Web Optimizer by Perion Network Ltd. is a web browser extension and browser helper object (BHO) for Internet Explorer and Firefox (extension) and distributed through Perion Networks. The Web Optimizer extension includes a search bar which provides modified search redirection results and a search provider. Web Optimizer will attempt to change the default home page of the user's web browser as well.
Overview
dmwu.exe runs as a service under the name Updater Service (IBUpdaterService) with extensive SYSTEM privileges (full administrator access). It has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. The file is digitally signed by Perion Network Ltd. which was issued by the VeriSign certificate authority (CA).
Details
| File name: | dmwu.exe |
| Typical file path: | C:\Windows\System32\dmwu.exe |
| Size: | 1.39 MB (1,455,408 bytes) |
| Build date: | 4/7/2013 9:54 AM |
| Certificate |
| Issued to: | Perion Network Ltd. |
| Authority (CA): | VeriSign |
| Effective date: | Tuesday, April 24, 2012 |
| Expiration date: | Friday, April 24, 2015 |
| Digital DNA |
| PE subsystem: | Windows GUI |
| File packed: | No |
| Code language: | Microsoft Visual C++ 10.0 |
| .NET CLR: | No |
More details
Behaviors
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
- 'IBUpdaterService' (Updater Service)
- WebOptimizer
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
- Firewall exception for 'C:\WINDOWS\system32\dmwu.exe'
Network connections
Access through an approved Windows firewall exception
[UDP] listens on port 64047
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.02478849% | |
| Kernel CPU: | 0.01184463% | |
| User CPU: | 0.01294385% | |
| Kernel CPU time: | 1,529 ms/min | |
| Context switches: | 3/sec | |
| Memory |
| Private memory: | 6.89 MB | |
| Private (maximum): | 13.73 MB | |
| Private (minimum): | 13.64 MB | |
| Non-paged memory: | 6.89 MB | |
| Virtual memory: | 82.22 MB | |
| Virtual memory (peak): | 85.22 MB | |
| Working set: | 13.68 MB | |
| Working set (peak): | 13.88 MB | |
| Resource allocations |
| Threads: | 12 | |
| Handles: | 204 | |
Process properties
| Integrety level: | System |
| Platform: | 64-bit |
| Command line: | C:\Windows\System32\dmwu.exe |
| Owner: | SYSTEM |
| Windows Service |
| Service name: | IBUpdaterService |
| Display name: | Updater Service |
| Description: | “Updater Service” |
| Type: | Win32OwnProcess |
| Parent process: | services.exe (Services and Controller app by Microsoft) |
Threads
Averages
| sechost.dll (Host for SCM/SDDL/LSA Lookup APIs by Microsoft) |
| Total CPU: | 0.09151293% | |
| Kernel CPU: | 0.06706291% | |
| User CPU: | 0.02445002% | |
| CPU cycles: | 2,222,909/sec | |
| Context switches: | 3/sec | |
| Memory: | 124 KB | |
| dmwu.exe (main module) |
| Total CPU: | 0.00104795% | |
| Kernel CPU: | 0.00069867% | |
| User CPU: | 0.00034928% | |
| CPU cycles: | 18,680/sec | |
| Memory: | 1.4 MB | |
| ntdll.dll |
| Total CPU: | 0.00069868% | |
| Kernel CPU: | 0.00000000% | |
| User CPU: | 0.00069868% | |
| CPU cycles: | 7,038/sec | |
| Memory: | 1.66 MB | |
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Ultimate |
30.00% |
|
| Windows 7 Home Premium |
24.29% |
|
| Microsoft Windows XP |
17.14% |
|
| Windows 7 Professional |
10.00% |
|
| Windows 8 |
5.71% |
|
| Windows Vista Home Premium |
5.71% |
|
| Windows 8 Single Language |
2.86% |
|
| Windows 8.1 Pro with Media Center |
1.43% |
|
| Windows 8 Pro |
1.43% |
|
| Windows 8 Release Preview |
1.43% |
|
Distribution by country
United States installs about 34.29% of dmwu.exe.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Hewlett-Packard |
28.81% |
|
| Acer |
23.73% |
|
| Toshiba |
16.95% |
|
| Sony |
10.17% |
|
| Dell |
10.17% |
|
| MSI |
3.39% |
|
| ASUS |
3.39% |
|
| GIGABYTE |
3.39% |
|
