gc_getcid.dll

WebAppTech Coding LLC

This is part of an adware program designed to inject advertising in the web browser (banners, text-links) as well as modify the normal behavior of the browser as well as modify the computer’s system settings that control applications to run on startup. Part of the Injekt brand of unwanted programs. The module gc_getcid.dll, “DynConGC CID helper” by WebAppTech Coding has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program SafeMonitor by WebAppTech Coding, LLC which is a potentially unwanted software program.
Publisher:
WebAppTech Coding LLC  (signed and verified)

Description:
DynConGC CID helper

Version:
1, 0, 0, 1

MD5:
2340248c0c84972c928adc00ef6d3b20

SHA-1:
39f6901fb69b865414f8cd3a6599dd92f461b935

SHA-256:
30aeccc10f5de9abb4119b388de2813c757c0bfd79c6ce27a3291e5927898085

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:
11/23/2024 10:51:19 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.GenTechnologies (M)
17.2.2.8

File size:
101.1 KB (103,560 bytes)

Product version:
1, 0, 0, 1

Original file name:
gc_getcid.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\safemonitor\chrome\unzip\plugin\gc_getcid.dll

Digital Signature
Authority:
COMODO CA Limited

Valid from:
1/15/2013 4:00:00 PM

Valid to:
1/16/2014 3:59:59 PM

Subject:
CN=WebAppTech Coding LLC, O=WebAppTech Coding LLC, STREET="2885 Sanford Ave SW #18716", L=Grandville, S=MI, PostalCode=49418, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00ED976277604B937F55FA8DF427C5B534

File PE Metadata
Compilation timestamp:
6/5/2011 8:35:38 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x4019

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, D5, 43, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 51, 53, 56, 57, FF, 35, 28, 90, 01, 10, E8, A9, 30, 00, 00, FF, 35, 24, 90, 01, 10, 8B, F8, 89, 7D, FC, E8, 99, 30, 00, 00, 8B, F0, 59, 59, 3B, F7, 0F, 82, 83, 00, 00, 00, 8B, DE, 2B, DF, 8D, 43, 04, 83, F8, 04, 72, 77, 57, E8, 16, 44, 00, 00, 8B, F8, 8D, 43, 04, 59, 3B, F8, 73, 48, B8, 00, 08, 00, 00, 3B, F8, 73, 02, 8B, C7, 03, C7, 3B, C7, 72, 0F...
 
[+]

Entropy:
6.5921

Code size:
67.5 KB (69,120 bytes)

The file gc_getcid.dll has been discovered within the following program.

SafeMonitor  by WebAppTech Coding, LLC
Safe Monitor bundles additional potentially unwanted toolbars on the user's PC during installation: "In some cases, we may display product offers during your installation process. Of course, you will have the ability to accept or pass on these offers.
www.safemonitorapp.com
70% remove it
 
Powered by Should I Remove It?

Remove gc_getcid.dll - Powered by Reason Core Security