home

Acm.dll

WhenU Acm.dll

WHENU.COM INC

The module Acm.dll by WHENU.COM INC has been detected as adware by 30 anti-malware scanners.
Publisher:
WhenU.com, Inc.  (signed by WHENU.COM INC)

Product:
WhenU Acm.dll

Version:
1, 0, 6, 0

MD5:
ad616a7e4a5306582e0f7363e36e0e75

SHA-1:
33c78e3161f1d59aa14005d058844138b6b71913

Scanner detections:
30 / 68

Status:
Adware

Analysis date:
4/19/2024 4:31:55 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Adware.WhenU
7.1.1

AhnLab V3 Security
Win-Adware/SaveNow.516472
2013.04.13

Avira AntiVirus
SPR/AdTool.WhenU.I.1
7.11.72.84

avast!
Win32:Adware-gen [Adw]
2014.9-150405

AVG
Generic4
2016.0.3149

Bitdefender
Gen:Adware.Heur.Fu9@RmWJe9ii
1.0.20.475

Clam AntiVirus
Adware.WhenU-4
0.98/18155

Comodo Security
not-a-virus.AdTool.Win32.WhenU.i
15911

Dr.Web
Adware.Whenu
9.0.1.095

Emsisoft Anti-Malware
Gen:Adware.Heur.Fu9@RmWJe9ii
8.15.04.05.05

Fortinet FortiGate
Adware/SaveNow
4/5/2015

F-Prot
W32/HackTool.BBQ
v6.4.7.1.166

F-Secure
Gen:Adware.Heur.Fu9@RmWJe9ii
11.2015-05-04_1

G Data
Gen:Adware.Heur.Fu9@RmWJe9ii
15.4.22

IKARUS anti.virus
not-a-virus:WebToolbar.Win32.WhenU
t3scan.2.0.0.0

K7 AntiVirus
Unwanted-Program
13.164.8519

Kaspersky
not-a-virus:WebToolbar.Win32.WhenU
14.0.0.2239

Malwarebytes
Adware.WhenU
v2015.04.05.05

McAfee
Adware-SaveNow
5600.6805

Microsoft Security Essentials
Adware:Win32/WhenU
1.163.1557.0

NANO AntiVirus
Trojan.Win32.Whenu.idrhm
0.24.0.51813

Panda Antivirus
Adware/SaveNow
15.04.05.05

Quick Heal
WebToolbar.WhenU.i.n5 (Not a Virus)
4.15.12.00

Reason Heuristics
PUP.WHENUCOM
15.4.5.5

SUPERAntiSpyware
Adware.WhenU
9955

Total Defense
Win32/WhenU
37.0.10375

Trend Micro House Call
ADW_SAVENOW.BH
7.2.95

Trend Micro
ADW_SAVENOW.BH
10.465.05

VIPRE Antivirus
WhenU.Save
16806

ViRobot
Adware.SaverNow.516472
2011.4.7.4223

File size:
504.4 KB (516,472 bytes)

Product version:
1, 0, 6, 0

Copyright:
Copyright 2001-2006

Original file name:
Acm.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Hebrew (Israel)

Common path:
C:\Program Files\save\acm.dll

Digital Signature
Signed by:
WHENU.COM INC

Authority:
VeriSign, Inc.

Valid from:
2/7/2006 4:00:00 PM

Valid to:
4/8/2007 4:59:59 PM

Subject:
CN=WHENU.COM INC, OU=Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=WHENU.COM INC, L=New York, S=New York, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3961E82457D32F54A770A098673031F5

Registration
CLSID:
{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}

ProgID:
ACM.ACMFactory.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
8/4/2006 11:28:30 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
6144:4j6uVVVQwvMWrgnLa3mQ+89nSfNNhDEJ3/IXGVkzY+E/JqsKXijC5Cr1lZ8fO/7W:fuVVbTr84TWM+gJqsKXij1hlvzW

Entry address:
0x464BD

Entry point:
6A, 0C, 68, 08, B8, 05, 10, E8, 3B, 0C, 00, 00, 33, C0, 40, 89, 45, E4, 8B, 75, 0C, 33, FF, 3B, F7, 75, 0C, 39, 3D, 54, F8, 06, 10, 0F, 84, B3, 00, 00, 00, 89, 7D, FC, 3B, F0, 74, 05, 83, FE, 02, 75, 31, A1, 74, 5B, 07, 10, 3B, C7, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D0, 89, 45, E4, 39, 7D, E4, 0F, 84, 85, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 22, FE, FF, FF, 89, 45, E4, 3B, C7, 74, 72, 8B, 5D, 10, 53, 56, FF, 75, 08, E8, 79, AB, FB, FF, 89, 45, E4, 83, FE, 01, 75, 0E, 3B, C7, 75, 0A, 53, 57, FF...
 
[+]

Entropy:
6.4624

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
360 KB (368,640 bytes)

Remove Acm.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.