home

common.dll

Safe Monitor

Western Web Applications, LLC

This is part of an adware program designed to inject advertising in the web browser (banners, text-links) as well as modify the normal behavior of the browser as well as modify the computer’s system settings that control applications to run on startup. Part of the Injekt brand of unwanted programs. The module common.dll by Western Web Applications has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Safe Monitor’. This file is typically installed with the program Safe Monitor by Western Web Applications, LLC which is a potentially unwanted software program.
Publisher:
Western Web Applications, LLC  (signed and verified)

Product:
Safe Monitor

Version:
2.6.21

MD5:
37b43f287f267249a6fe0c58076909e6

SHA-1:
3e586c0d15da20fce744ccf283a862c1b16d2714

SHA-256:
7f3b41da545d4d46d403f185a2edf8322f093a81bda3e527521690dc49d3ff6e

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:
4/20/2024 3:33:44 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Injekt.WesternWebApplications (M)
16.2.12.8

File size:
383.1 KB (392,344 bytes)

Product version:
2.6.21

Copyright:
(c) Western Web Applications, LLC

Original file name:
common.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\safemonitor\ie\common.dll

Digital Signature
Signed by:
Western Web Applications, LLC

Authority:
COMODO CA Limited

Valid from:
5/24/2013 1:00:00 AM

Valid to:
5/25/2014 12:59:59 AM

Subject:
CN="Western Web Applications, LLC", O="Western Web Applications, LLC", STREET=640 E Grand Ave, STREET=Suite 129, L=Carlsbad, S=CA, PostalCode=92008, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2A1B337726D509D16C17362E2E625DE9

Registration
CLSID:
{44ed99e2-16a6-4b89-80d6-5b21cf42e78b}

ProgID:
DynConIE.DynConIEObject.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
6/23/2013 5:30:32 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:J7+6DHfkWo9k0bbLC8gf4RBCtrFq2rE2X3M4uZ14zYPKzFgeNT:R+jk0vLC844RBaFqF2X35zDgeNT

Entry address:
0x15A2E

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 22, 5D, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35, A0, 9C, 04, 10, 57, 8B, 06, C6, 45, FF, 00, C7, 45, F4, 01, 00, 00, 00, 8D, 7B, 10, 83, F8, FE, 74, 0D, 8B, 4E, 04, 03, CF, 33, 0C, 38, E8, 1C, C2, FF, FF, 8B, 4E, 0C, 8B, 46, 08, 03, CF, 33, 0C, 38, E8, 0C, C2, FF, FF, 8B, 45, 08, F6, 40...
 
[+]

Entropy:
6.6495

Code size:
232.5 KB (238,080 bytes)

Internet Explorer BHO
Display name:
Safe Monitor

CLSID:
{44ed99e2-16a6-4b89-80d6-5b21cf42e78b}


The file common.dll has been discovered within the following program.

Safe Monitor  by Western Web Applications, LLC
Safe Monitor bundles various potentially unwanted toolbars. From the EULA: "Safe Monitor is entirely free to use. In order to keep Safe Monitor free, we've partnered with high-quality ad providers and you may see additional ads when Safe Monitor is installed.
www.safemonitorapp.com
73% remove it
 
Powered by Should I Remove It?

Remove common.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.