savepass-nova.exe
SavePass by Kimahri Software inc. (Signed)
| Version: | 1000.1000.1000.1000 |
| MD5: | b5aacf0d1eb27d36da84197ce061cb03 |
| SHA1: | 2b7b6b8fef2a70f5f4667ba8302859386482a1d5 |
Overview
savepass-nova.exe executes as a process under the SYSTEM account with extensive privileges (the system and the administrator accounts have the same file privileges). This is typically installed with the program SavePass published by Kimahri Software inc. and is most likely removed by most users once installed (84% removed). The file is digitally signed by Kimahri Software inc. which was issued by the COMODO CA Limited certificate authority (CA). This particular version is usually found on Windows 8.1 (6.2.9200.0).
Details
| File name: | savepass-nova.exe |
| Publisher: | OutBrowse |
| Product name: | SavePass |
| Description: | SavePass exe |
| Typical file path: | C:\Program Files\savepass\savepass-nova.exe |
| Original name: | SavePass.exe |
| File version: | 1000.1000.1000.1000 |
| Size: | 579.35 KB (593,256 bytes) |
| Build date: | 6/12/2014 6:06 AM |
| Certificate |
| Issued to: | Kimahri Software inc. |
| Authority (CA): | COMODO CA Limited |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following program will install this file
SavePass is an adware web browser application that displays banner ads as well as contextual link ads that are injected in the web page. The ads are injected by the web browser plugin (IE, FF and Chrome) and will display on any web site, even those not associated or affiliated with the publisher. On web pages there may be up to 10 intext ads and/or 4 banner ad and/or a transitional ad. The application is usually bundled by 3rd-party dow...
Behaviors
Scheduled task
- The task 'db418268-ee74-41e5-bb85-b83dd238b8a4-7' runs on logon in the path '\db418268-ee74-41e5-bb85-b83dd238b8a4-7'
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.02433734% | |
| Kernel CPU: | 0.00642873% | |
| User CPU: | 0.01790861% | |
| Kernel CPU time: | 156 ms/min | |
| Memory |
| Private memory: | 12.36 MB | |
| Private (maximum): | 26.71 MB | |
| Private (minimum): | 1.06 MB | |
| Non-paged memory: | 12.36 MB | |
| Virtual memory: | 168.6 MB | |
| Virtual memory (peak): | 177.83 MB | |
| Working set: | 2.51 MB | |
| Working set (peak): | 35.79 MB | |
| Resource allocations |
| Threads: | 7 | |
| Handles: | 323 | |
Process properties
| Integrety level: | System |
| Platform: | 64-bit |
| Command line: | "C:\Program Files\savepass\savepass-nova.exe" /azvwqsdxj='savepass' /phwtt=57050 /cmjfhqdsn='001504' /qepudcnpr='0' /mcrcbfglq='0' /trhxmhr=9e51792269f24ca39b3d30419e6dc32aie /mwqqgmkl=bf1b9a6032b5710fa094186e0cfc0bd4 /irfrqx=1_34_06_10 /owwoxs=1.34.6.10 /gadecgr=1402627837 /mivesypr=httC://stats.datademoserv.com /tsvplfled=httC://errors.datademoserv.com /wvnmp=httC://js.datademoserv.com /iqialwd=ch /utsxaotz /sthaut='nova' /fqagevsme=httC://js.clientdemocloud.com /qngvpepaw='{"asw":[16777 |
| Owner: | SYSTEM |
| Parent process: | taskeng.exe (Task Scheduler Engine by Microsoft) |
Distribution by Windows OS
| OS version | distribution |
| Windows 8.1 |
100.00% |
|
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| ASUS |
100.00% |
|
