Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Additional versions
(Note, Awesome Apps publishes each variation of this file with the same version, but the hashes are unique.)
Relationships
savingsapp-bg.exe
SavingsApp by Awesome Apps (Signed)
Version: | 1.1.151.35 |
MD5: | 0a7b7ab00c80541ffb1acbcda3b02159 |
SHA1: | 275af3714b5145885b422650e3c744d19595f3ff |
SHA256: | c30148bf6c6132a73f8004eece52fdac945e73c6391dee0300bbe95e46a138c0 |
Warning 10 antivirus scanners has detected malware.
What is savingsapp-bg.exe?
savingsapp-bg.exe, SavingsApp exe is a background process that interacts with the SavingsApp BHO to monitor web browsing behaviors in Internet Explorer. SavingsApp is an adware type program that has causes serious performance issues to your PC by installing a number of plug-ins and add-ins to your web browser and Windows. It injects ads directly by modifying web pages based on your surfing habits.
About savingsapp-bg.exe (from Awesome Apps)
“SavingsApp is a web tool that lists deals to help you save on retail sites while you shop. We provide a list of deals that you can access at anytime while shopping, allowing you to avoid having to mak”
Details
File name: | savingsapp-bg.exe |
Publisher: | 215 Apps |
Product name: | SavingsApp |
Description: | SavingsApp exe |
Typical file path: | C:\Program Files\savingsapp\savingsapp-bg.exe |
Original name: | SavingsApp.exe |
File version: | 1.1.151.35 |
Size: | 886.38 KB (907,648 bytes) |
Certificate |
Issued to: | Awesome Apps |
Authority (CA): | Thawte |
Effective date: | Tuesday, August 28, 2012 |
Expiration date: | Thursday, August 29, 2013 |
Digital DNA |
PE subsystem: | Windows GUI |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following program will install this file
215 SavingsApp (by 50onRed) is a web browser plugin that displays coupon deals and other advertisements when users visit various online shopping sites. When a user visits an online shopping site and the program has a pre-arranged affiliate relationship with a similar merchant it will alert the user that other deals or prices exist, or in many cases just shows adverts. It injects ads and affiliate codes in product links directly by modif...
Network connections
[UDP] listens on port 56848
Malware detections
Based on 40+ industry antivirus scanners, 10 of them detected the following malware.
Antivirus engine | Engine version | Detection |
AVG |
2014.0.3629 |
Suspicion: unknown virus |
Dr.Web |
7.0.4.09250 |
Adware.Plugin.14 |
Kingsoft |
2012.12.21.213 |
Win32.Troj.Agent.tq.(kcloud) |
Malwarebytes |
1.62.0.140 |
PUP.CrossFire.SA |
nProtect |
2013-01-10.01 |
Trojan/W32.Agent.907648.B |
Symantec |
20121.2.1.2 |
WS.Reputation.1 |
Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.RCBH1JB |
Vba32 AntiVirus |
3.12.18.4 |
Trojan.Agent.aidw |
VIPRE Antivirus |
14962 |
GamePlayLabs (v) |
ViRobot |
2011.4.7.4223 |
Trojan.Win32.A.Agent.907648 |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.29060533% | |
Kernel CPU: | 0.22158359% | |
User CPU: | 0.06902174% | |
Kernel CPU time: | 931 ms/min | |
Memory |
Private memory: | 5.67 MB | |
Private (maximum): | 11.43 MB | |
Private (minimum): | 11.42 MB | |
Non-paged memory: | 5.67 MB | |
Virtual memory: | 75.07 MB | |
Virtual memory (peak): | 80.07 MB | |
Working set: | 11.42 MB | |
Working set (peak): | 13.96 MB | |
Resource allocations |
Threads: | 7 | |
Handles: | 231 | |
GUI GDI count: | 9 | |
GUI GDI peak: | 11 | |
GUI USER count: | 6 | |
GUI USER peak: | 8 | |
Process properties
Integrety level: | Low |
Platform: | 32-bit |
Command line: | "C:\Program Files\savingsapp\savingsapp-bg.exe" /createbg |
Owner: | User |
Parent process: | iexplore.exe (by Microsoft) |
Distribution by Windows OS
OS version | distribution |
Windows 7 Ultimate N |
100.00% |
|
Distribution by country
United States installs about 100.00% of SavingsApp.