Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Relationships
Parent process
Related files
supreme savings-bg.exe
Supreme Savings by Innovative Apps (Signed)
Version: | 1.1.153.44 |
MD5: | 8c433380a9a80c2c154ab91b0b61a9b4 |
SHA1: | b699b13b77e5ac0570a1519ab5058f4e3b100870 |
SHA256: | edfdd550fb301aba8c482d55277f8548726343e5da080b8c78e563a28e32f37a |
Warning 4 antivirus scanners has detected malware.
Overview
supreme savings-bg.exe is malware that executes as a process with the local user's privileges typically within the context of its parent
iexplore.exe (by Microsoft). This is typically installed with the program Supreme Savings published by 215 Apps and is most likely removed by most users once installed (82% removed). The file is digitally signed by Innovative Apps which was issued by the Thawte certificate authority (CA). This particular version is usually found on Windows 7 Ultimate (6.1.7601.65536).
Details
File name: | supreme savings-bg.exe |
Publisher: | 215 Apps |
Product name: | Supreme Savings |
Description: | Supreme Savings exe |
Typical file path: | C:\Program Files\supreme savings\supreme savings-bg.exe |
Original name: | Supreme Savings.exe |
File version: | 1.1.153.44 |
Size: | 1.01 MB (1,054,600 bytes) |
Certificate |
Issued to: | Innovative Apps |
Authority (CA): | Thawte |
Effective date: | Tuesday, January 8, 2013 |
Expiration date: | Thursday, January 9, 2014 |
Digital DNA |
PE subsystem: | Windows GUI |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following program will install this file
Supreme Savings by 50onRed is a web browser plugin that displays coupon deals and other advertisements when users visit various online shopping sites. When a user visits an online shopping site and the program has a pre-arranged affiliate relationship with a similar merchant it will alert the user that other deals or prices exist, or in many cases just shows adverts. It injects ads and affiliate codes in product links directly by modify...
Network connections
[UDP] listens on port 49493
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
Antivirus engine | Engine version | Detection |
avast! |
8.0.1489.320 |
Win32:Installer-M [Adw] |
ESET NOD32 |
8.9062 |
a variant of Win32/Toolbar.CrossRider.E |
Sophos |
4.94.0 |
AppRider |
VIPRE Antivirus |
23488 |
GamePlayLabs (v) |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00516864% | |
Kernel CPU: | 0.00361105% | |
User CPU: | 0.00155759% | |
Kernel CPU time: | 52,697 ms/min | |
Memory |
Private memory: | 12.87 MB | |
Private (maximum): | 27.66 MB | |
Private (minimum): | 1.63 MB | |
Non-paged memory: | 12.87 MB | |
Virtual memory: | 183.58 MB | |
Virtual memory (peak): | 190.04 MB | |
Working set: | 3.02 MB | |
Working set (peak): | 31.57 MB | |
Resource allocations |
Threads: | 14 | |
Handles: | 352 | |
GUI GDI count: | 13 | |
GUI GDI peak: | 14 | |
GUI USER count: | 22 | |
GUI USER peak: | 32 | |
Process properties
Integrety level: | Low |
Platform: | 32-bit |
Command line: | "C:\Program Files\supreme savings\supreme savings-bg.exe" /createbg |
Owner: | User |
Parent process: | iexplore.exe (by Microsoft) |
Threads
Averages
supreme savings-bg.exe (main module) |
Total CPU: | 0.82448044% | |
Kernel CPU: | 0.61295405% | |
User CPU: | 0.21152639% | |
CPU cycles: | 28,921,662/sec | |
Context switches: | 9/sec | |
Memory: | 1.03 MB | |
WININET.dll |
Total CPU: | 0.00018175% | |
Kernel CPU: | 0.00000000% | |
User CPU: | 0.00018175% | |
CPU cycles: | 1,732/sec | |
Memory: | 1.71 MB | |
mshtml.dll (Windows Internet Explorer by Microsoft) |
Total CPU: | 0.00018174% | |
Kernel CPU: | 0.00018174% | |
User CPU: | 0.00000000% | |
CPU cycles: | 3,532/sec | |
Memory: | 13.68 MB | |
Distribution by Windows OS
OS version | distribution |
Windows 7 Ultimate |
100.00% |
|
Distribution by PC manufacturer
PC Manufacturer | distribution |
Hewlett-Packard |
100.00% |
|