Should I block it?

98%

Yes, 98% block recommendation.

Possible reasons:

Multiple malware detections

Performance resource utilization

Relationships

Parent process

iexplore.exe (by Microsoft)

Related files

supreme savings-bg.exe

Supreme Savings by Innovative Apps (Signed)

Remove supreme savings-bg.exe

Version:	1.1.153.44
MD5:	8c433380a9a80c2c154ab91b0b61a9b4
SHA1:	b699b13b77e5ac0570a1519ab5058f4e3b100870
SHA256:	edfdd550fb301aba8c482d55277f8548726343e5da080b8c78e563a28e32f37a

Warning 4 antivirus scanners has detected malware.

Overview

supreme savings-bg.exe is malware that executes as a process with the local user's privileges typically within the context of its parent iexplore.exe (by Microsoft). This is typically installed with the program Supreme Savings published by 215 Apps and is most likely removed by most users once installed (82% removed). The file is digitally signed by Innovative Apps which was issued by the Thawte certificate authority (CA). This particular version is usually found on Windows 7 Ultimate (6.1.7601.65536).

Details

File name:	supreme savings-bg.exe
Publisher:	215 Apps
Product name:	Supreme Savings
Description:	Supreme Savings exe
Typical file path:	C:\Program Files\supreme savings\supreme savings-bg.exe
Original name:	Supreme Savings.exe
File version:	1.1.153.44
Size:	1.01 MB (1,054,600 bytes)
Certificate
Issued to:	Innovative Apps
Authority (CA):	Thawte
Effective date:	Tuesday, January 8, 2013
Expiration date:	Thursday, January 9, 2014
Digital DNA
PE subsystem:	Windows GUI
File packed:	No
.NET CLR:	No

More details

Programs

The following program will install this file

Supreme Savings

215 Apps

82% remove

Supreme Savings by 50onRed is a web browser plugin that displays coupon deals and other advertisements when users visit various online shopping sites. When a user visits an online shopping site and the program has a pre-arranged affiliate relationship with a similar merchant it will alert the user that other deals or prices exist, or in many cases just shows adverts. It injects ads and affiliate codes in product links directly by modify...

Network connections

[UDP] listens on port 49493

Malware detections

Based on 40+ industry antivirus scanners, 4 of them detected the following malware.

Antivirus engine	Engine version	Detection
avast!	8.0.1489.320	Win32:Installer-M [Adw]
ESET NOD32	8.9062	a variant of Win32/Toolbar.CrossRider.E
Sophos	4.94.0	AppRider
VIPRE Antivirus	23488	GamePlayLabs (v)

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

CPU
Total CPU:	0.00516864%	0.028634%
Kernel CPU:	0.00361105%	0.013761%
User CPU:	0.00155759%	0.014873%
Kernel CPU time:	52,697 ms/min	100,923,805ms/min
Memory
Private memory:	12.87 MB	21.59 MB
Private (maximum):	27.66 MB
Private (minimum):	1.63 MB
Non-paged memory:	12.87 MB	21.59 MB
Virtual memory:	183.58 MB	140.96 MB
Virtual memory (peak):	190.04 MB	169.69 MB
Working set:	3.02 MB	18.61 MB
Working set (peak):	31.57 MB	37.95 MB
Resource allocations
Threads:	14	12
Handles:	352	600
GUI GDI count:	13	103
GUI GDI peak:	14	142
GUI USER count:	22	49
GUI USER peak:	32	71

Process properties

Integrety level:	Low
Platform:	32-bit
Command line:	"C:\Program Files\supreme savings\supreme savings-bg.exe" /createbg
Owner:	User
Parent process:	iexplore.exe (by Microsoft)

Threads