What is save on?

save on is software application developed by WebPick Internet Holdings Ltd.. It is most commonly found on computers running Windows XP with nearly 50.00% of installations running this operating system. save on's installer is typically 1.00 MB in size and installs around 90 files. The most common release is 1.3.0.1798 with 50.00% of all installations currently using this version.

save on is most popular in the United States with 71.43% of installations residing in this country.

About save on?

The Save On software, distributed under the alias publisher picitup, is an adware browser extension created by Saveon. It injects ads on web pages that are not affiliated with the ads or the extension, including new ads in whitespace on the page or on top of existing banner advertisements. Clicking on any displayed coupons will redirect the user to advertiser pages and drop affiliate cookies onto their computer. Save On also communicates with a remote server to track user habits, including visited URLs and domains, viewed pages, and clicked-on advertisements. Note that this software collects and shares user data. Please use this software responsibly and ensure you are compliant with all pertinent laws and regulations.

Multiple virus scanners have detected malware in save on.

NB.exe (MD5: eaeda7f410d1a034224482cdaef0443a) has been flagged by 36 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Application.Generic.667718
AhnLab-V3	2014.07.08.02	Dropper/Win32.Preloader
Avira AntiVir	7.11.158.210	Adware/MultiPlug.AB.4
AVG	14.0.0.3986	Generic5.AYMI
Baidu-International	3.5.1.41473	Adware.Win32.MultiPlug.BAB
Bitdefender	7.2	Application.Generic.667718
Comodo Security	18804	ApplicUnwnt
ESET-NOD32	10061	a variant of Win32/AdWare.MultiPlug.AB
Fortinet FortiGate	5.1.152.0	Riskware/MultiPlug
F-Secure	11.0.19100.45	Application.Generic.667718
G Data	24	Application.Generic.667718
Malwarebytes	1.75.0.1	PUP.Optional.Multiplug
McAfee	6.0.4.564	RDN/Generic.bfr!hk
McAfee-GW-Edition	2013	Heuristic.BehavesLike.Win32.Suspicious.H
MicroWorld-eScan	12.0.250.0	Application.Generic.667718
Panda Antivirus	10.0.3.5	Trj/CI.A
Sophos	4.98.0	Generic PUA DC
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.R0C1H06G614
VIPRE Antivirus	31080	Trojan.Win32.Generic!BT
Agnitum Outpost	5.5.1.3	PUA.MultiPlug!
avast!	8.0.1489.320	Win32:Dropper-gen [Drp]
Avira	8.3.1.6	SPR/Tool.689664.1
AVware	1.5.0.21	Trojan.Win32.Generic!BT
ByteHero BDV	1.0.0.1	Trojan.Exception.gen.101
Cyren	5.4.16.7	W32/Application.SEEW-0376
NANO AntiVirus	0.30.24.1636	Riskware.Win32.MultiPlug.dfmntw
SUPERAntiSpyware	5.6.0.1032	Adware.Multiplug/Variant
Symantec	20141.2.0.56	Trojan.Gen.2
Tencent	1.0.0.1	Trojan.Win32.Qudamah.Gen.3
Qihoo-360	1.0.0.1015	Win32/Trojan.Dropper.c9f
Trend Micro	9.740.0.1012	ADW_MULTIPLUG
K7 AntiVirus	9.180.12586	Adware ( 0049b4c51 )
K7GW	9.180.12586	Adware ( 0049b4c51 )
IKARUS anti.virus	T3.1.6.1.0	Trojan.Symmi
Norman	7.04.04	Suspicious_Gen5.ARFZD
Antiy-AVL	1.0.0.1	Trojan/Win32.TSGeneric

n2NLA8h2xn_.exe (MD5: dd659ac85fad1370a5969577de786e3e) has been flagged by 22 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.06.28.00	Dropper/Win32.Preloader
Antiy-AVL	1.0.0.1	Trojan/Win32.TSGeneric
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
AVG	14.0.0.3972	Generic5.AXXO
Baidu-International	3.5.1.41473	Adware.Win32.MultiPlug.BY
Comodo Security	18687	ApplicUnwnt
ESET-NOD32	10011	a variant of Win32/AdWare.MultiPlug.Y
Fortinet FortiGate	5.1.152.0	Riskware/MultiPlug
K7 AntiVirus	9.180.12553	Adware ( 0049b4c51 )
K7GW	9.180.12553	Adware ( 0049b4c51 )
Malwarebytes	1.75.0.1	PUP.Optional.Multiplug
McAfee	6.0.4.564	RDN/Generic.bfr!hk
McAfee-GW-Edition	2013	Heuristic.BehavesLike.Win32.Suspicious.H
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0625
VIPRE Antivirus	30712	Trojan.Win32.Generic!BT
G Data	24	Win32.Trojan.Agent.I1F0VQ
Lavasoft Ad-Aware	12.0.163.0	Application.Generic.649344
Bitdefender	7.2	Application.Generic.649344
F-Secure	11.0.19100.45	Application.Generic.649344
MicroWorld-eScan	12.0.250.0	Application.Generic.649344
Symantec	20131.1.5.61	WS.Reputation.1
Sophos	4.98.0	Generic PUA AO

LqFa.exe (MD5: e5f153c2c145745fcce03e555ca9b637) has been flagged by 11 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.06.25.00	Dropper/Win32.Preloader
AVG	14.0.0.3972	Generic5.AVNK
ESET-NOD32	9995	a variant of Win32/AdWare.MultiPlug.Y
Malwarebytes	1.75.0.1	PUP.Optional.MultiPlug.A
McAfee	6.0.4.564	Artemis!E5F153C2C145
McAfee-GW-Edition	2013	Heuristic.BehavesLike.Win32.Suspicious.H
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.F47V0528
VIPRE Antivirus	30630	Trojan.Win32.Generic!BT
Baidu-International	3.5.1.41473	Adware.Win32.MultiPlug.BY
Symantec	20131.1.5.61	WS.Reputation.1
Antiy-AVL	1.0.0.1	Trojan/Win32.TSGeneric

jmi.exe (MD5: 692b15082eeaa2006c68b39d78f49dbf) has been flagged by 27 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Application.Generic.649799
AhnLab-V3	2014.06.19.00	Dropper/Win32.Preloader
Avira AntiVir	7.11.155.148	SPR/Tool.643072.7
AVG	14.0.0.3972	Generic5.AVZR
Baidu-International	3.5.1.41473	Adware.Win32.MultiPlug.81
Bitdefender	7.2	Application.Generic.649799
Comodo Security	18592	ApplicUnwnt
ESET-NOD32	9963	a variant of Win32/AdWare.MultiPlug.Y
Fortinet FortiGate	5.1.152.0	Riskware/MultiPlug
F-Secure	11.0.19100.45	Application.Generic.649799
G Data	24	Application.Generic.649799
Malwarebytes	1.75.0.1	PUP.Optional.MultiPlug.A
McAfee	6.0.4.564	Artemis!692B15082EEA
McAfee-GW-Edition	2013	Heuristic.BehavesLike.Win32.Suspicious.H
MicroWorld-eScan	12.0.250.0	Application.Generic.649799
Sophos	4.98.0	Generic PUA EI
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0611
VIPRE Antivirus	30426	Win32.Malware!Drop
avast!	8.0.1489.320	Win32:Dropper-gen [Drp]
Qihoo-360	1.0.0.1015	Win32/Trojan.Dropper.c9f
Trend Micro	9.740.0.1012	ADW_MULTIPLUG
K7 AntiVirus	9.180.12586	Adware ( 0049b4c51 )
K7GW	9.180.12586	Adware ( 0049b4c51 )
IKARUS anti.virus	T3.1.6.1.0	Trojan.Symmi
Norman	7.04.04	Suspicious_Gen5.ARFZD
Antiy-AVL	1.0.0.1	Trojan/Win32.TSGeneric
Symantec	20131.1.5.61	WS.Reputation.1

iMSnVnDy.exe (MD5: d174e8a812b28df049a7f8bc1c4633b1) has been flagged by 37 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Application.Generic.661949
AhnLab-V3	2014.07.04.00	Dropper/Win32.Preloader
Avira AntiVir	7.11.158.102	Adware/MultiPlug.Y.3
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
AVG	14.0.0.3986	Generic5.AYAO
Baidu-International	3.5.1.41473	Adware.Win32.MultiPlug.BY
Bitdefender	7.2	Application.Generic.661949
Comodo Security	18759	ApplicUnwnt
ESET-NOD32	10043	a variant of Win32/AdWare.MultiPlug.Y
Fortinet FortiGate	5.1.152.0	Riskware/MultiPlug
F-Secure	11.0.19100.45	Application.Generic.661949
G Data	24	Application.Generic.661949
Malwarebytes	1.75.0.1	PUP.Optional.Multiplug
McAfee	6.0.4.564	RDN/Generic PUP.x!chc
McAfee-GW-Edition	2013	Heuristic.BehavesLike.Win32.Suspicious.H
MicroWorld-eScan	12.0.250.0	Application.Generic.661949
Panda Antivirus	10.0.3.5	Trj/CI.A
Sophos	4.98.0	Generic PUA BE
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.R0CBH06FT14
VIPRE Antivirus	30944	Trojan.Win32.Generic!BT
Bkav FE	1.3.0.4959	W32.MultiPlugCB.Adware
Agnitum Outpost	5.5.1.3	PUA.MultiPlug!
Avira	8.3.1.6	SPR/Tool.689664.1
AVware	1.5.0.21	Trojan.Win32.Generic!BT
ByteHero BDV	1.0.0.1	Trojan.Exception.gen.101
Cyren	5.4.16.7	W32/Application.SEEW-0376
NANO AntiVirus	0.30.24.1636	Riskware.Win32.MultiPlug.dfmntw
SUPERAntiSpyware	5.6.0.1032	Adware.Multiplug/Variant
Symantec	20141.2.0.56	Trojan.Gen.2
Tencent	1.0.0.1	Trojan.Win32.Qudamah.Gen.3
Qihoo-360	1.0.0.1015	Win32/Trojan.Dropper.c9f
Trend Micro	9.740.0.1012	ADW_MULTIPLUG
K7 AntiVirus	9.180.12586	Adware ( 0049b4c51 )
K7GW	9.180.12586	Adware ( 0049b4c51 )
IKARUS anti.virus	T3.1.6.1.0	Trojan.Symmi
Norman	7.04.04	Suspicious_Gen5.ARFZD
Antiy-AVL	1.0.0.1	Trojan/Win32.TSGeneric

Software Details

URL:

https://saveonapp.info

Support:

https://picitup.com

Installation path:

C:\Documents and Settings\user\Local\save on

Uninstaller:

"C:\Documents and Settings\user\Local\save on\tjL.exe" /s /n /C:"ExecuteCommands;UninstallCommands" ""

Size:

1.00 MB

Language:

English

save on Executable Details

Primary executable:

4ZAoqRZ.exe

Name:

save on

Path:

C:\Documents and Settings\user\Local\save on\4ZAoqRZ.exe

MD5:

dafad4360169dae111d3f5b1fe777ba7

SHA-1:

–

SHA-256:

–

File Type

Filename

MD5

EXE

JzOYH.exe

1cecc27f6ba8a7187da764b450d8b63c

EXE

JYM5.exe

47b14be12d4e81c2dd00fb1b0aa4ba8f

EXE

jXa.exe

bfc8248e4a46941c28971f7ace499154

EXE

jmi.exe

Malware

692b15082eeaa2006c68b39d78f49dbf

EXE

J8bz5vI.exe

b0ee8864d103a51fc19984285099e53a

EXE

IqlNo6c3.exe

bfc8248e4a46941c28971f7ace499154

EXE

iMSnVnDy.exe

Malware

d174e8a812b28df049a7f8bc1c4633b1

EXE

IeSTSXbNa.exe

Malware

2870564910cfcf2006d7b432809d5546

EXE

I4mIgMgv1B.exe

f82dc144bfd813a8d5389171d9ce92f0

EXE

Hwfu.exe

ebc28e5d26d6526a25e5d641716e01ed

save on

What is save on?

About save on?

Multiple virus scanners have detected malware in save on.

Software Details

save on Executable Details