SavePass

Known Adware

What is SavePass?

SavePass is software application developed by Kimahri Software inc.. It is most commonly found on computers running Windows 7 with nearly 64.07% of installations running this operating system. SavePass's installer is typically 6.00 MB in size and installs around 232 files. The most common release is 1.34.7.1 with 45.24% of all installations currently using this version.

SavePass is most popular in the United States with 12.36% of installations residing in this country.

SavePass adds 4 scheduled tasks to the Windows Task Scheduler launching the program at randomly scheduled times.

About SavePass?

SavePass is an adware application designed for web browsers, including Internet Explorer, Firefox, and Chrome. It injects banner ads and contextual link ads onto web pages, regardless of the site's affiliation with the publisher. The software may display up to 10 intext ads, 4 banner ads, and/or a transitional ad on web pages. Typically, SavePass is bundled with deceptive 3rd-party download managers and may be installed without users' knowledge or consent. Once installed, the program can modify the browser settings, including lowering security settings, changing the home page, and altering the default search provider, a process known as web browser hijacking. In addition to displaying ads, SavePass may also collect user data and report back to a controlling server, potentially including user behavior on the internet, visited URLs, clicked advertisements, and more. This adware is often bundled with multiple potentially unwanted programs offered by 3rd-party download managers.

Multiple virus scanners have detected malware in SavePass.

utils.exe (MD5: 0a52aa3e26ed14909e73901152593b80) has been flagged by 43 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.07.04	PUP/Win32.MulDrop
Antiy-AVL	1.0.0.1	Trojan[Downloader:not-a-virus]/Win32.Solimba.a
Bkav FE	1.3.0.4959	HW32.CDB
Malwarebytes	v2014.08.06.08	PUP.Optional.crossRider.A
McAfee	5600.7046	Artemis!0A52AA3E26ED
McAfee-GW-Edition	7.7046	Heuristic.BehavesLike.Win32.Suspicious-PKR.O
Qihoo-360	1.0.0.1015	HEUR/Malware.QVM20.Gen
Rising Antivirus	23.00.65.14804	PE:Malware.Obscure!1.9C59
Symantec	8/6/2014 rev. 4	WS.Reputation
TrendMicro-HouseCall	7.2.218	Suspicious_GEN.F47V0627
Lavasoft Ad-Aware	12.0.163.0	Trojan.Generic.11378568
Agnitum Outpost	5.5.1.3	PUA.Toolbar.CrossRider!
Avira AntiVir	7.11.165.68	Adware/CrossRider.A.6260
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
AVG	14.0.0.3986	Generic_r.OE
AVware	1.5.0.16	Crossrider (fs)
Baidu-International	3.5.1.41473	Adware.Win32.CrossAd.45
Bitdefender	7.2	Trojan.Generic.11378568
Comodo Security	19086	ApplicUnwnt
Emsisoft Anti-Malware	3.0.0.600	Trojan.Generic.11378568 (B)
ESET-NOD32	10205	a variant of Win32/Toolbar.CrossRider.AJ
Fortinet FortiGate	5.1.152.0	Riskware/Toolbar_CrossRider
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
F-Secure	11.0.19100.45	Trojan.Generic.11378568
G Data	24	Trojan.Generic.11378568
K7 AntiVirus	9.182.12951	Trojan ( 004985a61 )
K7GW	9.182.12951	Trojan ( 004985a61 )
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.CrossRider.aga
MicroWorld-eScan	12.0.250.0	Trojan.Generic.11378568
nProtect	2014-08-05.01	Trojan.Generic.11378568
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Sophos	4.98.0	AppRider
Trend Micro	9.740.0.1012	TROJ_GEN.R002C0EH314
VIPRE Antivirus	31938	Crossrider (fs)
Dr.Web	7.0.9.4080	Trojan.Crossrider.17413
IKARUS anti.virus	T3.1.6.1.0	not-a-virus:WebToolbar.CrossRider
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.NSIS.br.(kcloud)
NANO AntiVirus	0.28.2.61349	Trojan.Win32.GoogUpdate.dditte
Norman	7.04.04	Troj_Generic.UDQYJ
Clam AntiVirus	0.98.4.0	Win.Adware.Plush-33
Jiangmin	16.0.100	Adware/Adload.axm
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
Zillya	2.0.0.1845	Adware.AdLoad.Win32.89

6398f4bd-1925-4d06-936d-98ac9df2049e-10.exe (MD5: 4baeefee25dcdb2d191695614d556e16) has been flagged by 38 scanners:

Scanner Software	Version	Result
Avira AntiVir	7.11.163.2	Adware/CrossRider.A.19244
AVG	14.0.0.3986	Generic.332
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.bAG
Comodo Security	18907	ApplicUnwnt
ESET-NOD32	10123	a variant of Win32/Toolbar.CrossRider.AG
Fortinet FortiGate	5.1.152.0	Riskware/Toolbar_CrossRider
IKARUS anti.virus	T3.1.6.1.0	AdWare.Adload
K7 AntiVirus	9.181.12775	Trojan ( 0049b45e1 )
K7GW	9.181.12782	Trojan ( 0049b45e1 )
Malwarebytes	1.75.0.1	PUP.Optional.SavePass.A
McAfee	6.0.4.564	Artemis!4BAEEFEE25DC
McAfee-GW-Edition	2013	Artemis!4BAEEFEE25DC
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Sophos	4.98.0	Generic PUA MP
Symantec	20131.1.5.61	WS.Reputation.1
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0713
VIPRE Antivirus	31414	Crossrider (fs)
AVware	1.5.0.16	Crossrider (fs)
G Data	24	Win32.Application.Plush.A
NANO AntiVirus	0.28.2.61148	Riskware.Win32.AdLoad.dbqhel
Qihoo-360	1.0.0.1015	HEUR/Malware.QVM10.Gen
AhnLab-V3	2014.07.30.00	PUP/Win32.CrossRider
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
Rising Antivirus	25.0.0.11	PE:Malware.Obscure!1.9C59
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
Lavasoft Ad-Aware	12.0.163.0	Gen:Variant.Adware.Kazy.374062
Bitdefender	7.2	Gen:Variant.Adware.Kazy.374062
Emsisoft Anti-Malware	3.0.0.600	Gen:Variant.Adware.Kazy.374062 (B)
F-Secure	11.0.19100.45	Gen:Variant.Adware.Kazy.374062
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.NSIS.br.(kcloud)
MicroWorld-eScan	12.0.250.0	Gen:Variant.Adware.Kazy.374062
Antiy-AVL	1.0.0.1	Trojan/Win32.TSGeneric
Dr.Web	7.0.9.4080	Trojan.Crossrider.17413
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.CrossRider.oz
Clam AntiVirus	0.98.4.0	Win.Adware.Agent-7235
Jiangmin	16.0.100	Adware/Adload.avv
Zillya	2.0.0.1845	Adware.AdLoad.Win32.89

638b4bbf-879c-44e9-931e-7183c0d5a8c6-5.exe (MD5: 430a4e1651459ead0ddaf72e83f5479f) has been flagged by 38 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.07.28.00	PUP/Win32.CrossRider
Avira AntiVir	7.11.164.56	ADWARE/CrossRider.Gen2
AVG	14.0.0.3986	Generic.332
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.BAH
Comodo Security	18997	ApplicUnwnt
ESET-NOD32	10161	a variant of Win32/Toolbar.CrossRider.AH
Fortinet FortiGate	5.1.152.0	Riskware/Toolbar_CrossRider
IKARUS anti.virus	T3.1.6.1.0	not-a-virus:WebToolbar.CrossRider
K7 AntiVirus	9.181.12846	Trojan ( 0049b6e01 )
K7GW	9.181.12846	Trojan ( 0049b6e01 )
Malwarebytes	1.75.0.1	PUP.Optional.SavePass.A
McAfee	6.0.4.564	Artemis!430A4E165145
McAfee-GW-Edition	2013	Artemis!430A4E165145
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Rising Antivirus	25.0.0.11	PE:Malware.Obscure!1.9C59
Sophos	4.98.0	Generic PUA LJ
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0718
VIPRE Antivirus	31674	Crossrider (fs)
Lavasoft Ad-Aware	12.0.163.0	Gen:Variant.Adware.Kazy.374062
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
Bitdefender	7.2	Gen:Variant.Adware.Kazy.374062
Emsisoft Anti-Malware	3.0.0.600	Gen:Variant.Adware.Kazy.374062 (B)
F-Secure	11.0.19100.45	Gen:Variant.Adware.Kazy.374062
G Data	24	Gen:Variant.Adware.Kazy.374062
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Generic.a.(kcloud)
MicroWorld-eScan	12.0.250.0	Gen:Variant.Adware.Kazy.374062
NANO AntiVirus	0.28.0.60253	Riskware.Win32.AdLoad.dbeken
Qihoo-360	1.0.0.1015	Win32/Virus.Adware.a29
Symantec	20131.1.5.61	Trojan.ADH.2
Clam AntiVirus	0.98.4.0	Win.Adware.Agent-7640
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
AVware	1.5.0.16	Crossrider (fs)
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
Antiy-AVL	1.0.0.1	Trojan/Win32.TSGeneric
Dr.Web	7.0.9.4080	Trojan.Crossrider.17413
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.CrossRider.oz
Jiangmin	16.0.100	Adware/Adload.avv
Zillya	2.0.0.1845	Adware.AdLoad.Win32.89

638b4bbf-879c-44e9-931e-7183c0d5a8c6-4.exe (MD5: 4f0c84ff50d7ac98830db6b1551bf0c2) has been flagged by 40 scanners:

Scanner Software	Version	Result
Avira AntiVir	7.11.164.56	ADWARE/CrossRider.Gen2
Antiy-AVL	1.0.0.1	Trojan/Win32.SGeneric
AVG	14.0.0.3986	Generic.332
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.BAK
Comodo Security	18997	ApplicUnwnt
ESET-NOD32	10161	a variant of Win32/Toolbar.CrossRider.AK
Fortinet FortiGate	5.1.152.0	Riskware/Toolbar_CrossRider
IKARUS anti.virus	T3.1.6.1.0	not-a-virus:WebToolbar.CrossRider
K7 AntiVirus	9.181.12846	Trojan ( 0049c2ce1 )
K7GW	9.181.12846	Trojan ( 0049c2ce1 )
Malwarebytes	1.75.0.1	PUP.Optional.SavePass.A
McAfee	6.0.4.564	Artemis!4F0C84FF50D7
McAfee-GW-Edition	2013	Artemis!4F0C84FF50D7
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Sophos	4.98.0	Generic PUA IA
Symantec	20131.1.5.61	Trojan.ADH.2
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0718
VIPRE Antivirus	31674	Crossrider (fs)
AVware	1.5.0.16	Crossrider (fs)
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.CrossRider.oy
NANO AntiVirus	0.28.2.60881	Riskware.Win32.AdLoad.dchxwa
Lavasoft Ad-Aware	12.0.163.0	Adware.Crossrider.V
Agnitum Outpost	5.5.1.3	PUA.Toolbar.CroRi!
Bitdefender	7.2	Adware.Crossrider.V
Emsisoft Anti-Malware	3.0.0.600	Adware.Crossrider.V (B)
F-Secure	11.0.19100.45	Adware.Crossrider.V
G Data	24	Adware.Crossrider.V
MicroWorld-eScan	12.0.250.0	Adware.Crossrider.V
nProtect	2014-08-06.01	Adware.Crossrider.V
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Generic.a.(kcloud)
Rising Antivirus	25.0.0.11	PE:Malware.Obscure!1.9C59
AhnLab-V3	2014.07.27.00	PUP/Win32.CrossRider
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
Qihoo-360	1.0.0.1015	Win32/Virus.Adware.a29
Clam AntiVirus	0.98.4.0	Win.Adware.Agent-7640
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
Dr.Web	7.0.9.4080	Trojan.Crossrider.17413
Jiangmin	16.0.100	Adware/Adload.avv
Zillya	2.0.0.1845	Adware.AdLoad.Win32.89

638b4bbf-879c-44e9-931e-7183c0d5a8c6-2.exe (MD5: 862e8b06a677aeb1aa2a0f6ba3878da6) has been flagged by 40 scanners:

Scanner Software	Version	Result
Avira AntiVir	7.11.164.56	ADWARE/CrossRider.Gen2
AVG	14.0.0.3986	Generic.332
Baidu-International	3.5.1.41473	Adware.Win32.CrossRider.bAJ
Comodo Security	18997	ApplicUnwnt
ESET-NOD32	10161	a variant of Win32/Toolbar.CrossRider.AJ
Fortinet FortiGate	5.1.152.0	Riskware/Toolbar_CrossRider
F-Prot	4.7.1.166	W32/A-eb9ef301!Eldorado
IKARUS anti.virus	T3.1.6.1.0	not-a-virus:WebToolbar.CrossRider
K7 AntiVirus	9.181.12846	Trojan ( 0049bec01 )
K7GW	9.181.12846	Trojan ( 0049bec01 )
Malwarebytes	1.75.0.1	PUP.Optional.SavePass.A
McAfee	6.0.4.564	Artemis!862E8B06A677
McAfee-GW-Edition	2013	Artemis!862E8B06A677
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Rising Antivirus	25.0.0.11	PE:Malware.Obscure!1.9C59
Sophos	4.98.0	AppRider
Symantec	20131.1.5.61	Trojan.ADH.2
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0718
VIPRE Antivirus	31674	Crossrider (fs)
Clam AntiVirus	0.98.4.0	Win.Adware.Agent-7545
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Generic.a.(kcloud)
NANO AntiVirus	0.28.0.60698	Riskware.Win32.AdLoad.dbyhwj
Qihoo-360	1.0.0.1015	HEUR/Malware.QVM10.Gen
Antiy-AVL	1.0.0.1	Trojan/Win32.TSGeneric
AhnLab-V3	2014.07.18.00	PUP/Win32.CrossRider
AVware	1.5.0.16	Crossrider (fs)
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.CrossRider.oy
Lavasoft Ad-Aware	12.0.163.0	Adware.Crossrider.V
Agnitum Outpost	5.5.1.3	PUA.Toolbar.CroRi!
Bitdefender	7.2	Adware.Crossrider.V
Emsisoft Anti-Malware	3.0.0.600	Adware.Crossrider.V (B)
F-Secure	11.0.19100.45	Adware.Crossrider.V
G Data	24	Adware.Crossrider.V
MicroWorld-eScan	12.0.250.0	Adware.Crossrider.V
nProtect	2014-08-06.01	Adware.Crossrider.V
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
Vba32 AntiVirus	3.12.26.3	AdWare.AdLoad
Dr.Web	7.0.9.4080	Trojan.Crossrider.17413
Jiangmin	16.0.100	Adware/Adload.avv
Zillya	2.0.0.1845	Adware.AdLoad.Win32.89

Software Behaviors

Scheduled tasks:: SavePass-nova.exe is scheduled as a task named '731b28ed-138e-45a5-af8b-7ef590e61293-6'.

36fddb18-1802-47ec-a031-2c0ef9f4c2fe-2.exe is scheduled as a task named 'temp_36fddb18-1802-47ec-a031-2c0ef9f4c2fe-2'.

05484c50-24d6-4764-a40a-64e9fab6f83e-10.exe is scheduled as a task named 'temp_05484c50-24d6-4764-a40a-64e9fab6f83e-10'.

5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2.exe is scheduled as a task named 'temp_5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2'.

Startup Entries

Startup tasks:: SavePass-nova.exe is automatically launched at startup through a scheduled task named 5d2076bc-d559-4c68-aca0-29a2e5982b96-7.

SavePass-codedownloader.exe is automatically launched at startup through a scheduled task named 1b5a7fb7-4f63-4d4d-b216-cc71fe1136d3-6.

7fd6b5bd-5a09-47eb-ba10-4dbd4c635226-5.exe is automatically launched at startup through a scheduled task named 7fd6b5bd-5a09-47eb-ba10-4dbd4c635226-5_user.

7fd6b5bd-5a09-47eb-ba10-4dbd4c635226-4.exe is automatically launched at startup through a scheduled task named 7fd6b5bd-5a09-47eb-ba10-4dbd4c635226-4.

7fd6b5bd-5a09-47eb-ba10-4dbd4c635226-2.exe is automatically launched at startup through a scheduled task named 7fd6b5bd-5a09-47eb-ba10-4dbd4c635226-2.

7fd6b5bd-5a09-47eb-ba10-4dbd4c635226-10.exe is automatically launched at startup through a scheduled task named 7fd6b5bd-5a09-47eb-ba10-4dbd4c635226-10.

Software Details

URL:: –
Support:: –
Installation path:: C:\Program Files\SavePass
Uninstaller:: C:\Program Files\SavePass\Uninstall.exe /fcp=1
Size:: 6.00 MB
Language:: English

SavePass Executable Details

Primary executable:: utils.exe
Name:: SavePass
Path:: C:\Program Files\SavePass\utils.exe
MD5:: 0a52aa3e26ed14909e73901152593b80
SHA-1:: –
SHA-256:: –

Files installed by SavePass

File Type	Filename	MD5
DLL	newtonsoft.json.dll	0900b6c72905788aca613f89fe739bd3
EXE	uninstall.exe	ab91a7350a5fddcdf0a7b0c60e8e4e71
DLL	Interop.IWshRuntimeLibrary.dll	5e8e81170731f5521bf540e5e374b011
DLL	WebSocket4Net.dll	06bef001533cc9b2aee78e0315432f94
EXE	utils.exe Adware	0a52aa3e26ed14909e73901152593b80
DLL	SuperSocket.ClientEngine.Protocol.dll	054eb97126c57f5476abc3c6f8586eab
DLL	SuperSocket.ClientEngine.Core.dll	55bbde7f48a5ef7a8254bfeb3a5a39d7
DLL	SuperSocket.ClientEngine.Common.dll	9161b2db6facc5aa59f5eae689ec05af
EXE	6398f4bd-1925-4d06-936d-98ac9df2049e-10.exe Adware	4baeefee25dcdb2d191695614d556e16
EXE	638b4bbf-879c-44e9-931e-7183c0d5a8c6-5.exe Adware	430a4e1651459ead0ddaf72e83f5479f

Repair SavePass

Having issues with SavePass?

We recommend Fortect System Repair to automatically fix these issues

Download Now

Popularity

16% of users keep SavePass installed

Overall Rating

Bad

Known Versions (4)

1.34.7.29: 8.66%
1.34.7.1: 45.24%
1.34.6.10: 27.92%
1.34.5.12: 18.18%

Geography Distribution