savepathdeals.dll

Savepath Deals

The module savepathdeals.dll by Savepath Deals has been detected as adware by 4 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Savepath Deals’. This file is typically installed with the program Savepath Deals which is a potentially unwanted software program.
Publisher:
Savepath Deals  (signed and verified)

Product:
Savepath Deals

Version:
1.0.0.1

MD5:
00f67b391828a20de2e56cbbf8b331bc

SHA-1:
211b5106988e61376c4dcf7f61324d376ced1864

SHA-256:
f263b6fbe62140d71a6a8e43c0035f90c2895c6695b436ae74228770dbd22222

Scanner detections:
4 / 68

Status:
Adware

Analysis date:
11/5/2024 2:57:57 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Savepath
2016.0.3035

Bkav FE
W32.HfsAdware
1.3.0.6979

Malwarebytes
PUP.Optional.SavepathDeals.SID.A
v2015.07.27.03

Reason Heuristics
PUP.SavepathDeals (M)
15.7.27.15

File size:
1.8 MB (1,919,904 bytes)

Product version:
1.0.0.1

Copyright:
Savepath Deals

Original file name:
couponsapp.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\savepath deals\savepathdeals.dll

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
5/16/2013 8:00:00 PM

Valid to:
5/17/2014 7:59:59 PM

Subject:
CN=Savepath Deals, O=Savepath Deals, STREET=2526 W Macarthur blvd, STREET=UNIT G, L=Santa Ana, S=CA, PostalCode=92704, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0080BC518A6FEE7C80D4DA50F0F5EEB4DA

Registration
CLSID:
{F66C7EC4-63CC-4452-A8C9-5A2E898F8EFF}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
9/27/2013 2:56:18 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:MJrx+Nc5tNFsvhT9vu1A0jP/3vct+UxPyrjczHjbqzvunrDJIPGzA8BqT:MJ8c7spT9vu1A0jH3v4pxPyrUjbqziDc

Entry address:
0x115698

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 10, E1, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 66, 8B, 08, 83, C0, 02, 66, 85, C9, 75, F5, 2B, 45, 08, D1, F8, 48, 5D, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 90, 03, 19, 10, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24...
 
[+]

Entropy:
6.6168

Code size:
1.3 MB (1,312,256 bytes)

Internet Explorer BHO
Display name:
Savepath Deals

CLSID:
{F66C7EC4-63CC-4452-A8C9-5A2E898F8EFF}


The file savepathdeals.dll has been discovered within the following program.

Savepath Deals  by Savepath Deals
Publisher's description - “Download and install our small browser add-on to get started. Don't worry our app is free and only shows minimal ads that won't get in the way. If you want to remove our app at anytime you can uninstall it.”
www.savepathdeals.com
64% remove it
 
Powered by Should I Remove It?

Remove savepathdeals.dll - Powered by Reason Core Security