savu monitor.exe

Savu Application

Roccat GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ROCCAT Savu Gaming Mouse’. This file is installed with the program Savu Mouse.
Publisher:
Roccat GmbH  (signed and verified)

Product:
Savu Application

Version:
1, 0, 1, 5

MD5:
1a8fefe24a18b4652dccba1a5f501846

SHA-1:
76e6de75b0fc678b2cae5eeca4104c7366f9c834

SHA-256:
056fa5204297dcde1affd9b9c3958e5669e05395d009ff6d9069478b991d9656

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/15/2024 8:01:27 AM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan-PWS.Win32.Fareit
t3scan.2.2.29

File size:
850.6 KB (871,024 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2012

Original file name:
Savu.exe

File type:
Executable application (Win32 EXE)

Language:
Chinesisch (traditionell, Taiwan)

Common path:
C:\Program Files\roccat\savu mouse\savu monitor.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
6/27/2011 2:00:00 AM

Valid to:
6/27/2014 1:59:59 AM

Subject:
CN=Roccat GmbH, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Roccat GmbH, L=Hamburg, S=Hamburg, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
440CF4532541B6243E6F15998E86697D

File PE Metadata
Compilation timestamp:
8/3/2012 3:53:09 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:8M2jakbiPokWA7zEBcEPdvcc1xMaOqT1iLZpcEPdvcc1xMaOqT1iLZXr:o+kEokuAM

Entry address:
0x78AC

Entry point:
E8, 55, 1B, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, A8, 93, 42, 00, 89, 0D, A4, 93, 42, 00, 89, 15, A0, 93, 42, 00, 89, 1D, 9C, 93, 42, 00, 89, 35, 98, 93, 42, 00, 89, 3D, 94, 93, 42, 00, 66, 8C, 15, C0, 93, 42, 00, 66, 8C, 0D, B4, 93, 42, 00, 66, 8C, 1D, 90, 93, 42, 00, 66, 8C, 05, 8C, 93, 42, 00, 66, 8C, 25, 88, 93, 42, 00, 66, 8C, 2D, 84, 93, 42, 00, 9C, 8F, 05, B8, 93, 42, 00, 8B, 45, 00, A3, AC, 93, 42, 00, 8B, 45, 04, A3, B0, 93, 42, 00, 8D, 45, 08, A3, BC, 93, 42...
 
[+]

Code size:
63 KB (64,512 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ROCCAT Savu Gaming Mouse

Command:
"C:\Program Files\roccat\savu mouse\savu monitor.exe" \automation


The file savu monitor.exe has been discovered within the following program.

Savu Mouse  by Roccat GmbH
About 6% of users remove it
 
Powered by Should I Remove It?

Scan savu monitor.exe - Powered by Reason Core Security