home

SaveSenseLive.exe

SaveSenseLive Update

SaveSense

The application SaveSenseLive.exe by SaveSense has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a separate (within the context of its own process) windows Service named “SaveSenseLive Service (savesenselive)”.
Publisher:
SaveSense  (signed and verified)

Product:
SaveSenseLive Update

Version:
1.3.23.0

MD5:
c495d8665a32539660625182d23d5c59

SHA-1:
c6ef12e233b277e3e57d7c96d9ada032e98e7465

SHA-256:
bc288455d609f9d23569cdfd4951dddc4dcc7e3dfa758b1a625107288d80596e

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/18/2024 2:37:41 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore (M)
17.2.12.5

File size:
143.5 KB (146,920 bytes)

Product version:
1.3.23.0

Copyright:
Copyright 2007-2010 Google Inc.

Original file name:
SaveSenseLive.exe

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\Program Files\savesenselive\update\savesenselive.exe

Digital Signature
Signed by:
SaveSense

Authority:
COMODO CA Limited

Valid from:
10/20/2013 10:00:00 PM

Valid to:
10/21/2014 9:59:59 PM

Subject:
CN=SaveSense, O=SaveSense, STREET=124 Even Gbirol St., L=Tel Aviv, S=Israel, PostalCode=62038, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F131F4A29925CAEDCF2DDC1CBC4CDAE3

File PE Metadata
Compilation timestamp:
10/27/2013 12:18:08 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x4E06

Entry point:
E8, 3E, 24, 00, 00, E9, 79, FE, FF, FF, 6A, 0C, 68, 08, 31, 41, 00, E8, 84, 00, 00, 00, 8B, 75, 08, 85, F6, 74, 75, 83, 3D, 9C, 0C, 41, 00, 03, 75, 43, 6A, 04, E8, 28, 26, 00, 00, 59, 83, 65, FC, 00, 56, E8, 50, 26, 00, 00, 59, 89, 45, E4, 85, C0, 74, 09, 56, 50, E8, 71, 26, 00, 00, 59, 59, C7, 45, FC, FE, FF, FF, FF, E8, 0B, 00, 00, 00, 83, 7D, E4, 00, 75, 37, FF, 75, 08, EB, 0A, 6A, 04, E8, 14, 25, 00, 00, 59, C3, 56, 6A, 00, FF, 35, 04, F7, 40, 00, FF, 15, 7C, 10, 41, 00, 85, C0, 75, 16, E8, F0, 06, 00...
 
[+]

Code size:
51.5 KB (52,736 bytes)

Service
Display name:
SaveSenseLive Service (savesenselive)

Service name:
savesenselive

Description:
Keeps your SaveSense software up to date. If this service is disabled or stopped, your SaveSense software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed a

Type:
Win32OwnProcess

Depends on:
RPCSS


Remove SaveSenseLive.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.