» vid-saver-bg.exe
Overview
Analysis
File Details

vid-saver-bg.exe

Vid-Saver

Awesome Apps

This is part of a distribution package that is classified as adware distributed by 50onRed. This adware is used to interact with the installed web browsers and inject ads and modify the default search and homepages. The application vid-saver-bg.exe by Awesome Apps has been detected as adware by 36 anti-malware scanners. This web browser addon will display additional advertisements in the user's browser including popup, banner, contextual hyperlinks as well as affiliate links.

File name:

vid-saver-bg.exe

Publisher:

215 Apps (signed by Awesome Apps)

Product:

Vid-Saver

Description:

Vid-Saver exe

Version:

1.1.151.54

MD5:

b5dbadfc7121b1765231a8b347dc1b89

SHA-1:

1d9c6ed537bf29558dc66f9a5f9fc5da770daf15

SHA-256:

0ea3bd9245b3f846970cd33ea8deefc830324f5337b26ebe0a02a816d60f2d9e

Scanner detections:

36 / 68

Status:

Adware

Explanation:

Browser extension that injects additional advertisements (banner and text links) on web pages.

Analysis date:

4/19/2024 4:17:00 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Agent.NNP

369

Agnitum Outpost

PUA.Toolbar.CrossRider

7.1.1

AhnLab V3 Security

Trojan/Win32.ADH

2014.01.09

Avira AntiVirus

ADWARE/CrossRider.Gen2

8.3.2.2

AVG

MalSign.Skodna

2017.0.2847

Baidu Antivirus

Adware.Win32.CrossRider

4.0.3.1621

Bitdefender

Adware.Agent.NNP

1.0.20.160

Bkav FE

W32.Clod5d4.Trojan

1.3.0.4613

Boost by Reason

Optional.AwesomeApps

188838

Clam AntiVirus

Win.Adware.Agent-2199

0.98/18155

Comodo Security

ApplicUnwnt.Win32.AdWare.BHO.A

17593

Dr.Web

Adware.Plugin.14

9.0.1.032

Emsisoft Anti-Malware

Adware.Agent.NNP

8.16.02.01.02

ESET NOD32

Win32/Toolbar.CrossRider (variant)

10.9482

Fortinet FortiGate

Adware/Fam.NB

2/1/2016

F-Secure

Adware.Agent.NNP

11.2016-01-02_2

G Data

Adware.Agent.NNP

16.2.22

IKARUS anti.virus

AdWare.Agent

t3scan.2.2.29

K7 AntiVirus

Unwanted-Program

13.176.11292

Kaspersky

not-a-virus:HEUR:AdWare.Win32.Agent

14.0.0.729

Malwarebytes

PUP.Optional.VidSaver.A

v2016.02.01.02

McAfee

Artemis!F5EED2E07D39

5600.6503

MicroWorld eScan

Adware.Agent.NNP

17.0.0.96

NANO AntiVirus

Trojan.Win32.Plugin.baxmbi

0.28.0.57029

Norman

Adware.Generic.993890

11.20160201

nProtect

Adware.Agent.NNP

14.01.10.01

Panda Antivirus

Trj/CI.A

16.02.01.02

Reason Heuristics

PUP.50OnRed.AwesomeApps (M)

16.2.1.2

Sophos

AppRider

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Crossid

9351

Trend Micro House Call

TROJ_GEN.R0CBH0AJA13

7.2.32

Trend Micro

TROJ_GEN.RCBCOCD

10.465.01

Vba32 AntiVirus

Trojan.Agent

3.12.24.3

VIPRE Antivirus

GamePlayLabs

26920

ViRobot

Trojan.Win32.A.Agent.907648

2011.4.7.4223

Zillya! Antivirus

Adware.Agent.Win32.79501

2.0.0.2482

File size:

926.4 KB (948,608 bytes)

Product version:

1.1.151.54

Original file name:

Vid-Saver.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\vid-saver\vid-saver-bg.exe

Digital Signature

Signed by:

Awesome Apps

Authority:

Thawte, Inc.

Valid from:

8/28/2012 7:00:00 PM

Valid to:

8/29/2013 6:59:59 PM

Subject:

CN=Awesome Apps, O=Awesome Apps, L=Philadelphia, S=Pennsylvania, C=US

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

3D0C9CCF6A7D44B9FDA1963A424319BA

File PE Metadata

Compilation timestamp:

10/17/2012 7:34:04 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:t700I1m5NvqJqtiIpvyFfcwV+GRzgVBZWIltpFWZQv7Meij8k8ijw9OuUVJB0FgP:U0IFjKHxS8ka6iNqz1rOZyjExM625

Entry address:

0x8A2F5

Entry point:

E8, F4, AC, 00, 00, E9, 89, FE, FF, FF, 2D, A4, 03, 00, 00, 74, 22, 83, E8, 04, 74, 17, 83, E8, 0D, 74, 0C, 48, 74, 03, 33, C0, C3, B8, 04, 04, 00, 00, C3, B8, 12, 04, 00, 00, C3, B8, 04, 08, 00, 00, C3, B8, 11, 04, 00, 00, C3, 8B, FF, 56, 57, 8B, F0, 68, 01, 01, 00, 00, 33, FF, 8D, 46, 1C, 57, 50, E8, AB, CD, FF, FF, 33, C0, 0F, B7, C8, 8B, C1, 89, 7E, 04, 89, 7E, 08, 89, 7E, 0C, C1, E1, 10, 0B, C1, 8D, 7E, 10, AB, AB, AB, B9, A8, 43, 4E, 00, 83, C4, 0C, 8D, 46, 1C, 2B, CE, BF, 01, 01, 00, 00, 8A, 14, 01... 
[+]

Code size:

775 KB (793,600 bytes)

Remove vid-saver-bg.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.