» Savings Sidekick.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

Savings Sidekick.dll

Savings Sidekick

Friendly Apps

This web browser extension uses the Crossrider toolbar creation and distribution platform. The module Savings Sidekick.dll, “Savings Sidekick BHO” by Friendly Apps has been detected as adware by 28 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘CrossriderApp0005060’. This file is typically installed with the program Savings Sidekick by 215 Apps which is a potentially unwanted software program. The library is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.

File name:

Publisher:

215 Apps (signed by Friendly Apps)

Product:

Savings Sidekick

Description:

Savings Sidekick BHO

Version:

1.1.150.15

MD5:

8c1ee1300250e100fcc72c1d9f7fcfe2

SHA-1:

b605999953e76a3bfb865252840ed078976a1273

SHA-256:

8e6fb880cc5d06568647e4e1cdab57462d55cdf8781a04eb4b0bb9eb59ed57b9

Scanner detections:

28 / 68

Status:

Adware

Explanation:

Browser extension that injects additional advertisements (banner and text links) on web pages.

Analysis date:

4/24/2024 11:47:25 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.VidSaver.1

391

Avira AntiVirus

Adware/VidSaver.1.23

7.11.123.190

avast!

Win32:Crossrider-AI [PUP]

2014.9-160110

Baidu Antivirus

Trojan.Win32.Toolbar

4.0.3.16110

Bitdefender

Gen:Variant.Adware.VidSaver.1

1.0.20.50

Bkav FE

W32.Clodac0.Trojan

1.3.0.4613

Clam AntiVirus

Win.Adware.Vidsaver

0.98/18155

Comodo Security

ApplicUnwnt

17562

Dr.Web

Adware.Bho.3871

9.0.1.010

Emsisoft Anti-Malware

Gen:Variant.Adware.VidSaver

8.16.01.10.02

ESET NOD32

Win32/Toolbar.CrossRider (variant)

10.9255

Fortinet FortiGate

Adware/Fam.NB

1/10/2016

F-Secure

Gen:Variant.Adware.VidSaver.1

11.2016-10-01_1

G Data

Gen:Variant.Adware.VidSaver

16.1.22

IKARUS anti.virus

Win32.SuspectCrc

t3scan.2.2.29

K7 AntiVirus

Unwanted-Program

13.175.10837

Malwarebytes

PUP.CrossRider.SSK

v2016.01.10.02

McAfee

Artemis!EC911E02D492

5600.6525

MicroWorld eScan

Gen:Variant.Adware.VidSaver.1

17.0.0.30

NANO AntiVirus

Riskware.Win32.GamePlayLabs.cxfutx

0.28.6.62995

Qihoo 360 Security

Win32/Virus.Adware.d62

1.0.0.1015

Quick Heal

Adware.Crossid (Not a Virus)

1.16.12.00

Reason Heuristics

PUP.50OnRed.FriendlyApps (M)

16.1.10.2

Sophos

AppRider

4.96

Trend Micro House Call

TROJ_GEN.R0CBH05J913

7.2.10

Trend Micro

TROJ_GEN.RCBCOC4

10.465.10

VIPRE Antivirus

GamePlayLabs

25142

Zillya! Antivirus

Backdoor.Pigeon.Win32.946

2.0.0.1972

File size:

559.4 KB (572,808 bytes)

Product version:

1.1.150.15

Original file name:

Savings Sidekick.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\savings sidekick\savings sidekick.dll

Digital Signature

Signed by:

Friendly Apps

Authority:

Thawte, Inc.

Valid from:

5/1/2012 2:00:00 AM

Valid to:

5/2/2013 1:59:59 AM

Subject:

CN=Friendly Apps, O=Friendly Apps, L=Philadelphia, S=Pennsylvania, C=US

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

56D17D2D52C2BC3A2CECDA129CA33619

File PE Metadata

Compilation timestamp:

8/6/2012 11:08:35 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:LZ2Cx7y7Z6Zx8b6HI2rPN4AMIh3y4F7OJUOYiQJTHXsbDR:V2Cx7y16Zx8g9TB84FLOYiQN2

Entry address:

0x357E7

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, A3, 9A, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 15, C5, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, 00, DD, 07, 10, 33, C5, 89, 45, FC, 8B, 55, 18, 53, 33, DB, 56, 57, 3B, D3, 7E, 1F, 8B, 45, 14, 8B, CA, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, C2, 2B, C1, 48, 3B, C2, 7D, 01, 40, 89, 45, 18... 
[+]

Code size:

392 KB (401,408 bytes)

Internet Explorer BHO

Display name:

CrossriderApp0005060

CLSID:

{11111111-1111-1111-1111-110011501160}

CLSID name:

Savings Sidekick

The file Savings Sidekick.dll has been discovered within the following program.

Savings Sidekick by 215 Apps

Savings Sidekick from 215 Apps (Amazing Apps) installs a web browser extension (Internet Explorer Browser Helper Object) to view web pages loaded and looks for affiliated merchants in order to possibly provide better pricing or alternative deals on a given product or merchant.

www.50onred.com

80% remove it

Remove Savings Sidekick.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.