» Savings Sidekick.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

Savings Sidekick.dll

Savings Sidekick

Awesome Apps

This web browser extension uses the Crossrider toolbar creation and distribution platform. The module Savings Sidekick.dll, “Savings Sidekick BHO” by Awesome Apps has been detected as adware by 28 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘CrossriderApp0005060’. This file is typically installed with the program Savings Sidekick by 215 Apps which is a potentially unwanted software program. This web browser addon will display additional advertisements in the user's browser including popup, banner, contextual hyperlinks as well as affiliate links.

File name:

Publisher:

215 Apps (signed by Awesome Apps)

Product:

Savings Sidekick

Description:

Savings Sidekick BHO

Version:

1.1.151.37

MD5:

f32adeea1f333848d9541cddbd67718b

SHA-1:

cd946d645564f9804a34391a3c0da60fd0da5a41

SHA-256:

c69f9774a974e54f2a64413ab78f2c554082ee145ab3ce543513909b7a162d9e

Scanner detections:

28 / 68

Status:

Adware

Explanation:

Browser extension that injects additional advertisements (banner and text links) on web pages.

Analysis date:

4/19/2024 5:55:39 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.VidSaver.1

922

Agnitum Outpost

Trojan.Adware

7.1.1

AhnLab V3 Security

Win-Trojan/Agent2.M.617344.H

2013.12.24

Avira AntiVirus

Adware/Vidsaver.A.12

7.11.121.112

AVG

MalSign.Skodna

2015.0.3400

Bitdefender

Gen:Variant.Adware.VidSaver.1

1.0.20.260

Bkav FE

W32.Clod285.Trojan

1.3.0.4959

Boost by Reason

Optional.BHO.AwesomeApps.Q

188838

Comodo Security

ApplicUnwnt

16297

Dr.Web

Adware.Plugin.14

9.0.1.0219

Emsisoft Anti-Malware

Gen:Variant.Adware.VidSaver

8.14.02.21.12

ESET NOD32

Win32/Toolbar.CrossRider (variant)

8.8359

Fortinet FortiGate

Adware/Fam.NB

2/21/2014

F-Secure

Gen:Variant.Adware.VidSaver.1

11.2014-21-02_6

G Data

Gen:Variant.Adware.VidSaver

14.2.22

IKARUS anti.virus

Win32.SuspectCrc

t3scan.2.0.0.0

K7 AntiVirus

Trojan

13.176.11292

Malwarebytes

PUP.CrossRider.SSK

v2014.02.21.12

McAfee

Artemis!7E68FD9E08F3

5600.7056

Microsoft Security Essentials

Adware:Win32/Vidsaver

1.165.247.01

MicroWorld eScan

Gen:Variant.Adware.VidSaver.1

15.0.0.156

NANO AntiVirus

Riskware.Win32.VidSaver.crhsfe

0.28.0.57029

Panda Antivirus

Trj/CI.A

14.07.28.01

Reason Heuristics

PUP.BHO.AwesomeApps.Q

14.8.7.17

Sophos

AppRider

4.96

Trend Micro House Call

TROJ_GEN.F47V0223

7.2.52

Trend Micro

TROJ_GEN.RCBCDAH

10.465.28

VIPRE Antivirus

GamePlayLabs

17988

File size:

602.9 KB (617,344 bytes)

Product version:

1.1.151.37

Original file name:

Savings Sidekick.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\savings sidekick\savings sidekick.dll

Digital Signature

Signed by:

Awesome Apps

Authority:

Thawte, Inc.

Valid from:

8/29/2012 2:00:00 AM

Valid to:

8/30/2013 1:59:59 AM

Subject:

CN=Awesome Apps, O=Awesome Apps, L=Philadelphia, S=Pennsylvania, C=US

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

3D0C9CCF6A7D44B9FDA1963A424319BA

Registration

CLSIDs:

{11111111-1111-1111-1111-110011501160}, {22222222-2222-2222-2222-220022502260}

ProgIDs:

CrossriderApp0005060.BHO.1, CrossriderApp0005060.Sandbox.1

COM registered:

Yes

File PE Metadata

Compilation timestamp:

10/25/2012 3:22:39 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:1oJru/bPsxxzmst476G/v/hl9SNOlxe7C3y6Pa3SKZE9ml1+6:8u/bPsxxzni6w/xSYL5yyCSsEUQ6

Entry address:

0x3B78E

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 96, 9A, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 55, C2, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, E0, 7D, 08, 10, 33, C5, 89, 45, FC, 8B, 55, 18, 53, 33, DB, 56, 57, 3B, D3, 7E, 1F, 8B, 45, 14, 8B, CA, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, C2, 2B, C1, 48, 3B, C2, 7D, 01, 40, 89, 45, 18... 
[+]

Entropy:

6.5991

Code size:

421 KB (431,104 bytes)

Internet Explorer BHO

Display name:

CrossriderApp0005060

CLSID:

{11111111-1111-1111-1111-110011501160}

CLSID name:

Savings Sidekick

The file Savings Sidekick.dll has been discovered within the following program.

Savings Sidekick by 215 Apps

Savings Sidekick from 215 Apps (Amazing Apps) installs a web browser extension (Internet Explorer Browser Helper Object) to view web pages loaded and looks for affiliated merchants in order to possibly provide better pricing or alternative deals on a given product or merchant.

www.50onred.com

80% remove it

Remove Savings Sidekick.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.