Threat Database Adware Safe Saver

Safe Saver

By LoneStar in Adware

Threat Scorecard

Ranking: 16,590
Threat Level: 20 % (Normal)
Infected Computers: 192
First Seen: July 12, 2013
Last Seen: August 24, 2023
OS(es) Affected: Windows

PC health researchers have observed reports of an annoying Internet browser add-on named Safersaver, which may be installed on most widely used Internet browsers (including Safari, Google Chrome, Internet Explorer and Mozilla Firefox). Safersaver is one of the many questionable Internet browser extensions that are used to generate revenue at the expense of PC users. Safersaver is not threatening, but Safersaver may cause a large number of annoying issues on affected PCs. Safersaver also may be associated with other issues such as pop-up messages and unwanted toolbars.

PC users affected by Safersaver have reported that their Internet browser becomes very hard to use due to a constant stream of annoying advertisements, pop-up messages and suggestions to download questionable files. One other problem related to Safersaver is that this Internet browser add-on may be hard to remove. Removing Safersaver may involve the use of manual methods and a reliable security application.

What Makes Safersaver be Considered as a PUP

Malware researchers consider Safersaver a Potentially Unwanted Program. These types of programs are not considered threatening, but may cause numerous issues or have various characteristics that are more usually associated with threats than with legitimate software. There are many types of PUPs, including adware, spyware or the so-called bloatware. PUPs are programs that do not provide any kind of useful service and may be designed to generate revenue from the computer user without providing anything in return.

One problem that is typical of PUPs is that, although themselves not threatening, they may be associated with threatening software. There are certain threat infections designed to install Safersaver and other PUPs. These may then make it quite hard for the computer user to remove PUPs from their PC. The reason for these types of strategies is that PUPs may provide an easy way for third parties to make money from their threats attacks and from infecting computers.

Safersaver may be Used to Generate Revenue from PC Users

One of the main issues associated with Safersaver is that Safersaver makes numerous changes to affected Internet browsers. These changes are designed to generate revenue on the affected PC. The way Safersaver may make money is through advertising revenue. There are various ways in which Safersaver may do this. Safersaver may try to lead PC users to visit Web pages containing advertisements repeatedly. Safersaver also may insert advertisements on Web pages viewed on the affected Internet browser.

Safersaver may make changes to the affected Internet browser that ensure that PC users are forced to view certain sponsored Web pages and advertisements repeatedly, as soon as the affected Internet browser starts up. Safersaver also may be involved in market research, keeping track of PC users' online activities, search histories and other marketable data. Safersaver may use this data to deliver certain advertisements to the affected Internet browser, or relay it to a third party for sale to other marketers.

Dealing with Safersaver and Other PUPs

Safersaver should be removed immediately from affected Internet browsers. Although most Internet browser extensions are removed using the Internet browser's extensions manager, PUPs may interfere with these features or may be designed to prevent PC users from removing them in this manner. In most cases, removing Safersaver and similar PUPs may require uninstalling them using the Windows Control Panel 'Add and Remove Programs' or a similar feature. Once Safersaver has been uninstalled, it may be necessary to undo any unwanted changes made by Safersaver to the affected Internet browser's settings, such as restoring your default home page and search engine manually. Finally, malware researchers recommend the use of a reliable anti-virus application to ensure that no threats associated with Safersaver have entered the affected PC.

Aliases

4 security vendors flagged this file as malicious.

Anti-Virus Software Detection
AVG Generic_r.GS
McAfee Artemis!780958166D99
K7AntiVirus Riskware
McAfee Artemis!F75B89C57D58

SpyHunter Detects & Remove Safe Saver

File System Details

Safe Saver may create the following file(s):
# File Name MD5 Detections
1. Safe-Saver App-chromeinstaller.exe dff5cf9a218bc9e0d6d85023c0781c4b 2
2. Safe-Saver App-enabler.exe 94e89d6f36bda940c0ed106072dacc20 2
3. Safe-Saver App-firefoxinstaller.exe b843e61005fbd81f1aa9c14d489ba15b 2
4. Safe-Saver App-updater.exe 9d5c3a5275b31cfdde7fcb7ebd65c4d0 2
5. Safe Saver-bho.dll 813a675a972640634f204f7ec6abc32f 1
6. Safe-Saver App-bho64.dll c7c94f8f987b27b4600358477b222883 1

Registry Details

Safe Saver may create the following registry entry or registry entries:
Software\InstalledBrowserExtensions\Safe Saver
Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311391186}
Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{11111111-1111-1111-1111-110311391186}
SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\Safe-Saver Generic-bg.exe
Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{11111111-1111-1111-1111-110311391186}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\Safe-Saver Generic-bg.exe

Directories

Safe Saver may create the following directory or directories:

%APPDATA%\Safe-Saver App
%PROGRAMFILES%\Safe-Saver App
%PROGRAMFILES(x86)%\Safe-Saver App
%ProgramFiles%\Safe-Saver Generic
%ProgramFiles(x86)%\Safe-Saver Generic

URLs

Safe Saver may call the following URLs:

safe saveu

Trending

Most Viewed

Loading...