Multi-Device Licenses (Volume Discounts)

Change Region

English
Threat Database Adware GreatSaver

GreatSaver

By JubileeX in Adware

Threat Scorecard

Ranking: 13,094
Threat Level: 20 % (Normal)
Infected Computers: 2,268
First Seen: December 27, 2013
Last Seen: September 11, 2023
OS(es) Affected: Windows

GreatSaver is a Potentially Unwanted Program that may cause a wide variety of issues on affected Web browsers. GreatSaver is distributed as a helpful Web browser extension that allows computer users to find discounts, coupons and special deals online. However, malware researchers have noted that GreatSaver does not deliver on its promise, causing numerous problems that clearly not worth the trouble of installing GreatSaver on a Web browser. GreatSaver may cause system performance issues, takes over the victim's Web browser and may endanger a computer user's privacy. Because of this, GreatSaver should be removed immediately from an affected Web browser using a reliable security application.

Recognizing the Problems that May Be Linked to GreatSaver

GreatSaver is used to profit from advertising revenue by causing a huge variety of trouble on the affected Web browser. Security researchers have received reports of the following symptoms associated with GreatSaver:

  • GreatSaver may take over the affected Web browser, causing browser redirects. These types of symptoms are associated usually with PUPs known as browser hijackers because they effectively hijack the victim's Web browser and use it for their own purposes. GreatSaver may force computer users to visit certain websites repeatedly. Using browser redirects, a third party may lead computer users to a website where their computers may be infected with potentially unsafe content or where the computer user is exposed to advertising material that generates revenue according to the number of people that have viewed it or clicked on it.
  • GreatSaver also displays advertising content directly on the victim's Web browser. GreatSaver is associated with pop-up windows that may disrupt a computer user's experience with advertising material or with bogus error messages that could be used to install other PUPs on the affected computer. GreatSaver may also add advertising material to websites viewed on the affected Web browser, such as intrusive banner advertisements or in-text links.
  • GreatSaver may make unauthorized changes to the affected Web browser's settings. For example, a common symptom associated with GreatSaver is that this PUP changes Web browsers' homepages and search engines.

Aliases

12 security vendors flagged this file as malicious.

Anti-Virus Software Detection
AVG Generic_r.HD
AhnLab-V3 Trojan/Win32.Preloader
K7AntiVirus Adware ( 004922f61 )
McAfee RDN/Generic PUP.x!bqt
AVG Generic5.AKXU
Fortinet Riskware/MultiPlug
Ikarus Win32.SuspectCrc
Panda Suspicious file
AntiVir ADWARE/Adware.A.2773
Comodo ApplicUnwnt
K7AntiVirus Adware ( 004923a41 )
McAfee Artemis!FFE3F0C62F2F

SpyHunter Detects & Remove GreatSaver

File System Details

GreatSaver may create the following file(s):
Expand All | Collapse All
# File Name MD5 Detections
1. M.x64.dll baabc2931a5624f5e299eb32417f40fe 23
2. pjakibllfljmbnmhfdagbemihjkilocn.crx bce210d45c9de7e67d1e93546a65eabf 0
3. settings.ini 37f1349fe846799ada59e47f063e9616 0

Registry Details

GreatSaver may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
SOFTWARE\Classes\grEatsaaverr.grEatsaaverr
SOFTWARE\Classes\grEatsaaverr.grEatsaaverr.2.7
SOFTWARE\Classes\gREatsaVeer.gREatsaVeer
SOFTWARE\Classes\gREatsaVeer.gREatsaVeer.2.7
SOFTWARE\Classes\greatsaver.greatsaver
SOFTWARE\Classes\greatsaver.greatsaver.2.7
SOFTWARE\Classes\grEaTSaveur.grEaTSaveur
SOFTWARE\Classes\grEaTSaveur.grEaTSaveur.2.7
SOFTWARE\Classes\greAtssaVer.greAtssaVer
SOFTWARE\Classes\greAtssaVer.greAtssaVer.2.7
SOFTWARE\Classes\greatsuaver.greatsuaver
SOFTWARE\Classes\greatsuaver.greatsuaver.2.7
SOFTWARE\Classes\greeaTsaver.greeaTsaver
SOFTWARE\Classes\greeaTsaver.greeaTsaver.2.7
SOFTWARE\Classes\GuReatsaver.GuReatsaver
SOFTWARE\Classes\GuReatsaver.GuReatsaver.2.7
Software\Microsoft\Internet Explorer\Approved Extensions\{CA11228B-2BD7-4F3D-7F61-AD7A77802074}
Software\Microsoft\Internet Explorer\Approved Extensions\{FA314450-D6DD-19A0-2DDB-5FD8415640C6}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{03EAF529-C055-C20A-A3E9-8867CA0D7274}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{25191C3E-BA4F-8BE7-0331-0B9957F545C9}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{4219A5E4-F761-7067-F778-246F5F251A2E}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{55FEF647-A771-A581-C07F-4FE40BFF2560}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{690276D0-6E67-EDF0-87F6-4B076E70C387}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{7BD51B22-B4B8-F771-31FB-9C92D080A4C9}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{90C23E8A-EB1F-A7F8-468E-12D09D1B53F2}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A7DD9744-0571-972B-6E6D-FC75C7B0D0B7}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A9008E8A-2146-0996-6EFB-25654D3617BC}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{ACAC8DD5-8706-7AD4-4226-7CA79A6F84BF}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{AD17FB2A-0BA6-D1F4-11A1-6BDB2A5DC0C6}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{AECAE41F-43F4-CA77-5898-1174E7D5D65A}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{B427936C-9A2F-1240-ED45-43900ED08985}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{B92CA931-A1E8-06DD-4D99-F74BEE127065}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{BBB2C77B-F168-6ECE-B64D-9028464D579E}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{CAAECBEF-BFB3-18B7-59F8-171CC891B819}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{EF4D6360-3841-0845-42FD-F5F38F88505C}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{F9F4C568-897E-9E1B-FFE5-D3038C347067}
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{FA314450-D6DD-19A0-2DDB-5FD8415640C6}
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}

Directories

GreatSaver may create the following directory or directories:

%ALLUSERSPROFILE%\Application Data\greaatsaver
%ALLUSERSPROFILE%\gRReeatsaver
%ALLUSERSPROFILE%\gReatsavaer
%ALLUSERSPROFILE%\gReatsuaveR
%ALLUSERSPROFILE%\ggreatsaVeer
%ALLUSERSPROFILE%\ggreatsaver
%ALLUSERSPROFILE%\greATisaver
%ALLUSERSPROFILE%\greaitSavEr
%ALLUSERSPROFILE%\greatsaaveeR
%ALLUSERSPROFILE%\greatsaever
%ALLUSERSPROFILE%\greatssaveRR
%ALLUSERSPROFILE%\greiAtsaveR
%ALLUSERSPROFILE%\grreaTSaaver
%APPDATA%\gReatsuaveR
%APPDATA%\greatsaaveeR
%APPDATA%\greatsaveeer
%AllUsersProfile%\Application Data\greatsaver
%AllUsersProfile%\greaatsaver
%AllUsersProfile%\greatsaver
%PROGRAMFILES%\Graeatsaver
%PROGRAMFILES%\gRReeatsaver
%PROGRAMFILES%\gReatsavaer
%PROGRAMFILES%\ggreatsaVeer
%PROGRAMFILES%\ggreatsaver
%PROGRAMFILES%\ggreatssAver
%PROGRAMFILES%\greaitSavEr
%PROGRAMFILES%\greatSaver
%PROGRAMFILES%\greatsavinG
%PROGRAMFILES%\greatssaveRR
%PROGRAMFILES%\grreaTSaaver
%PROGRAMFILES(X86)%\gReatsuaveR
%PROGRAMFILES(X86)%\ggreatsaver
%PROGRAMFILES(x86)%\Graeatsaver
%PROGRAMFILES(x86)%\gReatsavaer
%PROGRAMFILES(x86)%\ggreatssAver
%PROGRAMFILES(x86)%\greATisaver
%PROGRAMFILES(x86)%\greaitSavEr
%PROGRAMFILES(x86)%\greatSaver
%PROGRAMFILES(x86)%\greatsaever
%PROGRAMFILES(x86)%\greatsavinG
%PROGRAMFILES(x86)%\greatssaveRR
%PROGRAMFILES(x86)%\greiAtsaveR
%ProgramFiles%\greaatsaver
%ProgramFiles(x86)%\greaatsaver

URLs

GreatSaver may call the following URLs:

greaatsaver
greatSaver
greatsaver

Related Posts

Trending

Most Viewed

Loading...