Solid Savings

Solid Savings Description


Solid Savings is an adware application/browser add-on that displays numerous coupons, offers and special deals that supposedly save PC users’ money while they are shopping online. Solid Savings claims it works with such companies like Expedia, Toysrus, kmart, Zales and many other. The company that owes Solid Savings is 215Apps (Innovative Apps), known to be a developer of Savings Vault, Deals Plugin, Instant Savings App and many other browser extensions. Although Solid Savings can be downloaded from its official website, computer users almost never do this. Usually Solid Savings is spread using deceptive methods, such as packing it together with other applications such as a free video file converter. After Solid Savings is installed automatically, it changes the websites you visit and flood a screen of a targeted PC numerous with pop-up advertisements.
DOWNLOAD NOW

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.


Solid Savings Automatic Detection Tool (Recommended)


Is your PC infected with Solid Savings? To safely & quickly detect Solid Savings we highly recommend you run the malware scanner listed below.



Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 %PROGRAMFILES%\ Solid Savings\ Solid Savings.dll 172
    2 SolidSavings.exe 166
    3 %PROGRAMFILES%\Solid Savings 50
    4 %LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\cijeeimilokkhlfjombmalgpabbonmah 47
    5 %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cijeeimilokkhlfjombmalgpabbonmah 44
    6 %UserProfile%\Local Settings\Application Data\Updater26278 41
    7 %LOCALAPPDATA%\Updater26278 37
    8 %UserProfile%\Local Settings\Application Data\Solid Savings 34
    9 %LOCALAPPDATA%\Solid Savings 31

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}CrossriderApp0026278.SandboxCrossriderApp0026278.Sandbox.1Software\AppDataLow\Software\Solid SavingsSOFTWARE\Classes\CrossriderApp0026278.BHOSOFTWARE\Classes\CrossriderApp0026278.BHO.1Software\Cr_Installer\26278Software\InstalledBrowserExtensions\215 Apps, value: 26278SOFTWARE\Wow6432Node\Microsoft\Tracing\26278-internal-installer_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\26278-internal-installer_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Tracing\Solid Savings_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\Solid Savings_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211621178}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID, value: {11111111-1111-1111-1111-110211621178}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Solid Savings
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path} {44444444-4444-4444-4444-440244624478}{66666666-6666-6666-6666-660266626678}{55555555-5555-5555-5555-550255625578}{11111111-1111-1111-1111-110211621178}{22222222-2222-2222-2222-220222622278}
Posted: March 14, 2013 | By
Share:
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Threat Metric
Threat Level: 2/10
Detection Count: 25,566

Leave a Reply

What is 4 + 7 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)