Savifier
Posted: December 1, 2014
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 2/10 |
---|---|
Infected PCs: | 133 |
First Seen: | December 1, 2014 |
---|---|
Last Seen: | July 10, 2021 |
OS(es) Affected: | Windows |
Savifier is an adware program that offers price comparisons, coupons and other shopping-related advertisements. Although, thus far, Savifier's advertisements haven't included any threatening content, malware experts have identified multiple, recent Savifier installations that also may include other threats forcing exposure to Web content of a potentially threatening nature. Unless you installed Savifier intentionally, malware researchers would advise removing Savifier and other software that came with Savifier, assuming you have the dedicated PC security tools to do so.
A Little Extra Attack with Your Online Savings
Potentially Unwanted Programs like Savifier may claim to be able to save their users money, but, in reality, merely load extra in-browser advertisements. While Savifier's advertising functions, so far, have been limited to retailer-based content, recent Savifier campaigns have added legitimate security risks. Additional pop-ups served by Savifier or other PC threats installed along with Savifier forced their users to load survey-based phishing tactics, as well as fraudulent security updates. The latter often are a favorite method of distributing concealed threats.
Both Firefox and Chrome browsers have seen modifications by these recent Savifier-related attacks, which circulated most prominently in September of 2014. Other symptoms computer users sometimes identified during these attacks include looping audio advertisements and browser hijackings that redirect the affected browser to arbitrary domains, including ckntrk.com or trknck.com. In some incidents, malware experts saw these changes extend to the Steam gaming client's in-game browser, as well.
This last detail is unusual for browser-modifying PUPs, even adware like Savifier that otherwise may affect more than one brand of browser. Although malware experts occasionally observe attacks directed at Steam users, phishing attacks sent through instant messages and profile-based tactics are significantly more frequent than attempts to compromise the Steam browser.
Saving All Three Browsers from Savifier Pop-Ups
Prior to its including promotional efforts for suspicious websites, Savifier was a throw-away adware product of little note, save for its strong resemblance to other, just as valueless e-shopping software. While Savifier's classification as a Potentially Unwanted Program continues to be in place, its new-found ties to other threats than itself should be of concern to anyone who wants to protect their Web browsers. Avoid updates, recommended hotlines and other points of exposure to attackers through Savifier-related pop-ups. While anti-adware tools should suffice for deleting Savifier, malware experts also encourage scanning your PC with anti-malware software, following any contact with threatening websites.
The means by which these latest Savifier bundles distribute themselves are still under analysis, although Savifier's website doesn't appear to be the point of origin. Most reports imply the use of non-consensual installers, which could include bundles from free software sites, intentionally mislabeled installers or even attacks, all of which can be blocked by the proper security protocols.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%TEMP%\nw3560_20590\4km6m9uttsm.exe
File name: 4km6m9uttsm.exeSize: 166.92 KB (166920 bytes)
MD5: 261d18cdd15d099046a4c23e47d4de5e
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\nw3560_20590
Group: Malware file
Last Updated: January 5, 2021
Registry Modifications
HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Savifier
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.