Supra Savings
Posted: March 31, 2014
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 9,230 |
|---|---|
| Threat Level: | 2/10 |
| Infected PCs: | 60,906 |
| First Seen: | April 3, 2014 |
|---|---|
| Last Seen: | March 2, 2025 |
| OS(es) Affected: | Windows |
Supra Savings is a browser add-on that offers coupons and discounted price links for your online shopping benefit. The outward benefits of these functions belie their inner implementation, which forces malware experts to categorize Supra Savings as just another adware program. Since adware may slow your browser or cause security issues through the advertising content, under normal conditions, there's few reasons to avoid removing Supra Savings with appropriate anti-adware solutions.
Supra Savings: A Less than Superlative Shopping Saver
Supra Savings is a classic example of 'wolf in sheep's clothing' adware that represents itself as an advantageous program, while its functions do little to provide the promised online savings. With its distribution taking a notable upturn in July of 2014, Supra Savings began being seen on PCs without any intentional installation taking place, leaving Supra Savings free to inject advertisements into your Web-browsing experience non-consensually. The means by which Supra Savings installs itself still is being tracked by malware researchers, although they have yet to link Supra Savings to outright threatening software, such as Trojan downloaders.
Supra Savings's installation only precedes its automatic adjustments to your Web browser. While claiming to be compatible with most Windows browsers, malware researchers only can confirm the Supra Savings's compatibility with Chrome, similar to many, other coupon-based adware products of the past year. Symptoms of Supra Savings installation are immediate and easily detectable by eye, including advertisements inserted into arbitrary websites, pop-up advertisements that load on mouse clicks and text content modified to host links to additional Supra Savings advertisements. The latter may be contextual in nature, such as the phrase 'soccer team' being linked to promoting a soccer ball product.
Like most adware, Supra Savings may accomplish this contextual advertising by keeping track of your visited sites and Web searches. Although Supra Savings primarily is of concern for its invasion of privacy, this function also may hurt your browser's performance, along with the increased loading times caused by Supra Savings's advertisements.
Saving Yourself from Supra Savings
Primarily known for its installation methods, which place Supra Savings on your PC automatically, Supra Savings has little to separate Supra Savings from the other shopping adware that malware researchers already have examined previously. Considered a Potentially Unwanted Program, Supra Savings is more likely to cause your browser to perform poorly than Supra Savings is to launch attacks against your PC. However, advertising networks favored by adware like Supra Savings may inadvertently distribute other PC threats, which may make removing Supra Savings a medium to high priority.
Adware programs don't have a reputation for easy deletion, and Supra Savings, unfortunately, continues that tradition. Any problems with deleting Supra Savings should resolve through using tried-and-tested anti-adware products, or equivalently comprehensive PC security tools. Switching to an unaffected browser or reinstalling your browser are two options for avoiding Supra Savings's symptoms temporarily, but not ones that malware researchers would suggest in lieu of removing this adware.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%SYSTEMDRIVE%\Users\<username>\AppData\Local\Temp\n2425\suprasavings_2703-e3e04064.exe
File name: suprasavings_2703-e3e04064.exeSize: 1.39 MB (1391718 bytes)
MD5: 4a59fd9f6f05d13a7b55105ece17daed
Detection count: 276
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\Users\<username>\AppData\Local\Temp\n2425\suprasavings_2703-e3e04064.exe
Group: Malware file
Last Updated: November 6, 2022
C:\backup 02-06-17\Backup-15-09-2015\Backup 05-06-2014\Program Files\suprasavings\uninstaller.exe
File name: uninstaller.exeSize: 80.05 KB (80058 bytes)
MD5: 51a91ea9a7b9f0ed5bc7809b04010014
Detection count: 272
File type: Executable File
Mime Type: unknown/exe
Path: C:\backup 02-06-17\Backup-15-09-2015\Backup 05-06-2014\Program Files\suprasavings\uninstaller.exe
Group: Malware file
Last Updated: June 19, 2022
C:\Users\<username>\AppData\Local\Temp\nsvB5B9.tmp.exe
File name: nsvB5B9.tmp.exeSize: 80.29 KB (80296 bytes)
MD5: 74c37c26a9fb0a4a76a051b583b1cac4
Detection count: 262
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\AppData\Local\Temp\nsvB5B9.tmp.exe
Group: Malware file
Last Updated: December 4, 2024
%PROGRAMFILES%\SupraSavings\2rs3.dll
File name: 2rs3.dllSize: 91.1 KB (91104 bytes)
MD5: bb9a12ee2fd0f796bc23f9db41686aa8
Detection count: 63
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\SupraSavings
Group: Malware file
Last Updated: June 30, 2014
%TEMP%\10d2670116c74ecd83e873ffb71f8a551075\SuprasavingsWrapped.exe
File name: SuprasavingsWrapped.exeSize: 1.44 MB (1440688 bytes)
MD5: 308d67e6819108d0d20899378a8a6a47
Detection count: 61
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\10d2670116c74ecd83e873ffb71f8a551075
Group: Malware file
Last Updated: June 30, 2014
C:\Users\<username>\AppData\Local\Temp\WPR\suprasavings.exe
File name: suprasavings.exeSize: 1.38 MB (1386333 bytes)
MD5: 9deba87b7a60f8251ba02943126452cc
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\AppData\Local\Temp\WPR\suprasavings.exe
Group: Malware file
Last Updated: August 20, 2022
%TEMP%\nsn469D.tmp\52\suprasavings_4212014.exe
File name: suprasavings_4212014.exeSize: 1.38 MB (1389244 bytes)
MD5: 94e384c78f9ba10b04308be34481c56e
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\nsn469D.tmp\52
Group: Malware file
Last Updated: June 30, 2014
%PROGRAMFILES%\5B99CC8D-7BAF-430A-9C63-67C9980E3ED8\SupraSavingsService.exe
File name: SupraSavingsService.exeSize: 244.2 KB (244202 bytes)
MD5: 385c7d6c4f42b076a186696290824168
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\5B99CC8D-7BAF-430A-9C63-67C9980E3ED8
Group: Malware file
Last Updated: July 11, 2014
More files
Registry Modifications
CLSID{03EF41A4-BA24-4e49-A2C0-E1D047299287}{130CCD34-0382-48E5-B307-0E7E72166828}{26D25DD5-F17A-4d93-9A94-997E2124EEB4}{30279F40-D76B-443c-A34D-F43B35B35CE1}{76A60138-58B3-4e27-85FB-8FEF344A8998}{796D0AA0-DC0E-44C9-A398-C874F04D55A4}{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}{CE2102F0-DF63-452e-9CA7-0F75FF4DDD4B}{DADFCC6F-66D2-4e1d-A01B-7064CAD2F583}{EBE666C3-F26C-4cf6-8ABA-3D5F5D2625E1}HKEY..\..\..\..{RegistryKeys}SOFTWARE\0866B8A9-2E46-422F-947B-2C563F566A0ESoftware\AppDataLow\Software\Supra SavingsSoftware\AppDataLow\Software\suprasavingsSOFTWARE\Classes\AppID\SecureAssist.exeSOFTWARE\Classes\SecureAssist.DataContainerSOFTWARE\Classes\SecureAssist.DataContainer.1SOFTWARE\Classes\SecureAssist.DataControllerSOFTWARE\Classes\SecureAssist.DataController.1SOFTWARE\Classes\SecureAssist.DataTableSOFTWARE\Classes\SecureAssist.DataTable.1SOFTWARE\Classes\SecureAssist.DataTableFieldsSOFTWARE\Classes\SecureAssist.DataTableFields.1SOFTWARE\Classes\SecureAssist.DataTableHolderSOFTWARE\Classes\SecureAssist.DataTableHolder.1SOFTWARE\Classes\SecureAssist.LSPLogicSOFTWARE\Classes\SecureAssist.LSPLogic.1SOFTWARE\Classes\SecureAssist.ReadOnlyManagerSOFTWARE\Classes\SecureAssist.ReadOnlyManager.1SOFTWARE\Classes\SecureAssist.WatchDogSOFTWARE\Classes\SecureAssist.WatchDog.1SOFTWARE\Classes\SecureAssist.WFPControllerSOFTWARE\Classes\SecureAssist.WFPController.1SOFTWARE\F978377C-B7D4-4536-8E10-14CA97B13394Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dbbe4f9-6e7b-b8b7-9283-368de8576190}SOFTWARE\Supra SavingsSOFTWARE\SupraSavingsSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9dbbe4f9-6e7b-b8b7-9283-368de8576190}SOFTWARE\Wow6432Node\SupraSavingsSOFTWARE\Wow6432Node\Wow6432Node\SupraSavingsSYSTEM\ControlSet001\services\buuoujqmrk64SYSTEM\ControlSet001\services\SecureAssistSYSTEM\ControlSet001\Services\SupraSavingsServiceSYSTEM\ControlSet001\Services\SupraSavingsService64SYSTEM\ControlSet002\Control\SafeBoot\Network\SecureAssistSYSTEM\ControlSet002\services\buuoujqmrk64SYSTEM\ControlSet002\services\SecureAssistSYSTEM\ControlSet002\Services\SupraSavingsServiceSYSTEM\ControlSet002\Services\SupraSavingsService64SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssistSYSTEM\CurrentControlSet\services\buuoujqmrk64SYSTEM\CurrentControlSet\services\SecureAssistSYSTEM\CurrentControlSet\Services\SupraSavingsServiceSYSTEM\CurrentControlSet\Services\SupraSavingsService64HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Supra Savingssuprasavings{D12C40DB-CD7D-4D86-9285-5E2FE23693E4}{E6B105B8-1F65-4428-9397-1DFD8A03B94D}
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.