{"id":306,"date":"2014-04-22T09:12:24","date_gmt":"2014-04-22T09:12:24","guid":{"rendered":"http:\/\/www.freefixer.com\/b\/?p=306"},"modified":"2018-05-29T12:02:55","modified_gmt":"2018-05-29T12:02:55","slug":"sw-booster-exe-sw-sustainer-1-80","status":"publish","type":"post","link":"https:\/\/www.freefixer.com\/b\/sw-booster-exe-sw-sustainer-1-80\/","title":{"rendered":"SW-Booster.exe, SW-Sustainer 1.80, saVee aNete 5.14"},"content":{"rendered":"<p>Played around with another download this morning. This time a bunch of new files and settings appeared. The first notable change was a new process and scheduled task called <strong>SW-Booster.exe<\/strong> appearing:<img loading=\"lazy\" class=\"alignnone size-full wp-image-310\" style=\"line-height: 1.5;\" src=\"http:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/sw-booster.exe_1.png\" alt=\"sw-booster.exe\" width=\"761\" height=\"255\" srcset=\"https:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/sw-booster.exe_1.png 761w, https:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/sw-booster.exe_1-300x100.png 300w\" sizes=\"(max-width: 761px) 100vw, 761px\" \/><\/p>\n<p><strong>SW-Booster.exe<\/strong> is detected under names such as &#8220;<strong>a variant of Win32\/TrojanDownloader.Agent.AFD<\/strong>&#8221; and &#8220;<strong>PUP.Optional.MultiPlug.A<\/strong>&#8221;<\/p>\n<p>Two new Firefox extensions also appeared, <strong>Y**tubeAdBlocker<\/strong> and\u00a0<strong>saVee aNete 5.14<\/strong>:<img loading=\"lazy\" class=\"alignnone size-full wp-image-307\" style=\"line-height: 1.5;\" src=\"http:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/savee-anete-5.14.png\" alt=\"savee-anete-5.14\" width=\"550\" height=\"316\" srcset=\"https:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/savee-anete-5.14.png 550w, https:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/savee-anete-5.14-300x172.png 300w\" sizes=\"(max-width: 550px) 100vw, 550px\" \/><\/p>\n<p>I&#8217;ve verified that <a title=\"About FreeFixer\" href=\"http:\/\/www.freefixer.com\/b\/about-freefixer\/\"><strong>FreeFixer<\/strong><\/a> removed these completely. There are also entries in the Programs and Features dialog.<a style=\"line-height: 1.5;\" href=\"http:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/SW-Booster-SW-Sustainer-1.80.png\"><img loading=\"lazy\" class=\"alignnone  wp-image-308\" src=\"http:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/SW-Booster-SW-Sustainer-1.80.png\" alt=\"SW-Booster-SW-Sustainer 1.80\" width=\"639\" height=\"271\" srcset=\"https:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/SW-Booster-SW-Sustainer-1.80.png 639w, https:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/SW-Booster-SW-Sustainer-1.80-300x127.png 300w\" sizes=\"(max-width: 639px) 100vw, 639px\" \/><\/a><\/p>\n<p>Please let me know if this helped you remove the <strong>SW-Booster<\/strong> malware by posting a comment.<\/p>\n<p><strong>Update 2014-11-21<\/strong>: Seems to be a variant around called <strong>SoftwareBooster.exe<\/strong>:<\/p>\n<p><a href=\"http:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/SoftwareBooster.exe-task-manager.png\"><img loading=\"lazy\" class=\"alignnone size-full wp-image-3095\" src=\"http:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/SoftwareBooster.exe-task-manager.png\" alt=\"SoftwareBooster.exe task manager\" width=\"386\" height=\"189\" srcset=\"https:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/SoftwareBooster.exe-task-manager.png 386w, https:\/\/www.freefixer.com\/b\/wp-content\/uploads\/2014\/04\/SoftwareBooster.exe-task-manager-300x146.png 300w\" sizes=\"(max-width: 386px) 100vw, 386px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Played around with another download this morning. This time a bunch of new files and settings appeared. The first notable change was a new process and scheduled task called SW-Booster.exe appearing: SW-Booster.exe is detected under names such as &#8220;a variant of Win32\/TrojanDownloader.Agent.AFD&#8221; and &#8220;PUP.Optional.MultiPlug.A&#8221; Two new Firefox extensions also appeared, Y**tubeAdBlocker and\u00a0saVee aNete 5.14: I&#8217;ve &hellip; <a href=\"https:\/\/www.freefixer.com\/b\/sw-booster-exe-sw-sustainer-1-80\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">SW-Booster.exe, SW-Sustainer 1.80, saVee aNete 5.14<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3,16,19],"tags":[41],"_links":{"self":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/306"}],"collection":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/comments?post=306"}],"version-history":[{"count":4,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/306\/revisions"}],"predecessor-version":[{"id":3097,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/306\/revisions\/3097"}],"wp:attachment":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/media?parent=306"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/categories?post=306"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/tags?post=306"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}