SN.BOOSTER is Trojan SProtector

Detected by UnHackMe:

SN.BOOSTER
Default location: %Program Files%\SN.Booster

Removal Results: Success
Number of reboot: 1

SN.BOOSTER is known as:

Trojan.SProtector, Trojan ( 0049344e1 ), Backdoor.Trojan, ADW_SPROTECT, Win32:SProtector-C [PUP], Adware.Agent.4296192, ApplicUnwnt, Trojan.WebPick.35, BProtector, Troj.Undef.(kcloud), Adware.SProtector, Trojan.SProtector.81, a variant of Win32.SProtector.D, AdWare.Bprotector, Adware.Bprotect

SN.BOOSTER hash:

• MD5: d4d1cc69e363813c14f289694756aa1e

Registry:

• HKLM\Software\Classes\CLSID\{63DF3502-E97A-D7B7-8187-B28A7E91596E}\InprocServer32\: “%Program Files%\savE nneT\R2sf.dll”
• HKLM\Software\Classes\CLSID\{652A7E34-19EA-5DF2-12DA-911DEBA51BC3}\InprocServer32\: “%Program Files%\YoutubeAdblocker\EZtrWG4VT.dll”
• HKLM\Software\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}\LocalServer32\: “”%SysDir%\Adobe\Shockwave 11\SwHelper_1157609.exe”"
• HKLM\Software\Classes\CLSID\{EBFCF40E-A87B-463F-A782-55BDD4160B5E}\InprocServer32\: “%Program Files%\LiveSupport\LiveSupport_deskband_x32.dll”
• HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\DisplayName: “sweet-page”
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\12acef01-7853-4166-b453-b58650af5034\UninstallString: “C:\DOCUME~1\ALLUSE~1\APPLIC~1\INSTAL~1\{630B6~1\Setup.exe /remove /q0″
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LiveSupport_is1\DisplayName: “LiveSupport”
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LiveSupport_is1\UninstallString: “”%Program Files%\LiveSupport\unins000.exe”"
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\DisplayName: “Optimizer Pro v3.2″
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\UninstallString: “”%Program Files%\Optimizer Pro\unins000.exe”"
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\S-403225106\UninstallString: “”c:\documents and settings\all users\application data\superbapp\sn.booster\sn.booster.exe” /uninstall”
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\S-403225106\DisplayName: “SN.Booster”
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM\DisplayName: “WPM18.8.0.212″
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM\UninstallString: “%Common Appdata%\WPM\wprotectmanager.exe -uninstall”
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}\UninstallString: “”%Common Appdata%\YoutubeAdblocker\4GRrdbdWYv.exe” /s /n /i:”ExecuteCommands;UninstallCommands” “”"
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}\DisplayName: “YoutubeAdblocker”
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{916e5338}\UninstallString: “”%SysDir%\RUNDLL32.EXE” “C:\PROGRA~1\SN406E~1.BOO”,_uninstall /un”
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{916e5338}\DisplayName: “SN.Sustainer 1.80″
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}\UninstallString: “”%Common Appdata%\savE nneT\0wMPU.exe” /s /n /i:”ExecuteCommands;UninstallCommands” “”"
• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}\DisplayName: “savE nneT”
• HKLM\System\CurrentControlSet\Services\916e5338\ImagePath: “”%SysDir%\rundll32.exe” “c:\progra~1\SNSvc.dll”,service”
• HKLM\System\CurrentControlSet\Services\916e5338\DisplayName: “SN.Sustainer”
• HKLM\System\CurrentControlSet\Services\Wpm\ImagePath: “%Common Appdata%\WPM\wprotectmanager.exe -service”
• HKLM\System\CurrentControlSet\Services\Wpm\DisplayName: “Wpm Service”
• HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\DisplayName: “sweet-page”
• HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Optimizer Pro: “%Program Files%\Optimizer Pro\OptProLauncher.exe”
• HKCU\Software\Microsoft\Windows\CurrentVersion\Run\LiveSupport: “”%Program Files%\LiveSupport\LiveSupport.exe” /noshow /log”
• HKCU\Software\Optimizer Pro\DisplayName: “Optimizer Pro”
• HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\: “”%Program Files%\Mozilla Firefox\firefox.exe” http://www.sweet-page.com/?type=sc&ts=1397489127&from=wpc&uid=VMwareXVirtualXIDEXHardXDrive_00000000000000000001″
• HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command\: “”%Program Files%\Google\Chrome\Application\chrome.exe” http://www.sweet-page.com/?type=sc&ts=1397489127&from=wpc&uid=VMwareXVirtualXIDEXHardXDrive_00000000000000000001″
• HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\: “%Program Files%\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1397489127&from=wpc&uid=VMwareXVirtualXIDEXHardXDrive_00000000000000000001″
• HKLM\Software\Clients\StartMenuInternet\OperaNext\shell\open\command\: “”%Program Files%\Opera Next\Launcher.exe” http://www.sweet-page.com/?type=sc&ts=1397489127&from=wpc&uid=VMwareXVirtualXIDEXHardXDrive_00000000000000000001″
• HKLM\Software\Clients\StartMenuInternet\VMWAREHOSTOPEN.EXE\shell\open\command\: “”%Program Files%\VMware\VMware Tools\VMwareHostOpen.exe” http://www.sweet-page.com/?type=sc&ts=1397489127&from=wpc&uid=VMwareXVirtualXIDEXHardXDrive_00000000000000000001″
• HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\progra~1\sn406e~1.boo”

Folders:

• %Profile%\AppData
• %Common Appdata%\InstallMate
• %Common Appdata%\savE nneT
• %Common Appdata%\SuperbApp
• %Common Appdata%\SuperbApp\Setup
• %Common Appdata%\SuperbApp\SN.Booster
• %Common Appdata%\SuperbApp\SN.Booster\403225106
• %Common Appdata%\WPM
• %Common Appdata%\WPM\log
• %Common Appdata%\WPM\update
• %Common Appdata%\YoutubeAdblocker
• %Program Files%\LiveSupport
• %Program Files%\Optimizer Pro
• %Program Files%\savE nneT
• %Program Files%\YoutubeAdblocker

Files:

• %Profile%\AppData\LocalLow\{63DF3502-E97A-D7B7-8187-B28A7E91596E}\savE nneT.2.7.dat
• %Profile%\AppData\LocalLow\{652A7E34-19EA-5DF2-12DA-911DEBA51BC3}\YoutubeAdblocker.2.7.dat
• %Common Appdata%\d4cce9714edd12e7\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
• %Common Appdata%\d4cce9714edd12e7\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
• %Common Appdata%\d4cce9714edd12e7\{7DD5E91C-3864-77EC-7635-D14910C2A03E}.old
• %Common Appdata%\d4cce9714edd12e7\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
• %Common Appdata%\InstallMate\{630B6380-6555-42A1-A04A-2D77B8E84176}\20140414190223.log
• %Common Appdata%\InstallMate\{630B6380-6555-42A1-A04A-2D77B8E84176}\Custom.dll
• %Common Appdata%\InstallMate\{630B6380-6555-42A1-A04A-2D77B8E84176}\Readme.txt
• %Common Appdata%\InstallMate\{630B6380-6555-42A1-A04A-2D77B8E84176}\Setup.dat
• %Common Appdata%\InstallMate\{630B6380-6555-42A1-A04A-2D77B8E84176}\Setup.exe
• %Common Appdata%\InstallMate\{630B6380-6555-42A1-A04A-2D77B8E84176}\Setup.ico
• %Common Appdata%\InstallMate\{630B6380-6555-42A1-A04A-2D77B8E84176}\TsuDll.dll
• %Common Appdata%\InstallMate\{630B6380-6555-42A1-A04A-2D77B8E84176}\_Setup.dll
• %Common Appdata%\savE nneT\0wMPU.dat
• %Common Appdata%\savE nneT\0wMPU.exe
• %Common Appdata%\SuperbApp\SN.Booster\403225106.ini
• %Common Appdata%\SuperbApp\SN.Booster\SN.Booster.exe
• %Common Appdata%\WPM\log\wprotectmanager_2014-04-14[19-25-58-310].log
• %Common Appdata%\WPM\update\conf
• %Common Appdata%\WPM\wprotectmanager.exe
• %Common Appdata%\YoutubeAdblocker\4GRrdbdWYv.dat
• %Common Appdata%\YoutubeAdblocker\4GRrdbdWYv.exe
• %Program Files%\Mozilla Firefox\browser\searchplugins\sweet-page.xml
• %Program Files%\LiveSupport\LiveSupport.exe
• %Program Files%\LiveSupport\LiveSupport_deskband_x32.dll
• %Program Files%\LiveSupport\LiveSupport_deskband_x64.dll
• %Program Files%\LiveSupport\unins000.dat
• %Program Files%\LiveSupport\unins000.exe
• %Program Files%\LiveSupport\unins000.msg
• %Program Files%\savE nneT\R2sf.dat
• %Program Files%\savE nneT\R2sf.dll
• %Program Files%\savE nneT\R2sf.tlb
• %Program Files%\savE nneT\R2sf.x64.dll
• %Program Files%\SN.Booster
• %Program Files%\SNSvc.dll
• %Program Files%\YoutubeAdblocker\EZtrWG4VT.dat
• %Program Files%\YoutubeAdblocker\EZtrWG4VT.dll
• %Program Files%\YoutubeAdblocker\EZtrWG4VT.tlb
• %Program Files%\YoutubeAdblocker\EZtrWG4VT.x64.dll
• %WinDir%\Tasks\SN.Booster-S-403225106.job