SaveArmor

Save Armor is the new rogue of the Winisoft family (Save Defender, Trust Warrior, SoftSafeness, SafetyKeeper, SaveKeeper, Quick Heal Cleaner, System Cop, BlockDefense, SaveDefense, Trust Ninja, SaveSoldier, SaveKeep, Winishield, WiniFighter, WiniBlueSoft)



The rogue creates files on the system so it can detects infected items.

A new componant came with TrustWarrior, it's going on with SaveArmor. Downloaded by the Trojan-Downloader, a RootKit is dropped with a Fake Alert Trojan and the Rogue (it patches files in memory: dump_atapi.sys and dump_WMILIB.SYS).

BleepingComputer Save Armor removal guide.