Friday, September 18, 2009


Save Defender is the new rogue of the Winisoft family (Trust Warrior, SoftSafeness, SafetyKeeper, SaveKeeper, Quick Heal Cleaner, System Cop, BlockDefense, SaveDefense, Trust Ninja, SaveSoldier, SaveKeep, Winishield, WiniFighter, WiniBlueSoft)

The rogue creates files on the system so it can detects infected items.

A new componant came with TrustWarrior, it's going on with SaveDefender: the trojan-downloader downloads a RootKit (it patches files in memory: dump_atapi.sys and dump_WMILIB.SYS).

BleepingComputer Save Defender removal guide.