Thursday, September 17, 2009


Trust Warrior is the new rogue of the Winisoft family (SoftSafeness, SafetyKeeper, SaveKeeper, Quick Heal Cleaner, System Cop, BlockDefense, SaveDefense, Trust Ninja, SaveSoldier, SaveKeep, Winishield, WiniFighter, WiniBlueSoft)

The rogue creates files on the system so it can detects infected items.

The Trojan-Downloader used to download 2 files: the rogue installer and a trojan fake alert. This new version also comes with a RootKit (it uses the same tricks as Alureon/TDSS: patch files in memory: dump_atapi.sys and dump_WMILIB.SYS).

BleepingComputer Trust Warrior removal guide.