Wednesday, September 23, 2009

Security Fighter

SecurityFighter is the new rogue of the Winisoft family (Save Armor, Save Defender, Trust Warrior, SoftSafeness, SafetyKeeper, SaveKeeper, Quick Heal Cleaner, System Cop, BlockDefense, SaveDefense, Trust Ninja, SaveSoldier, SaveKeep, Winishield, WiniFighter, WiniBlueSoft)

The rogue creates files on the system so it can detect them as infected items.

A new componant came with TrustWarrior, it's going on with SecurityFighter. A RootKit patches files in memory: dump_atapi.sys and dump_WMILIB.SYS.

BleepingComputer Security Fighter removal guide.