SystemArmor
SystemArmor is a fake anti-spyware program from the notorious family. SystemArmor may enter a computer disguised as a video codec download or a flash player update. On entering a system, SystemArmor will launch fake security notifications claiming that the system is infected with dangerous malware that can only be removed with the "licensed" version of SystemArmor. Do not fall for this scam; SystemArmor is unable to detect or remove malware.
SystemArmor has many clones in its family. These clones include
File System Details
SystemArmor may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | c:\WINDOWS\system32\ | |
| 2. | c:\Program Files\SystemArmor Software\SystemArmor\uninstall.exe | |
| 3. | c:\Program Files\SystemArmor Software\SystemArmor\SystemArmor.exe | |
| 4. | %Temp%\ | |
| 5. |
C:\Documents and Settings\ |
|
| 6. |
C:\Documents and Settings\ |
|
| 7. | c:\Program Files\SystemArmor Software\SystemArmor\ | |
| 8. |
C:\Documents and Settings\ |
|
| 9. | c:\Program Files\SystemArmor Software\ | |
| 10. |
C:\Documents and Settings\ |
|
| 11. |
C:\Documents and Settings\ |
Registry Details
SystemArmor may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\SystemArmor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemArmor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "SystemArmor"
HKEY_CURRENT_USER\Software\SystemArmor
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ".exe"
