« Email-Worm.Win32.Iksmas.frg
Mal/EncPk-DW »

SystemWarrior

No Comments
ZulaZuza By ZulaZuza in Rogue Anti-Spyware Program | 0 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

SystemWarrior Description

 
 
Image Screenshot

[+] Click Image to Enlarge
 
 

System Warrior is a fake security application. System Warrior comes from the group of attackers that created other rogue anti-spyware programs in the family of WiniGuard, System Cop and others.

System Warrior uses various methods to make unsuspecting computer users believe that they need to purchase the full System Warrior program to remove a threat. These threats are usually brought to a user’s attention through fake popup warning messages and bogus system scan results. System Warrior is not able to effectively detect or remove computer parasites.

Type: Rogue AntiSpyware Programs

Automatic Detection of SystemWarrior

 
 

Download SpyHunter’s Detection Scanner
to Detect SystemWarrior.

 
 

SystemWarrior Technical Report

As new SystemWarrior details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following SystemWarrior files with its MD5s were created in the system:

File Name File Size MD5
setup[1].exe 868864 d85b9a73f98e911463e00bfd008a9af3
SystemWarrior.exe 742400 b3a26a69d2d066e195b90fbc10f87a49

SystemWarrior has typically the following processes in memory:

  • SystemWarrior.exe

SystemWarrior created the following directories, files, paths:

  • %ProgramFiles%\SystemWarrior Software\SystemWarrior

SystemWarrior creates the following registry entries:

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “zsx1.tmp.exe”
  • SystemWarrior
  • HKEY_LOCAL_MACHINE\SOFTWARE\SystemWarrior
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “SystemWarrior”
  • HKEY_CURRENT_USER\Software\SystemWarrior
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemWarrior

Important Article Disclaimer

article disclaimer
ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 11/11/09 and is filed under Rogue Anti-Spyware Program. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs


Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2009. Enigma Software Group USA, LLC. All Rights Reserved.