Home / malwarePDF  

Adware.SpyFalcon.E


First posted on 21 November 2011.
Source: BitDefender

Aliases :

Adware.SpyFalcon.E is also known as AdwareDelete, AntiVirus, Gold, SpyFalcon, SpyLocked, VirusBlast, VirusHeal, VirusRanger.

Explanation :

SpyFalcon is a rogue anti-spyware program. It can warn about false infection in a windows popup. The program uses ineffective malware detection engine. The software has a lot of twins which uses the same database and have a similar design : AdwareDelete, AntiVirus Gold, MalwareWiped, SpyAxe, SpyFalcon, SpyLocked, Spyware Sheriff, SpywareStrike, TitanShield AntiSpyware, VirusBlast, VirusHeal, VirusRanger

Removal of eventually malware it detects is bound by the purchase of the product. The update procedure of the software doesn’t work.

The SpyFalcon installs
•the following files on disk:

%install-folder%lacklist.txt
%install-folder%SFPopupBlocker.dll
%install-folder%Uninstall.exe
%install-folder%SpyFalcon.exe
%install-folder%syg.db

•the following registry entries:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSpyFalcon
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSpyFalconDisplayIcon HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSpyFalconDisplayName
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSpyFalconDisplayVersionHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSpyFalconNSIS:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSpyFalconPublisher
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSpyFalconURLInfoAbout
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSpyFalconUninstallStringHKEY_LOCAL_MACHINESOFTWARESpyFalcon
HKEY_LOCAL_MACHINESOFTWARESpyFalconLanguage
HKEY_LOCAL_MACHINESOFTWARESpyFalcon
efid

It creates an autorun registry value so it runs on every startup “SpyFalcon” in:
HKCUSoftwareMicrosoftWindowsCurrentVersionRun

The rogue anti-spyware “family” has resembling interfaces and files :

Last update 21 November 2011

 

TOP

Malware :