How to remove "Downloader.Win32.Falco"?

The Downloader.Win32.Falco is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Downloader.Win32.Falco virus can do?

Executable code extraction
Creates RWX memory
Possible date expiration check, exits too soon after checking local time
Reads data out of its own binary image
Drops a binary and executes it
Performs some HTTP requests

Related domains:

z.whorecord.xyz

a.tomx.xyz

downloader.yandex.net

cache-man01i.cdn.yandex.net

How to determine Downloader.Win32.Falco?


File Info:
crc32: 5964A1E7
md5: 4f24e3358fd3a926c3596b56b36c3fa6
name: 4F24E3358FD3A926C3596B56B36C3FA6.mlw
sha1: 4e164cd5932cb5e30f56b940a28bab3fee1068c5
sha256: 573a7197fb902fe8ac9a1281d19ecdb5945e97839b5101f1db0f0bcca94c4269
sha512: 372c58873bae6585421ee6f66f672f19ed5e68a849d6af31746266c484fa50813cae35e1ecf03789ade65e07847f8d59a31922ca2359d37f8501482f0e5b1071
ssdeep: 98304:hEA5nVn7xxM0ynGHeKMsd7hVIeFkF1wangDca8khJH+:H5Vn7xxM0yBKb+eQ1waGt8KY
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright:                                                                                                     
FileVersion:                     
CompanyName: FalcoWare, Inc.                                             
Comments: This installation was built with Inno Setup.
ProductName: Falco Clix                                                  
ProductVersion:                                                   
FileDescription: Falco Clix Setup                                            
OriginalFileName:                                                   
Translation: 0x0000 0x04b0

Downloader.Win32.Falco also known as:

K7AntiVirus	Adware ( 0057021e1 )
Lionic	Riskware.Win32.Falco.1!c
Elastic	malicious (high confidence)
DrWeb	Adware.Downware.19763
Cynet	Malicious (score: 100)
Cylance	Unsafe
K7GW	Adware ( 0057021e1 )
Cyren	W32/FalcoBundler.B2.gen!Eldorado
Symantec	PUA.Gen.2
ESET-NOD32	a variant of Win32/Yandex.K potentially unwanted
APEX	Malicious
Avast	Win32:VSok-A [PUP]
ClamAV	Win.Keylogger.Vsok-9851239-0
Kaspersky	not-a-virus:HEUR:Downloader.Win32.Falco.gen
NANO-Antivirus	Riskware.Win32.Falcoware.hilxaz
Sophos	Generic PUA EO (PUA)
McAfee-GW-Edition	BehavesLike.Win32.BadFile.wc
SentinelOne	Static AI – Malicious PE
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Win32.Application.Falco.A
McAfee	Artemis!4F24E3358FD3
VBA32	Adware.Downware
Malwarebytes	Adware.RelevantKnowledge
TrendMicro-HouseCall	TROJ_GEN.R002H0CEH21
Yandex	Riskware.Agent!Qr60KA+b9+M
Fortinet	Riskware/VSok
AVG	Win32:VSok-A [PUP]

How to remove Downloader.Win32.Falco?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

How to remove “Downloader.Win32.Falco”?