PUA

How to remove “Falco Bundleware (PUA)”?

Malware Removal

The Falco Bundleware (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Falco Bundleware (PUA) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Falco Bundleware (PUA)?



File Info:

name: 01121D407CCE6BCC804D.mlw
path: /opt/CAPEv2/storage/binaries/c72c23392e12a868ef88cea2ff774e8d2a222933da9dcadba9d53d2869f9167b
crc32: DDBF57BE
md5: 01121d407cce6bcc804d09b3c9a50573
sha1: e52c8f10cdd4c9b98b52acd163928b27169e3320
sha256: c72c23392e12a868ef88cea2ff774e8d2a222933da9dcadba9d53d2869f9167b
sha512: 6021f422843490023a666b088143777e42c161ea5866904956ecdc126db74d6c94a3045ffb063c5700ac7dc9f0a83a48f8286f5e1e0d594aa3364b60f42fb28a
ssdeep: 98304:Q1QTxpxHACHf1CJZQ3JRIB7VOSl6sEkZyFM:k4pxHftAZQ3vIBfREkZR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T164061227B298B43EC49A27310673A15054FBA6ADF817BE1676F4C48CCF765C00E3A676
sha3_384: 071ea5b23870f25e83b228e72dfff69b044a65569874bcd302842f93046d09deaa51a5e4dd1439e7c4f651f8b4fb61b6
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2019-10-12 11:15:57


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: FalcoWare, Inc.                                             
FileDescription: Extreme Billiard Setup                                      
FileVersion:                     
LegalCopyright:                                                                                                     
OriginalFileName:                                                   
ProductName: Extreme Billiard                                            
ProductVersion:                                                   
Translation: 0x0000 0x04b0

Falco Bundleware (PUA) also known as:

BkavW32.AIDetectMalware
LionicAdware.Win32.Falco.2!c
SkyhighBehavesLike.Win32.BadFile.wc
Cylanceunsafe
SangforPUP.Win32.Agent.V3rp
CrowdStrikewin/grayware_confidence_100% (W)
K7GWRiskware ( 00584baa1 )
K7AntiVirusRiskware ( 00584baa1 )
CynetMalicious (score: 100)
SophosFalco Bundleware (PUA)
SentinelOneStatic AI – Suspicious PE
VaristW32/FalcoBundler.B.gen!Eldorado
Antiy-AVLGrayWare[AdWare]/Win32.Falco.a
MicrosoftPUA:Win32/Presenoker
GDataWin32.Application.Falco.A
GoogleDetected
McAfeeArtemis!01121D407CCE
DeepInstinctMALICIOUS
MalwarebytesAdware.RelevantKnowledge
IkarusPUA.Falco
MaxSecureTrojan.Malware.121218.susgen
FortinetRiskware/Application
AVGWin32:VSok-A [PUP]
AvastWin32:VSok-A [PUP]

How to remove Falco Bundleware (PUA)?

Falco Bundleware (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment