Home Malware Programs Rogue Anti-Spyware Programs SafetyBoan

SafetyBoan

Posted: November 18, 2010

SafetyBoan (Safety Boan) is a rogue anti-spyware program which uses malicious tactics to steal money from unwary computer users. Safety Boan claims to have scanned your system and produces a list of parasites which have allegedly infected the computer. Fake warning messages will soon pop-up to urge users to purchase SafetyBoan to remove these so-called threats. Do not fall for this trickery and have Safety Boan removed immediatley.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 C:\Documents and Settings\{username}\Desktop\safetyboansetup.exe
    2 C:\Documents and Settings\{username}\Local Settings\Temporary Internet Files\Content.IE5\18GY3K5D\safetyboandm[1].exe
    3 C:\Documents and Settings\{username}\Local Settings\Temporary Internet Files\Content.IE5\18GY3K5D\safetyboanU[1].exe
    4 C:\Documents and Settings\{username}\Local Settings\Temporary Internet Files\Content.IE5\ISF6HJK1\safetyboanBK[1].exe
    5 C:\Documents and Settings\{username}\Local Settings\Temporary Internet Files\Content.IE5\OAPPQD53\uninst_safetyboan[1].exe
    6 C:\Documents and Settings\{username}\Local Settings\Temporary Internet Files\Content.IE5\VAD23EEL\safetyboan[1].exe
    7 C:\Program Files\safetyboan
    8 C:\Program Files\safetyboan\bottomAd.swf
    9 C:\Program Files\safetyboan\mdata.dat
    10 C:\Program Files\safetyboan\safetyboan.exe
    11 C:\Program Files\safetyboan\safetyboanBK.exe
    12 C:\Program Files\safetyboan\safetyboandm.exe
    13 C:\Program Files\safetyboan\safetyboanU.exe
    14 C:\Program Files\safetyboan\trackingsitedata
    15 C:\Program Files\safetyboan\ubdata
    16 C:\WINDOWS\system32\uninst_safetyboan.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\safetyboan_safetyboanHKEY_LOCAL_MACHINE\SOFTWARE\safetyboanHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}safetyboan
Loading...