Should I remove “Browse Fox (PUA)”?

The Browse Fox (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Browse Fox (PUA) virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Authenticode signature is invalid

How to determine Browse Fox (PUA)?


File Info:
name: 5B3D299ECB057699B0E5.mlw
path: /opt/CAPEv2/storage/binaries/64fe43a5526115e975440ff18bbbae3855c997c12f651fe221615f6090f21306
crc32: 8C4FF7C1
md5: 5b3d299ecb057699b0e5bda86f56bc41
sha1: d97702371ef99922e4626bd8d898090c37b6cc9d
sha256: 64fe43a5526115e975440ff18bbbae3855c997c12f651fe221615f6090f21306
sha512: 80cc00340adf0c8ac13341d88318fb9b80d4210cd0f6cb10560440a826c41a85972dabb29a78813b5cbf1636a237a488aec02822626c6c341a5800e45c9e0425
ssdeep: 24576:i2IVHthBzesa75Bu+YoUPYUXD1oJSi4DL08qHyOjvZR5iawtC:GVzkVBkz8jZR5k
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FF557D02A383C061D256017631A47A76A97830B91B1BE5D7E7476F503C6A3E2E7F8F87
sha3_384: b986b8a4fd6b849bb59c1ec3cd68e0ad6a191b1e8f2e81ec4ae2ee4f04835906644f67b3e27d7f05b2087f51bb7dcc80
ep_bytes: e85f1b0100e97ffeffff558bec568b75
timestamp: 2021-11-28 11:28:40

Version Info:
FileVersion: 1.0.8002.6197
ProductVersion: 1.0.8002.6197
Translation: 0x0409 0x04b0

Browse Fox (PUA) also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Adware.BrowseFox.321
FireEye	Generic.mg.5b3d299ecb057699
CAT-QuickHeal	PUA.MauvaiseRI.S5256147
ALYac	Gen:Variant.Adware.BrowseFox.321
Sangfor	Trojan.Win32.Save.a
Cybereason	malicious.ecb057
BitDefenderTheta	Gen:NN.ZexaF.34062.uv0@aut5njji
Cyren	W32/S-d4ca5e63!Eldorado
Symantec	PUA.Yontoo.C!gen4
ESET-NOD32	a variant of Win32/Adware.BrowseFox.CW
APEX	Malicious
Kaspersky	not-a-virus:HEUR:AdWare.Win32.Generic
BitDefender	Gen:Variant.Adware.BrowseFox.321
SUPERAntiSpyware	PUP.Yontoo/Variant
Avast	Win32:Adware-gen [Adw]
Tencent	Adware.Win32.Browsefox.d
Ad-Aware	Gen:Variant.Adware.BrowseFox.321
Emsisoft	Gen:Variant.Adware.BrowseFox.321 (B)
McAfee-GW-Edition	BehavesLike.Win32.BrowseFox.th
Sophos	Browse Fox (PUA)
SentinelOne	Static AI – Malicious PE
Jiangmin	AdWare.Generic.kbkd
MaxSecure	Trojan.Malware.300983.susgen
Avira	ADWARE/BrowseFox.Gen
Antiy-AVL	Trojan/Generic.ASMalwS.34E4D71
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Gen:Variant.Adware.BrowseFox.321
Cynet	Malicious (score: 100)
AhnLab-V3	PUP/Win32.BrowseFox.C2260289
Acronis	suspicious
McAfee	BrowseFox-FAU
MAX	malware (ai score=68)
VBA32	BScope.Adware.Foxiebro
Malwarebytes	Adware.Yontoo
Rising	Adware.BrowseFox!1.A470 (CLASSIC)
Yandex	Trojan.GenAsa!wYz7cuzoEow
Ikarus	BHO.Win32.Foxiebro
eGambit	Unsafe.AI_Score_100%
Fortinet	Adware/BrowseFox
AVG	Win32:Adware-gen [Adw]
Panda	Trj/Genetic.gen
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Browse Fox (PUA)?

Browse Fox (PUA) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X