PUA

Generic PUA FD (PUA) malicious file

Malware Removal

The Generic PUA FD (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic PUA FD (PUA) virus can do?

  • Presents an Authenticode digital signature
  • Starts servers listening on 127.0.0.1:0
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX

Related domains:

a.carambis.com

How to determine Generic PUA FD (PUA)?



File Info:

crc32: 3900945F
md5: eddf243749ffeee65764b379255be290
name: InstallerCC__a765.exe
sha1: 53aa3d6c85ffabe331f72827affbb0ad15fe9e01
sha256: a1b49f91c4f78ab4e0cff2fce410540faeb7836a56bece794a2d75bca18ca929
sha512: 7f20ecfdf3777ac2e27154aa99975217f59b722aec286dce69d57959ee47e7d1ff67a1155c5fbfc71c518b7a822d93cba863127218a6e55de023afa756106111
ssdeep: 24576:G0CDJBiGsDNpcxhRl2MPZsbY8L7dILqTaszeX2zjhRCAOSL9:G1BkClvx1PLEaszeGz21c
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: xa9 2020 ROSTPAY LTD. All rights reserved.
InternalName: CarambisCleaner
FileVersion: 2.0.0.0
ProductName: CarambisCleaner
ProductVersion: 2.0.0.0
FileDescription: Carambis Cleaner Installer
Translation: 0x0409 0x04b0

Generic PUA FD (PUA) also known as:

DrWebProgram.Unwanted.4320
CylanceUnsafe
K7GWAdware ( 0055d22b1 )
K7AntiVirusAdware ( 0055d22b1 )
AvastWin32:Malware-gen
RisingPUA.Rostpay!8.10916 (TFE:dGZlOgXmFLjvDSlYPQ)
Invinceaheuristic
McAfee-GW-EditionArtemis
SophosGeneric PUA FD (PUA)
WebrootW32.Deceptor.Carambis
Antiy-AVLGrayWare/Win32.Rostpay
Endgamemalicious (moderate confidence)
MicrosoftPUA:Win32/Rostpay
McAfeeArtemis!EDDF243749FF
VBA32SigRiskware.ROSTPAYLTD
ESET-NOD32a variant of Win32/Rostpay.E potentially unwanted
eGambitUnsafe.AI_Score_88%
FortinetRiskware/Generic_PUA_FD
AVGWin32:Malware-gen

How to remove Generic PUA FD (PUA)?

Generic PUA FD (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment