PUA

Generic PUA GA (PUA) removal

Malware Removal

The Generic PUA GA (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic PUA GA (PUA) virus can do?

  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Uses Windows utilities for basic functionality
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Generic PUA GA (PUA)?



File Info:

crc32: 15533EEE
md5: ad983c8c3be8106c7bb5fbdd2fa24442
name: 37xs.exe
sha1: dba78a6f032c97b18f67ed119a0e0b9b4812594c
sha256: 0626329d67f012ab2974c4a21a1676da7e3d2fd18177284b5ba31b644954188b
sha512: 055e97fb7b9c4b91d8420b98a11354dd28bab63bb38f88082ca811790e2eb9726abeefe9268922e8935140923e61255191b6f018dcc196b0b0f453145621992a
ssdeep: 24576:9qTvckEWlQ/M5E/aSMtG9oQUpZ6nD1qy0wj535eOCCtAWaJK:cFEASNyxtG9REZ6Dk3A535FCCtJ
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: x4e0ax6d77x4e09x4e03x73a9x7f51x7edcx79d1x6280x6709x9650x516cx53f8
ProductName: 37x5929x5c06x96c4x5e08
FileDescription: 37x5929x5c06x96c4x5e08 install
FileVersion: 3.1.0.0
CompanyName: x4e0ax6d77x4e09x4e03x73a9x7f51x7edcx79d1x6280x6709x9650x516cx53f8
Translation: 0x0804 0x03a8

Generic PUA GA (PUA) also known as:

CAT-QuickHealApplication.Agent.ZZ5
McAfeeArtemis!AD983C8C3BE8
CylanceUnsafe
K7AntiVirusAdware ( 004c68cf1 )
K7GWAdware ( 004c68cf1 )
APEXMalicious
RisingPUA.Youxun!8.F60F (CLOUD)
Endgamemalicious (high confidence)
SophosGeneric PUA GA (PUA)
ComodoTrojWare.Win32.Injector.BMPM@5gewdr
Invinceaheuristic
IkarusPUA.Wews87
AviraADWARE/Wews87.qpzoc
MicrosoftPUA:Win32/Youxun
VBA32BScope.Adware.FileFinder
ESET-NOD32a variant of Win32/Wews87.A potentially unwanted
eGambitUnsafe.AI_Score_100%

How to remove Generic PUA GA (PUA)?

Generic PUA GA (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment