PUA

Generic PUA JB (PUA) removal instruction

Malware Removal

The Generic PUA JB (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic PUA JB (PUA) virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Attempts to modify proxy settings

Related domains:

post.securestudies.com

How to determine Generic PUA JB (PUA)?



File Info:

crc32: 5C0BD929
md5: 95d2dcf333022d3f46a2716963b60e54
name: pcboost.exe
sha1: 917d6c0b04a207b359b146c4a9629c0b34a9695c
sha256: 9bc948875711ec14d84a5853c4c00e5366e9c24f0ba6f4a09742f58000d9e07e
sha512: 9e789893175da86a8e83ebe26cd4d6188d946583b9d55c03f7ad33710b209e915b41dbc4ab58f65f9735533f42bfde514680dbd5e5dfd3bf963e31bde094cf61
ssdeep: 196608:lHT/QtEyd2k9uOaDPQ5WefEpqhm3EVQsr0eWA2FG:1I3d2k9uFDPEWeFmUmWzJ
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 2002-2020 PGWARE LLC                                                                    
FileVersion: 1.0.0.1             
CompanyName: PGWARE LLC                                                  
Comments: This installation was built with Inno Setup.
ProductName: PCBoost                                                     
ProductVersion: 1.0.0.1                                           
FileDescription: PCBoost Setup                                               
OriginalFileName:                                                   
Translation: 0x0000 0x04b0

Generic PUA JB (PUA) also known as:

CyrenW32/Application.RHWE-6457
APEXMalicious
AvastWin32:Malware-gen
GDataWin32.Application.Agent.MUYJ10
AegisLabTrojan.Win32.Generic.4!c
SophosGeneric PUA JB (PUA)
McAfee-GW-EditionBehavesLike.Win32.BadFile.wc
IkarusPUA.BundleLoader
MicrosoftProgram:Win32/Uwasson.A!ml
MalwarebytesPUP.Optional.BundleInstaller
ESET-NOD32a variant of Win32/BundleLoader.J potentially unwanted
FortinetRiskware/BundleLoader
AVGWin32:Malware-gen

How to remove Generic PUA JB (PUA)?

Generic PUA JB (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment