PUA

Generic PUA LF (PUA) removal guide

Malware Removal

The Generic PUA LF (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic PUA LF (PUA) virus can do?

  • Presents an Authenticode digital signature
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs

How to determine Generic PUA LF (PUA)?



File Info:

crc32: 24882B43
md5: acf92252e15bbff8ec02242cf8029f90
name: share_01.exe
sha1: b5d533da4b321b2d3f4b429bbc33d99d2d679076
sha256: a367e7a03ba66d8eeeb4c6e31fdb33caf96d06adaca888caa514b3e46984c56d
sha512: a908abe9f8a46d0cb82d2b93689cf7cfcec9aa94256ef347f7e3e01b170da0fec416de5f82257fe027170e37d5418ca035805443d7a7bd965860fa63a642f59b
ssdeep: 12288:RYR4Rd2pr7jgXerv4LFdOX5Y7lamg7FEYeFw0ajQbYeD:PdaAXEwO8Vg7FEYuw0uQbYeD
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: Copyright (C) 2019  x8da3x538bx538bx7f29  .Inc
InternalName: 
FileVersion: 2019.5.12.20
CompanyName: x4e0ax6d77x66f2x5408x7f51x7edcx79d1x6280x6709x9650x516cx53f8
ProductName: x70edx70b9x65b0x95fb
ProductVersion: 2019.5.12.20
FileDescription: x70edx70b9x65b0x95fb
OriginalFilename: 
Translation: 0x0804 0x04b0

Generic PUA LF (PUA) also known as:

MicroWorld-eScanGen:Variant.Razy.568458
FireEyeGen:Variant.Razy.568458
ALYacGen:Variant.Razy.568458
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusTrojan-Downloader ( 00554ed11 )
BitDefenderGen:Variant.Razy.568458
K7GWTrojan-Downloader ( 00554ed11 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDownloader.Adload.NUQ
TrendMicro-HouseCallTROJ_GEN.R011H0CLD19
AvastWin32:TrojanX-gen [Trj]
GDataGen:Variant.Razy.568458
Kasperskynot-a-virus:HEUR:AdWare.Win32.ComponentBased.gen
AlibabaTrojanDownloader:Win32/Adload.9a874712
TencentMalware.Win32.Gencirc.10b62ad2
Ad-AwareGen:Variant.Razy.568458
EmsisoftGen:Variant.Razy.568458 (B)
ComodoApplicUnwnt@#1xr6oq98lpsrw
F-SecureTrojan.TR/Dldr.Adload.gafgl
ZillyaDownloader.Adload.Win32.91471
McAfee-GW-EditionArtemis!PUP
SophosGeneric PUA LF (PUA)
APEXMalicious
CyrenW32/Trojan.FXFL-7605
JiangminAdWare.ComponentBased.w
AviraTR/Dldr.Adload.gafgl
Endgamemalicious (moderate confidence)
ArcabitTrojan.Razy.D8AC8A
AhnLab-V3PUP/Win32.AdLoad.C3637472
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.ComponentBased.gen
MicrosoftPUA:Win32/CoinMiner
McAfeeArtemis!ACF92252E15B
MAXmalware (ai score=80)
VBA32BScope.Adware.ComponentBased
PandaTrj/Genetic.gen
RisingDownloader.Adload!8.D1 (TFE:dGZlOgXeq5ReghelVA)
YandexPUA.ComponentBased!
IkarusTrojan-Downloader.Win32.Adload
eGambitUnsafe.AI_Score_99%
FortinetW32/Adload.NUJ!tr.dldr
AVGWin32:TrojanX-gen [Trj]
MaxSecureTrojan.Malware.74556655.susgen

How to remove Generic PUA LF (PUA)?

Generic PUA LF (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment