Should I remove "Generic PUA MA (PUA)"?

The Generic PUA MA (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Generic PUA MA (PUA) virus can do?

Presents an Authenticode digital signature
A process created a hidden window
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Network activity detected but not expressed in API logs
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Generic PUA MA (PUA)?


File Info:
crc32: ACB93EAF
md5: 187b2c04d0929c3542465f9f2ba350fe
name: tnews-5.exe
sha1: c0b2ee5040c4264c58c7cd265abb86005e754577
sha256: 488a85d26662ac24404457eefad2ff4d376c7456abb6685c80b0604190f78dea
sha512: 95df351ed59999e418f2e36c94c1e204a20c296031b95663f2dc927407b5b63697967d1973dd1cf5a1aa4634bb890c1a887e958b8348c0c3ff301612fb33cdc8
ssdeep: 24576:hedCd3+G9lyKPFmsw4Esyqjx4zCWCNY6J66zkh/mAOiSm61Nfk:hOtGHyYsC4WxpYDh/mAQm6Lfk
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright 2010-2018
ProductVersion: 2018.12.14.5
FileVersion: 2018.12.14.5
FileDescription: x5bd2x6885x7279x60e0
Translation: 0x0804 0x04b0

Generic PUA MA (PUA) also known as:

Bkav	W32.HfsAdware.C51A
MicroWorld-eScan	Gen:Variant.Application.Strictor.178792
CAT-QuickHeal	Trojan.GenericPMF.S4676898
McAfee	GenericRXGV-OM!187B2C04D092
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Adware.Win32.KuaiZip.2!c
Sangfor	Malware
K7AntiVirus	Trojan ( 00549c081 )
BitDefender	Gen:Variant.Application.Strictor.178792
K7GW	Adware ( 004f1e691 )
CrowdStrike	win/malicious_confidence_100% (D)
Invincea	heuristic
Cyren	W32/S-9a239792!Eldorado
Symantec	SMG.Heur!gen
ESET-NOD32	a variant of Win32/KuaiZip.B potentially unwanted
APEX	Malicious
Kaspersky	not-a-virus:HEUR:AdWare.Win32.KuziTui.gen
Alibaba	Backdoor:Win32/KZip.c430ccd5
NANO-Antivirus	Riskware.Win32.KuaiZip.fvrahs
SUPERAntiSpyware	PUP.KuaiZip/Variant
Ad-Aware	Gen:Variant.Application.Strictor.178792
Emsisoft	Gen:Variant.Application.Strictor.178792 (B)
Comodo	Application.Win32.KuaiZip.BG@81beht
F-Secure	PotentialRisk.PUA/KuaiZip.Gen
DrWeb	Program.Kuaizip.1
Zillya	Adware.KuaiZip.Win32.127
TrendMicro	TROJ_GEN.R002C0OCG20
McAfee-GW-Edition	GenericRXGV-OM!187B2C04D092
MaxSecure	Win.MxResIcn.Heur.Gen
FireEye	Generic.mg.187b2c04d0929c35
Sophos	Generic PUA MA (PUA)
F-Prot	W32/S-9a239792!Eldorado
Jiangmin	AdWare.KuaiZip.cs
Webroot	W32.Malware.gen
Avira	PUA/KuaiZip.Gen
Fortinet	Adware/KuaiZip
Antiy-AVL	GrayWare[AdWare]/Win32.KuaiZip
Endgame	malicious (high confidence)
Arcabit	Trojan.Application.Strictor.D2BA68
ZoneAlarm	not-a-virus:HEUR:AdWare.Win32.KuziTui.gen
Microsoft	PUA:Win32/KuaiZip
AhnLab-V3	PUP/Win32.KuaiZip.C2898971
MAX	malware (ai score=99)
VBA32	Adware.KuaiZip
Malwarebytes	Adware.Kuaiba
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_GEN.R002C0OCG20
Rising	PUF.KuaiZip!8.2F40 (C64:YzY0Ok3qJz/L905A)
Yandex	PUA.KuaiZip!
SentinelOne	DFI – Malicious PE
eGambit	Unsafe.AI_Score_70%
GData	Gen:Variant.Application.Strictor.178792
AVG	FileRepMalware
Cybereason	malicious.4d0929
Avast	FileRepMalware

How to remove Generic PUA MA (PUA)?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Should I remove “Generic PUA MA (PUA)”?