Generic PUA NM (PUA) removal tips

Malware Removal

The Generic PUA NM (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What Generic PUA NM (PUA) virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Creates a hidden or system file
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Generic PUA NM (PUA)?


File Info:

crc32: 1D335E4A
md5: 346c0d5722c95ac1ab099227c70e2b9f
name: 2c.jpg
sha1: dc859baf9302230f7b9eedf8347ab258e0add5bf
sha256: cb229ca0114835dd255b1069e9995581217ac862347fa81f8c6bd230bb3edcc2
sha512: b4b9aa0ada60ff0e16ec40928827f1f9b13b4241e1902c638217dc62bed13794d06d838ce84b4062edcfe5a6c8dece2ce09debb3e7ad73fc1cd20565f34adac3
ssdeep: 24576:K0XoSFVAgm6Tmhjh5PIiZzIibVAnh163BJcb:K/CVs6mjh9bVyaxKb
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

FileOldVersion: 1.0.4.4
InternalName: gjdtth.exe
Copyright: Copyright (C) 2020, odfgbiv
Translation: 0x0841 0x04c4

Generic PUA NM (PUA) also known as:

MicroWorld-eScanTrojan.GenericKD.32713656
McAfeeArtemis!346C0D5722C9
VIPRETrojan.Win32.Generic!BT
AegisLabAdware.Win32.SoftPulse.m2pZ
K7AntiVirusTrojan ( 0055b0f71 )
K7GWTrojan ( 0055b0f71 )
CrowdStrikewin/malicious_confidence_100% (D)
ArcabitTrojan.Generic.D1F32BB8
TrendMicroTrojan.Win32.SMOKELOAD.SMD2.hp
CyrenW32/Trojan.NBHE-0176
ESET-NOD32a variant of Win32/Kryptik.GYIT
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-Ransom.Win32.Agent.avzi
BitDefenderTrojan.GenericKD.32713656
RisingTrojan.Kryptik!1.BE74 (CLASSIC)
Endgamemalicious (high confidence)
ComodoMalware@#3rlp9qyu0qu4z
DrWebTrojan.Encoder.858
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.346c0d5722c95ac1
SophosGeneric PUA NM (PUA)
IkarusTrojan-Downloader.Win32.SmokeLoader
F-ProtW32/Shade.AP
JiangminTrojanDownloader.Bandit.avd
FortinetW32/Kryptik.GYIT!tr
MicrosoftRansom:Win32/Troldesh.A
ZoneAlarmTrojan-Ransom.Win32.Agent.avzi
AhnLab-V3Trojan/Win32.MalPe.R299328
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.32250.av0@auwilQc
ALYacTrojan.Ransom.Shade
MAXmalware (ai score=83)
MalwarebytesTrojan.MalPack.GS.Generic
PandaTrj/GdSda.A
TrendMicro-HouseCallTrojan.Win32.SMOKELOAD.SMD2.hp
SentinelOneDFI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
GDataTrojan.GenericKD.32713656
Ad-AwareTrojan.GenericKD.32713656
AVGWin32:TrojanX-gen [Trj]
AvastWin32:TrojanX-gen [Trj]
Qihoo-360HEUR/QVM10.2.3799.Malware.Gen

How to remove Generic PUA NM (PUA)?

Generic PUA NM (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment