PUA

Generic PUA PC (PUA) removal guide

Malware Removal

The Generic PUA PC (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic PUA PC (PUA) virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it

Related domains:

z.whorecord.xyz
a.tomx.xyz
reqbus.ru
ssl.google-analytics.com

How to determine Generic PUA PC (PUA)?



File Info:

crc32: A684766E
md5: bfcd45d6539c965f7502ba9805af65a3
name: processhacker-setup.exe
sha1: f21be5ca9139dfee2179e72f3d7b3ef03ad62704
sha256: 5fb3a435700784da1a4789468cc4aadb6752ec63a73434509075d556e4a939ce
sha512: da4b9603a5adb08df4efc79699b0576873ba388c6bc41c839787b080a6258ddd27a2b44a5b9cef48eadffb4487d695c1c0dad713130e4ca267bd96e8e79bb2ce
ssdeep: 196608:4/ULRjVZdLSEvJBWqWmXuZV5otHEdfHo8B3Am62jL:GIjtSExBxTXc+aVAm6Y
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion:                     
CompanyName:                                                             
Comments: This installation was built with Inno Setup.
ProductName: Process Hacker 2.39                                         
ProductVersion:                                                   
FileDescription: Process Hacker 2.39 Setup (r18)                             
Translation: 0x0000 0x04b0

Generic PUA PC (PUA) also known as:

BkavW32.AIDetectVM.malware
McAfeeArtemis!BFCD45D6539C
CylanceUnsafe
SymantecML.Attribute.HighConfidence
Kasperskynot-a-virus:HEUR:RiskTool.Win32.ProcHack.gen
AlibabaRiskWare:Win32/ProcHack.8eaeec77
Paloaltogeneric.ml
DrWebTool.ProcessHacker.3
McAfee-GW-EditionBehavesLike.Win32.Dropper.rc
SophosGeneric PUA PC (PUA)
CyrenW32/Trojan.QASS-1967
Endgamemalicious (high confidence)
AegisLabRiskware.Win32.ProcHack.1!c
ZoneAlarmnot-a-virus:HEUR:RiskTool.Win32.ProcHack.gen
MicrosoftTrojan:Win32/Wacatac.C!ml
YandexRiskware.ProcessHacker!
IkarusTrojan-Downloader.Banload
FortinetRiskware/ProcHack
Qihoo-360Win32/Virus.RiskTool.f72

How to remove Generic PUA PC (PUA)?

Generic PUA PC (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment