Categories: PUA

How to remove “PUA.AgentPMF.S24894518”?

The PUA.AgentPMF.S24894518 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What PUA.AgentPMF.S24894518 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Presents an Authenticode digital signature
Possible date expiration check, exits too soon after checking local time
At least one IP Address, Domain, or File Name was found in a crypto call
Reads data out of its own binary image
Unconventionial language used in binary resources: Russian
Anomalous binary characteristics

How to determine PUA.AgentPMF.S24894518?


File Info:
name: CF13223978ACCB5B36F0.mlwpath: /opt/CAPEv2/storage/binaries/512ad13e566c83b54fa5da95e97b82ccecdb85172c594188d6535de478debaeacrc32: 2F335B64md5: cf13223978accb5b36f05f15310adc7asha1: 52458277816533fe6195fcc51b3ffe03344998fasha256: 512ad13e566c83b54fa5da95e97b82ccecdb85172c594188d6535de478debaeasha512: 106abd1f8e33c3a12c88c359b0ddeb08c9abd49300ea2fc7f2c7a54fc277e54bb928df046655e2473648a0447c025af5eb4f70c92018ac96eb11b4e8ba13b67bssdeep: 3072:DrAVguiZxHF02SOacgAf+9mzB7y7YRguXt:DWgVZ1vGAfL1Xtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T131F38C0237C1C0B0EAE7023109B89B66597DFD714BB049D7B7984B4E6DB06D0AB36B67sha3_384: fb07a535ecb333afa53f2eca5f6cde7ab38095255d870c0fbead6a6fd8269230d3edb8e1879d6a17badc3decde893247ep_bytes: e8a6730000e97ffeffff558bec568b75timestamp: 2016-09-23 08:27:17
Version Info:
CompanyName: Mail.RuFileDescription: Mail.Ru LauncherFileVersion: 3.9.0.1InternalName: launcherLegalCopyright: Copyright 2015OriginalFilename: launcher.exeProductName: Mail.Ru LauncherProductVersion: 3.9.0.1Comments: Translation: 0x0409 0x04b0

PUA.AgentPMF.S24894518 also known as:

Elastic	malicious (high confidence)
DrWeb	Adware.Downware.17838
MicroWorld-eScan	Application.Agent.BOI
FireEye	Application.Agent.BOI
CAT-QuickHeal	PUA.AgentPMF.S24894518
McAfee	PUP-FYD
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Unwanted-Program ( 004fffcd1 )
K7GW	Riskware ( 00584baa1 )
Cybereason	malicious.978acc
Cyren	W32/S-e83a6442!Eldorado
Symantec	PUA.Gen.2
ESET-NOD32	a variant of Win32/MailRu.R potentially unwanted
ClamAV	Win.Malware.Mailru-6804211-0
Kaspersky	not-a-virus:HEUR:AdWare.Win32.Machaer.gen
BitDefender	Application.Agent.BOI
ViRobot	Trojan.Win32.Agent.158352
Avast	FileRepMetagen [PUP]
Tencent	Trojan.Win32.Reflo.ya
Ad-Aware	Application.Agent.BOI
Emsisoft	Application.AdMail (A)
Comodo	Application.Win32.MailRu.EC@6mwxfg
McAfee-GW-Edition	BehavesLike.Win32.Downloader.ch
Sophos	Mail.ru Downloader (PUA)
Ikarus	PUA.MailRu
GData	Win32.Application.MailRu.A
Jiangmin	AdWare.Machaer.bm
eGambit	Unsafe.AI_Score_99%
Antiy-AVL	Trojan/Generic.ASBOL.A8F1
Arcabit	Application.Agent.BOI
SUPERAntiSpyware	PUP.MailRU/Variant
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	PUP/Win.MailRu.X2108
VBA32	Adware.Downware
ALYac	Application.Agent.BOI
MAX	malware (ai score=74)
Malwarebytes	PUP.Optional.RussAd
Rising	PUF.MailRu!1.A9B5 (CLASSIC)
Yandex	Riskware.Agent!l+wV+lSL8Kg
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/MailRu.M!tr
AVG	FileRepMetagen [PUP]
CrowdStrike	win/malicious_confidence_100% (D)