PUA

Should I remove “PUA.IGENERICPMF.S3075718”?

Malware Removal

The PUA.IGENERICPMF.S3075718 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What PUA.IGENERICPMF.S3075718 virus can do?

  • Possible date expiration check, exits too soon after checking local time
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine PUA.IGENERICPMF.S3075718?


File Info:

name: E4FE8C9E91B65FF21E97.mlw
path: /opt/CAPEv2/storage/binaries/db66043d951384967de05c9cd577d0489726bd5e6f71ac428fb5262fa2b196db
crc32: 2ADDEAB4
md5: e4fe8c9e91b65ff21e972293de15fc09
sha1: 16670e7e2b6f09eb560c833f62657338f18de3b5
sha256: db66043d951384967de05c9cd577d0489726bd5e6f71ac428fb5262fa2b196db
sha512: 3b69bdc41b4b1e91e81539773e61e457c84679287aad655b5fa042da7cc4d9c6fcb82be89e82d2d43ccf450b4d88ba3a4506207f4c6ede32b0528004e42c7efb
ssdeep: 3072:fNa5ussxJ/4Bx1Ejwai+idCrXT0lwTbS9Ngllss:fNWusqJ/Ji+a6Td3SHGss
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C6E30142B5D3AFB7C9AD02710CCAC587067DD91A43F416831B88B96F6E613E2963F643
sha3_384: 0ebffea6ce4250bab4375024f2a662dfc15addf19958527b23ffc8f7a6fb3d6d78f6236bb9f360a558744bb2bbbe73fb
ep_bytes: 6a6068b8c14100e8c9040000bf940000
timestamp: 2015-07-20 01:39:50

Version Info:

0: [No Data]

PUA.IGENERICPMF.S3075718 also known as:

BkavW32.AIDetect.malware2
LionicRiskware.Win32.Generic.1!c
Elasticmalicious (high confidence)
MicroWorld-eScanAdware.DealPly.3.Gen
FireEyeGeneric.mg.e4fe8c9e91b65ff2
CAT-QuickHealPUA.IGENERICPMF.S3075718
McAfeePUP-XFP-PE
CylanceUnsafe
ZillyaAdware.DealPly.Win32.128485
SangforTrojan.Win32.Save.a
K7AntiVirusAdware ( 00531baf1 )
AlibabaAdWare:Win32/DealPly.732ac373
K7GWAdware ( 00531baf1 )
Cybereasonmalicious.e91b65
BitDefenderThetaGen:NN.ZexaF.34212.iqW@aa4KPgk
CyrenW32/S-a534a398!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/DealPly.SM potentially unwanted
Paloaltogeneric.ml
ClamAVWin.Dropper.Emotet-9790711-0
Kasperskynot-a-virus:HEUR:AdWare.Win32.Generic
BitDefenderAdware.DealPly.3.Gen
NANO-AntivirusRiskware.Win32.DealPly.fcrtkb
SUPERAntiSpywarePUP.DealPly/Variant
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.116d71c6
Ad-AwareAdware.DealPly.3.Gen
EmsisoftAdware.DealPly.3.Gen (B)
ComodoApplication.Win32.DealPly.BS@7r9yms
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
SophosDealPly Updater (PUA)
SentinelOneStatic AI – Malicious PE
GDataAdware.DealPly.3.Gen
WebrootW32.Adware.Gen
AviraADWARE/DealPly.Gen8
MAXmalware (ai score=96)
Antiy-AVLTrojan/Generic.ASMalwS.262C9D8
MicrosoftTrojan:Win32/Occamy.CDB
CynetMalicious (score: 100)
AhnLab-V3PUP/Win32.Dealply.C1442011
Acronissuspicious
VBA32Adware.DealPly
ALYacAdware.DealPly.3.Gen
APEXMalicious
RisingPUF.DealPly!1.B1ED (CLOUD)
YandexPUA.DealPly!+B3YX+Rrgro
IkarusPUA.DealPly
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/DealPly
AVGWin32:Malware-gen
PandaTrj/Genetic.gen
CrowdStrikewin/grayware_confidence_100% (D)

How to remove PUA.IGENERICPMF.S3075718?

PUA.IGENERICPMF.S3075718 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment