PUA

PUA.Nextintera.Gen removal tips

Malware Removal

The PUA.Nextintera.Gen is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUA.Nextintera.Gen virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the embedded win api malware family
  • Attempts to modify proxy settings
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine PUA.Nextintera.Gen?



File Info:

name: 8DC2822FCCD0BB97C9A7.mlw
path: /opt/CAPEv2/storage/binaries/b9608c814e7fa2faa5dccf92519b97df8eb09d14cd7c30cd33e1c1660202eab0
crc32: 53F51BDA
md5: 8dc2822fccd0bb97c9a76bfbfae48310
sha1: 35612536f3c4f6714d372b5fa3e102929721817b
sha256: b9608c814e7fa2faa5dccf92519b97df8eb09d14cd7c30cd33e1c1660202eab0
sha512: 92a9a656354ef3f0192145135063bf264e1e8cbe43039d34b956a84a1b9cb33febe43c382919080d0bf14002d3538be7136b7a963cf1e13fb4c0814aec4ddb59
ssdeep: 12288:yQFagZP7xohG/0QWUoNOkcRsLj1+E9iYmU7sk9KtUYqn:yQFNBtRtsLj159ipUaUFn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T173C423A2EF540C74ECD38E351D99D298CA7B3B156DB0600872CD6A6D0F6B6C3642D36B
sha3_384: 607483242c7e50301b056f3ddb7e568aaff0522c8f8c651f34d8cd62e0b3f5de708aa0ce556ef9d244a1c1b738ac7b7a
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription:                                                             
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName:                                                             
ProductVersion:                     
Translation: 0x0000 0x04b0

PUA.Nextintera.Gen also known as:

BkavW32.AIDetectMalware
LionicAdware.Win32.DealPly.2!c
tehtrisGeneric.Malware
ClamAVWin.Malware.Installcore-6828934-0
CAT-QuickHealPUA.Nextintera.Gen
SkyhighArtemis!PUP
McAfeeArtemis!8DC2822FCCD0
Cylanceunsafe
ZillyaTrojan.InstallCoreCRTD.Win32.1067
SangforSuspicious.Win32.Save.ins
K7AntiVirusAdware ( 005104571 )
AlibabaAdWare:Win32/InstallCore.596867c4
K7GWAdware ( 005104571 )
CrowdStrikewin/grayware_confidence_100% (W)
VirITTrojan.Win32.Packed.BLJU
SymantecSMG.Heur!gen
Elasticmalicious (high confidence)
ESET-NOD32Win32/InstallCore.Gen.D potentially unwanted
APEXMalicious
CynetMalicious (score: 100)
Kasperskynot-a-virus:HEUR:AdWare.Win32.DealPly.gen
NANO-AntivirusVirus.Win32.Gen.ccmw
SUPERAntiSpywarePUP.InstallCore/Variant
AvastFileRepPup [Bundl]
EmsisoftApplication.InstallCore (A)
F-SecurePotentialRisk.PUA/InstallCore.Gen7
DrWebTrojan.Packed.25266
Trapminemalicious.high.ml.score
SophosInstall Core Click run software (PUA)
IkarusPUA.Optional.Downloader
GoogleDetected
AviraPUA/InstallCore.Gen7
Antiy-AVLTrojan/Win32.TSGeneric
XcitiumApplication.Win32.InstallCore.KKS@5qovo4
MicrosoftPUADlManager:Win32/InstallCore
ViRobotAdware.Installcore.595904.DR
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.DealPly.gen
GDataWin32.Application.InstallCore.CZ
VaristW32/A-dbe1ec51!Eldorado
VBA32Downware.InstallCore
MalwarebytesPUP.Optional.InstallCore.DDS
RisingTrojan.Generic@AI.100 (RDML:7SPzbtTR2hvv/b/jUl8ptw)
YandexPUA.InstallCore!jPlc4QpQYIQ
SentinelOneStatic AI – Malicious PE
MaxSecurenot.a.virus.AdWare.DealPly.gen
AVGFileRepPup [Bundl]
DeepInstinctMALICIOUS

How to remove PUA.Nextintera.Gen?

PUA.Nextintera.Gen removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment