PUA Risk

PUA.RiskwarePMF.S15977943 removal guide

Malware Removal

The PUA.RiskwarePMF.S15977943 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What PUA.RiskwarePMF.S15977943 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Presents an Authenticode digital signature
  • Authenticode signature is invalid

How to determine PUA.RiskwarePMF.S15977943?


File Info:

name: 0BA103745BA9E8503681.mlw
path: /opt/CAPEv2/storage/binaries/3f2c8337ee28e2a6b40756fd7424512338f820b9e5a462c3dc6d9874ca73b6d3
crc32: 416CA342
md5: 0ba103745ba9e85036813d7ad25cc225
sha1: 6a2362fb038f7bbf6b38d5d320f479be833b024c
sha256: 3f2c8337ee28e2a6b40756fd7424512338f820b9e5a462c3dc6d9874ca73b6d3
sha512: 22d17fa67474cac6f8b648bf3252d0b53be041937dad7747bd20af70ac03731ab190f499bdbd8549a1db11d66bba1951e5657696cbea7e4b112ae03a22ddaa64
ssdeep: 3072:9MLqGG/+DYxjzpRsQlANcQDo65ePy9vvRoqx8Hq/5Foez3cE0R5:OqGgjzppps57vWqN/Hw5
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T141B39D5075D1D832E976193514B4DAB28E7DFA300F609EEB2394067B4F603D28629EBF
sha3_384: 27fee05acd347ac83109122f2326867a39c000dffc56fe6f34b926d6c91d13de9705e601144729667f9e6756f5b0a0d0
ep_bytes: e810040000e974feffff558bec6a00ff
timestamp: 2021-05-02 17:42:02

Version Info:

0: [No Data]

PUA.RiskwarePMF.S15977943 also known as:

CAT-QuickHealPUA.RiskwarePMF.S15977943
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
K7AntiVirusUnwanted-Program ( 0057e0111 )
K7GWUnwanted-Program ( 0057e0111 )
SymantecTrojan.Gen.2
ESET-NOD32Win32/GameHack.FAS potentially unsafe
McAfee-GW-EditionGenericRXNT-SW!0BA103745BA9
SophosGeneric PUA GK (PUA)
IkarusTrojan.Injector
GDataWin32.Trojan.Agent.T4AEQV
Antiy-AVLTrojan/Generic.ASMalwS.3022496
MicrosoftTrojan:Win32/Wacatac.B!ml
McAfeeGenericRXNT-SW!0BA103745BA9
MalwarebytesRiskWare.GameHack
YandexTrojan.Injector!P9ANrQ/QsCU
FortinetRiskware/GameHack
Cybereasonmalicious.45ba9e

How to remove PUA.RiskwarePMF.S15977943?

PUA.RiskwarePMF.S15977943 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment