Should I remove “PUA.RiskwareRI.S21459908”?

The PUA.RiskwareRI.S21459908 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What PUA.RiskwareRI.S21459908 virus can do?

Authenticode signature is invalid

How to determine PUA.RiskwareRI.S21459908?


File Info:
name: 018C72AE02DD396C7E69.mlw
path: /opt/CAPEv2/storage/binaries/d94ddc62228a43f075f67fdd912a0dd0583628711bafca6409b5661e764433b8
crc32: 66A887D0
md5: 018c72ae02dd396c7e69842a8eaa9dbc
sha1: 3583bcb2dcba3bfbbda1b9375ef3fd356bd99a91
sha256: d94ddc62228a43f075f67fdd912a0dd0583628711bafca6409b5661e764433b8
sha512: b960fbd6c86a9c63b52c18466346c83d69450499cc081e28f5517fd5d3c873d821e4214b409f05d034a6ba0d382a87908545c9eb4b668931051e8c1a6440125f
ssdeep: 24576:nGwjPprwEx25fcc5i21w1bBIxgBVP3W9DR10E/Y85C48JYx5EVs/Ma48GdNExx9u:nOjkEiGw1bBIxMVzPJYxiVs/Malx9KTj
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FCD56C02FAD28B72C473123458F74B650B35DEA05B909BD7539470A92DB77E03E6A3E8
sha3_384: e5b4b2cdbfe7a8dadd5207547331f55d95d870b9b437e622af883e520bfad747e97896597b14b91b667f91db058a8a30
ep_bytes: e86fe60000e989feffff8bff558bec5d
timestamp: 2020-04-23 15:49:53

Version Info:
CompanyName: aardio
FileDescription: wubiLex ( Win10 五笔助手 )
FileVersion: 9.7.2.0
InternalName: wubiLex.exe
LegalCopyright: Copyright (C) aardio 2020
OriginalFilename: wubiLex.exe
ProductName: wubiLex ( Win10 五笔助手 )
ProductVersion: 9.7.2.0
Translation: 0x0009 0x04b0

PUA.RiskwareRI.S21459908 also known as:

Bkav	W32.Common.AFE9B837
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
FireEye	Generic.mg.018c72ae02dd396c
CAT-QuickHeal	PUA.RiskwareRI.S21459908
McAfee	Artemis!018C72AE02DD
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 00577f931 )
K7GW	Trojan ( 00577f931 )
Cybereason	malicious.2dcba3
ESET-NOD32	a variant of Win32/Packed.AAuto.B suspicious
APEX	Malicious
ClamAV	Win.Malware.Aauto-9839278-0
Avast	Win32:Evo-gen [Trj]
Zillya	Trojan.AAuto.Win32.1
McAfee-GW-Edition	BehavesLike.Win32.Injector.vm
Sophos	Mal/Generic-S
SentinelOne	Static AI – Suspicious PE
Google	Detected
Antiy-AVL	GrayWare/Win32.Wacapew
Cynet	Malicious (score: 100)
Cylance	unsafe
Rising	Trojan.Generic@AI.98 (RDML:5Q7ECwANRMnJ75Jsd1EZaQ)
Yandex	Trojan.GenAsa!BlW5PwM8JpE
Fortinet	W32/GenericRXKO.YF!tr
AVG	Win32:Evo-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/grayware_confidence_60% (D)

How to remove PUA.RiskwareRI.S21459908?

PUA.RiskwareRI.S21459908 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X