PUA

PUA:Win32/MyPCBackup (file analysis)

Malware Removal

The PUA:Win32/MyPCBackup is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUA:Win32/MyPCBackup virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine PUA:Win32/MyPCBackup?



File Info:

name: 03CAB7A44C4DA161CB6B.mlw
path: /opt/CAPEv2/storage/binaries/c7cc4aa9ec1c0df97bc007c6ff237067c1e5f3ee38cd7e5107398698226d2ef9
crc32: 0A6EB103
md5: 03cab7a44c4da161cb6b9a30084d6981
sha1: 0cb8307bac701fb5328dcaabbe977b97f572ee85
sha256: c7cc4aa9ec1c0df97bc007c6ff237067c1e5f3ee38cd7e5107398698226d2ef9
sha512: 86eae326871b48001414b0aa682092b144aacc696acc20f6fbdd256dec63bc3fdc68aeb2ea4680a182a01967479119522f543a3704d654dd64aa510efa7f38b1
ssdeep: 196608:zHEfFCvCzUE+83cT4ZOhtOXjlAu2jUdFXtwgKzi4kbdmw0ObhuB/:wfFCqzV+8MwOip12jSXXf1huF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D786330332698947C39690B59372C92287F7DFB50384028BE76CB7638FF5F8B45A6492
sha3_384: 063a80aec75dbbd95ad9321efd2b86671bc7ced563b11f0036c71bcea11dc30e186ae0197947b112fd9d315533dc1728
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:50:52


Version Info:

0: [No Data]

PUA:Win32/MyPCBackup also known as:

DrWebProgram.Unwanted.567
SkyhighBehavesLike.Win32.Dropper.wc
MalwarebytesGeneric.Malware/Suspicious
ZillyaDropper.Addrop.Win32.890
SangforTrojan.Win32.Mypcbackup.V1a5
VirITPUP.Win32.JDI.A
SymantecML.Attribute.HighConfidence
ESET-NOD32MSIL/MyPCBackup.D potentially unwanted
APEXMalicious
CynetMalicious (score: 99)
KasperskyHEUR:Trojan-Spy.Win32.TravNet.gen
TencentWin32.Trojan-Spy.Travnet.Bzlw
F-SecurePotentialRisk.PUA/MyPCBackup.Gen7
SophosGeneric Reputation PUA (PUA)
AviraPUA/MyPCBackup.Gen7
Antiy-AVLTrojan/MSIL.BitMiner
KingsoftWin32.Trojan-Spy.TravNet.gen
MicrosoftPUA:Win32/MyPCBackup
ZoneAlarmHEUR:Trojan-Spy.Win32.TravNet.gen
GDataWin32.Trojan.Agent.K3KZK5
McAfeeArtemis!03CAB7A44C4D
VBA32SigAdware.JDIBACKUPLIMITED
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H07JE23
RisingTrojan.Generic@AI.92 (RDML:6XBd9SnIzzIFv1XMOpyPrA)
YandexRiskware.Unwanted!+oAosKZZZrk
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_70% (W)

How to remove PUA:Win32/MyPCBackup?

PUA:Win32/MyPCBackup removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment