Malware

Ursu.736786 (B) removal guide

Malware Removal

The Ursu.736786 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Ursu.736786 (B) virus can do?

  • Executable code extraction
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Ursu.736786 (B)?


File Info:

crc32: 67B23E15
md5: 7522a34182f1ca076be0055124f09d38
name: mali.exe
sha1: 1fe2c112c31094a41c057e7df0207d9532655ad5
sha256: 5ca6fbb3f0c4277f560a76e69b776d8cb2b1d602e850fe8e639d97f75aa68708
sha512: b602dce18ebedc462a6fbcfa1b940c73d304d15e7360c430e291d20138a71be657ae85d8deeac223d2d22d2b54eba28f9696b22bfb2b484fc8f3e8a0de9fc164
ssdeep: 3072:kLZ2k37lxwpuou6M7q6+37lxwpuor22L:o13J2T3J2f
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

Translation: 0x0409 0x04b0
InternalName: Unjoine7
FileVersion: 1.00
CompanyName: Freds5
ProductName: PROTERO
ProductVersion: 1.00
OriginalFilename: Unjoine7.exe

Ursu.736786 (B) also known as:

FireEyeGen:Variant.Ursu.736786
Qihoo-360Generic/HEUR/QVM03.0.B2F3.Malware.Gen
McAfeeFareit-FQO!7522A34182F1
CylanceUnsafe
SangforMalware
K7AntiVirusTrojan ( 0055f15d1 )
BitDefenderGen:Variant.Ursu.736786
K7GWTrojan ( 0055f15d1 )
TrendMicroTrojan.Win32.WACATAC.THABOBO
BitDefenderThetaGen:NN.ZevbaF.34084.pm0@aGYlUbai
ESET-NOD32a variant of Win32/Injector.EKAE
TrendMicro-HouseCallTrojan.Win32.WACATAC.THABOBO
GDataWin32.Trojan.Agent.EVCEXA
KasperskyBackdoor.Win32.Androm.trtb
AlibabaTrojan:Win32/Injector.e810ca99
TencentWin32.Backdoor.Androm.Afhi
Endgamemalicious (high confidence)
EmsisoftGen:Variant.Ursu.736786 (B)
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.dt
SentinelOneDFI – Suspicious PE
Trapminemalicious.high.ml.score
SophosMal/FareitVB-X
APEXMalicious
CyrenW32/VBInject.ACJ.gen!Eldorado
MicrosoftTrojan:Win32/Wacatac.C!ml
ArcabitTrojan.Ursu.DB3E12
AhnLab-V3Trojan/Win32.Injector.C3917954
ZoneAlarmBackdoor.Win32.Androm.trtb
Acronissuspicious
MAXmalware (ai score=81)
Ad-AwareGen:Variant.Ursu.736786
MalwarebytesTrojan.MalPack.VB
RisingTrojan.Injector!8.C4 (CLOUD)
IkarusTrojan.VB.Crypt
eGambitUnsafe.AI_Score_99%
FortinetW32/GenKryptik.ECGD!tr
AVGFileRepMalware
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Ursu.736786 (B)?

Ursu.736786 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment