PUA

Win32:Ubar-A [PUP] removal instruction

Malware Removal

The Win32:Ubar-A [PUP] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:Ubar-A [PUP] virus can do?

  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time

Related domains:

z.whorecord.xyz
metrics.mediabarservices.ru
a.tomx.xyz

How to determine Win32:Ubar-A [PUP]?



File Info:

crc32: 50500840
md5: d855f739ff57218621a326d81303e0eb
name: uBarUpdate.exe
sha1: aea3e7038021d0807ea6377f611f6e2ae0f560fc
sha256: 7cedabe01e52087dceb4f634271b33d8c8b51b428c3fbdd914409c8fe430a57f
sha512: dde87d53e9a68c369ca02deebe4de7fea37ed1f182628ef27c0cd879cf9df62eab24db2c6f7c52619d7c93dd91ff9b701387ff0b056f64cdedde0ca092d29ef7
ssdeep: 49152:TX9SmanuNq6qoRUScIW+kTsby3zIH0xL8zaNU/MTtq4qSly98tQAHOrqRWSi3inp:TszuA6AsbyNxL8eNK4qIbOrywip
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

FileVersion: 1.9.9.5
ProductVersion: 1.9
Translation: 0x0409 0x04e4

Win32:Ubar-A [PUP] also known as:

CAT-QuickHealTrojan.IGENERIC
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
TrendMicroTROJ_GEN.R002C0OJT18
TrendMicro-HouseCallTROJ_GEN.R002C0OJT18
Kasperskynot-a-virus:Downloader.Win32.UBar.gen
RisingPUA.UBar!8.2F4B (CLOUD)
SophosGeneric PUA KO (PUA)
DrWebAdware.Ubar.13
McAfee-GW-EditionArtemis!PUP
EmsisoftApplication.InstallBar (A)
CyrenW32/Trojan.PFLL-2732
AviraHEUR/AGEN.1004373
Antiy-AVLRiskWare[Downloader]/Win32.UBar
Endgamemalicious (high confidence)
ZoneAlarmnot-a-virus:Downloader.Win32.UBar.gen
MicrosoftPUA:Win32/UBar
McAfeeArtemis!D855F739FF57
VBA32TScope.Trojan.Delf
CylanceUnsafe
PandaTrj/CI.A
FortinetRiskware/UBar
AVGWin32:Ubar-A [PUP]
AvastWin32:Ubar-A [PUP]
CrowdStrikemalicious_confidence_60% (D)

How to remove Win32:Ubar-A [PUP]?

Win32:Ubar-A [PUP] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment