Malware

How to remove “Ursu.112713”?

Malware Removal

The Ursu.112713 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.112713 virus can do?

  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz

How to determine Ursu.112713?



File Info:

crc32: 2D8E6839
md5: 917ed44026c60bf076b7b4eb4bbb56b2
name: 917ED44026C60BF076B7B4EB4BBB56B2.mlw
sha1: 2bd7b247c9d1096771fd6a2d3877683b335cd5eb
sha256: da2f3f1e8896f8cfbab8d3c9f9b073d15db12b8373ba4e17ba4484a46496e671
sha512: 2d211829a4dc10563b7fc7fd41f3418eb60162c116b4e5e659c10e527202b39fe915f2e1021acc1119dcdb1a9ff9f7caaeebf7c5341d31fc94efc025b581a884
ssdeep: 24576:yzt7K4VQNFZqe0s8NFZqe5OhNxKQ/IqXXHEbg:QtYPZqeJ8PZqeGKsHa
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright CC xa92017 .
Assembly Version: 1.3.0.6
InternalName: plextoran.exe
FileVersion: 1.3.0.6
CompanyName: pledede ltd
LegalTrademarks: pledede
Comments: pledede
ProductName: pledede Client                                       
ProductVersion: 1.3.0.6
FileDescription: pledede
OriginalFilename: plextoran.exe

Ursu.112713 also known as:

K7AntiVirusAdware ( 005465501 )
LionicRiskware.Win32.Generic.1!c
Elasticmalicious (high confidence)
DrWebTrojan.Siggen7.35753
ALYacGen:Variant.Ursu.112713
CylanceUnsafe
ZillyaAdware.CloudGuard.Win32.904
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaAdWare:MSIL/CloudGuard.0b378e4c
K7GWAdware ( 005465501 )
Cybereasonmalicious.026c60
CyrenW32/Trojan.BNQ.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Adware.CloudGuard.D
APEXMalicious
AvastWin32:AdwareX-gen [Adw]
BitDefenderGen:Variant.Ursu.112713
NANO-AntivirusTrojan.Win32.CloudGuard.eyiqra
MicroWorld-eScanGen:Variant.Ursu.112713
TencentMsil.Adware.Cloudguard.Hrow
Ad-AwareGen:Variant.Ursu.112713
SophosCloudGuard (PUA)
ComodoApplicUnwnt@#1v7wa8s6tjb6l
BitDefenderThetaGen:NN.ZemsilF.34170.tn0@aWn3Euj
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionGenericRXEG-DQ!917ED44026C6
FireEyeGeneric.mg.917ed44026c60bf0
EmsisoftGen:Variant.Ursu.112713 (B)
SentinelOneStatic AI – Malicious PE
AviraADWARE/CloudGuard.Gen
MicrosoftTrojan:Win32/Wacatac.A!ml
SUPERAntiSpywareAdware.CloudGuard/Variant
GDataGen:Variant.Ursu.112713
AhnLab-V3PUP/Win32.CloudGuard.R222514
McAfeeGenericRXEG-DQ!917ED44026C6
MAXmalware (ai score=97)
VBA32TScope.Trojan.MSIL
MalwarebytesGeneric.Trojan.Malicious.DDS
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0PJ121
IkarusAdWare.MSIL.Cloudguard
FortinetAdware/CloudGuard
AVGWin32:AdwareX-gen [Adw]
Paloaltogeneric.ml

How to remove Ursu.112713?

Ursu.112713 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment