Malware

Ursu.199760 removal

Malware Removal

The Ursu.199760 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.199760 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Ursu.199760?



File Info:

name: C765C526A37FB8C20F59.mlw
path: /opt/CAPEv2/storage/binaries/a7fd415895eaf8fed904464233cd83d894ad26252729dbda999d0efd3ad6db0e
crc32: 51B97D30
md5: c765c526a37fb8c20f595845f246ab3a
sha1: c89f22994e12e81a04f4910c5f9a40775e1f1e34
sha256: a7fd415895eaf8fed904464233cd83d894ad26252729dbda999d0efd3ad6db0e
sha512: 7f5ac351452a1dc6c2ee513c23f99f96eb26ef01c97b10e7ecb29d01bcbc5e5d9f7344a138e6e78a2cda10c7ffb1522110284376972b36e558f504cd98c837bc
ssdeep: 96:uA+A7tmvHQ3njhMNHNS9BuwnK8gYjOUqVHqzNt:z+qtm43sNS9IwnKWmG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14692C765F7E44336DBBA47365D6363402372F247CCBBDB0EA8CA015A5E623304562BB1
sha3_384: 04ebdad20010939559d4b3335dd11a9340c0e92e65a7208ebd76f371c6bd8be60c966c2e431f594d22fc54e3262f5ee6
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-10-17 12:44:49


Version Info:

Translation: 0x0000 0x04b0
FileDescription: awdawd
FileVersion: 1.0.6499.24744
InternalName: svchost.exe
LegalCopyright: Copyright 2017
OriginalFilename: svchost.exe
ProductName: awdawd
ProductVersion: 1.0.6499.24744
Assembly Version: 1.0.6499.24744

Ursu.199760 also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Ursu.4!c
MicroWorld-eScanGen:Variant.Ursu.199760
SkyhighBehavesLike.Win32.Infected.mz
McAfeeArtemis!C765C526A37F
Cylanceunsafe
VIPREGen:Variant.Ursu.199760
SangforSuspicious.Win32.Save.a
K7AntiVirusSpyware ( 005319fe1 )
AlibabaTrojan:MSIL/Generic.f90ef2d9
K7GWSpyware ( 005319fe1 )
ArcabitTrojan.Ursu.D30C50
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of MSIL/Spy.Keylogger.CSG
CynetMalicious (score: 99)
BitDefenderGen:Variant.Ursu.199760
NANO-AntivirusTrojan.Win32.Fkm.fcdsvr
TencentMalware.Win32.Gencirc.114abfa3
EmsisoftGen:Variant.Ursu.199760 (B)
F-SecureHeuristic.HEUR/AGEN.1365554
SophosMal/Generic-S
IkarusTrojan.Crypt
GoogleDetected
AviraHEUR/AGEN.1365554
MicrosoftBackdoor:Win32/Bladabindi!ml
GDataGen:Variant.Ursu.199760
VaristW32/Trojan.DIS.gen!Eldorado
BitDefenderThetaGen:NN.ZemsilF.36680.bm0@auPiBJi
DeepInstinctMALICIOUS
VBA32Trojan.MSIL.gen.04
RisingSpyware.Keylogger!8.12F (CLOUD)
FortinetMSIL/Generic.AP.A22F07E!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Ursu.199760?

Ursu.199760 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment