Malware

How to remove “Ursu.268006”?

Malware Removal

The Ursu.268006 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.268006 virus can do?

  • Network activity detected but not expressed in API logs

How to determine Ursu.268006?



File Info:

crc32: 118458BC
md5: 35ca831fa89e46a4924f8f610adb4972
name: 35CA831FA89E46A4924F8F610ADB4972.mlw
sha1: 8768beaf863a3b923c6e0134d11f993d4899866b
sha256: 1e2852969b9f6001f473f661094289e050c8ab83044ffa42a2c872426df1efc9
sha512: 379100a2e6d3ab5c61fb6a81a0714f9e6646e3b7e3055d4c5c39ed914a9d78a86bc9169916d8dbd1f77656a7b630608359747b218ebfe9726212c205a1a6b125
ssdeep: 1536:OJE/V8P47ff1P/YIsAZYi545AvdaXTpU4+XqKwY1HzrW1jRzgemSzD+e6CARSi:I+t136AZSAVaXTG3CAB
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: sihost.exe
FileVersion: 10.0.17134.1 (WinBuild.160101.0800)
CompanyName: Microsoft Corporation
ProductName: Microsoftxae Windowsxae Operating System
ProductVersion: 10.0.17134.1
FileDescription: Shell Infrastructure Host
OriginalFilename: sihost.exe
Translation: 0x0409 0x04b0

Ursu.268006 also known as:

K7AntiVirusTrojan ( 005237581 )
Elasticmalicious (high confidence)
CynetMalicious (score: 99)
ALYacGen:Variant.Ursu.268006
CylanceUnsafe
ZillyaTrojan.GenericKD.Win32.144127
SangforTrojan.MSIL.Kryptik.MGQ
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaTrojan:MSIL/Kryptik.4c4bca50
K7GWTrojan ( 005237581 )
Cybereasonmalicious.fa89e4
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.MGQ
APEXMalicious
AvastWin32:Trojan-gen
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Ursu.268006
NANO-AntivirusTrojan.Win32.Kryptik.fgofuf
MicroWorld-eScanGen:Variant.Ursu.268006
TencentWin32.Trojan.Generic.Llhq
Ad-AwareGen:Variant.Ursu.268006
SophosML/PE-A
ComodoMalware@#3da7qhfs5p8ro
BitDefenderThetaGen:NN.ZemsilF.34266.iq0@aKFTafdi
McAfee-GW-EditionGeneric.dxj
FireEyeGeneric.mg.35ca831fa89e46a4
EmsisoftGen:Variant.Ursu.268006 (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Dropper.MSIL.Gen
Antiy-AVLTrojan/Generic.ASMalwS.274484B
MicrosoftBackdoor:MSIL/Bladabindi
GDataGen:Variant.Ursu.268006
AhnLab-V3Trojan/Win32.Agent.C2580611
McAfeeGeneric.dxj
MAXmalware (ai score=100)
MalwarebytesMalware.AI.4252153493
PandaTrj/GdSda.A
YandexTrojan.Agent!vCX0EvL6PNU
IkarusTrojan.MSIL.Crypt
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Kryptik.GVM!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml

How to remove Ursu.268006?

Ursu.268006 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment