Ursu.297508 (B) (file analysis)

The Ursu.297508 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Ursu.297508 (B) virus can do?

• Reads data out of its own binary image
• Drops a binary and executes it
• Network activity detected but not expressed in API logs
• Creates a copy of itself
• Anomalous binary characteristics

How to determine Ursu.297508 (B)?

File Info:
crc32: 497922A2
md5: 429415c03eb2d1d9ac353e527e39d7b6
name: 429415C03EB2D1D9AC353E527E39D7B6.mlw
sha1: 4fc78c22e101d333980dba9c617bbd6062616bae
sha256: dce4d836f14b4150f6dbdd1df6ff0c6a4fb0a59f32d089727511acdbf8720a8c
sha512: 8d70c036108f77eb29dbed53352eead650594d6dafaa72342ea7fa6df62a1b029cd3f87f7e5b45bdd22d889ab452a548e8bcbd02bd38bcf110fc2ebf9a426092
ssdeep: 1536:QTdm9B9lYypfMXvugHQ0DbLiNu+I9NHZEC+sMJJUp:Q4lLpkXGED3iNubtRM/Up
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive

Version Info:
LegalCopyright: xa92007, Juliusz Chroboczek
FileVersion: 1.0.3.20070922-darcs
LegalTrademarks: See T13jM4pE4T
Comments: http://www.pps.jussieu.fr/~jch/software/polipo/
ProductName: Polipo: A caching web proxy
FileDescription: Polipo is a caching web proxy.
Translation: 0x0409 0x04b0

Ursu.297508 (B) also known as:

How to remove Ursu.297508 (B)?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.