Malware

Ursu.370968 removal tips

Malware Removal

The Ursu.370968 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.370968 virus can do?

  • Unconventionial language used in binary resources: Korean
  • Authenticode signature is invalid
  • Anomalous .NET characteristics

How to determine Ursu.370968?



File Info:

name: 209DD84FD541E226AB7E.mlw
path: /opt/CAPEv2/storage/binaries/be3b31effbde4cb052f3669416f8913de0553b8be27ff27893d29cbf45fff695
crc32: BA27A07D
md5: 209dd84fd541e226ab7e56ef980c77f3
sha1: 7211dbd204f4656176051cdbf29bc680e3e08130
sha256: be3b31effbde4cb052f3669416f8913de0553b8be27ff27893d29cbf45fff695
sha512: 34698f589f13d3e6bcbd5cc29b369c299e30001a0c7c45bebfda08c1e0138b57ec985f7cbce861afeb34fcdf38c7835b80c6846c4647fff03b00bedc6e0adf1a
ssdeep: 49152:ppN2R5mmVpNVk8wanwuHmgL5Hs+n+q67TiOuKZKrGzkQ5YffrMbaoNGvapQi6zqr:pL2R5m3brAsgrUeeyRA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T183858F6BA2A5D563D1D93733D8370369D323ECA62B820343460BFD3868A23C5DD76D96
sha3_384: bdcc1606b88f7680b71617c93d633799bac2025efecd209ab84fd03bd4eace2a7f7d6c708188ffd6c309779a46858bee
ep_bytes: ff25c85f4900cccccccccccccccccccc
timestamp: 2017-06-16 05:38:11


Version Info:

CompanyName: Personal Usage only
FileDescription: NEPA [Shin Tool, another NNext Parser]
FileVersion: 1.7
InternalName: NEPA.exe
LegalCopyright: minho.shin@samsung.com. All rights reserved.
OriginalFilename: NEPA.exe
ProductName: NEPA [Shin Tool, another NNext Parser]
ProductVersion: 1.7
Translation: 0x0409 0x04e4

Ursu.370968 also known as:

MicroWorld-eScanGen:Variant.Ursu.370968
FireEyeGen:Variant.Ursu.370968
ALYacGen:Variant.Ursu.370968
Cylanceunsafe
BitDefenderGen:Variant.Ursu.370968
EmsisoftGen:Variant.Ursu.370968 (B)
VIPREGen:Variant.Ursu.370968
McAfee-GW-EditionArtemis
GDataGen:Variant.Ursu.370968
Antiy-AVLGrayWare/Win32.Presenoker
ArcabitTrojan.Ursu.D5A918
MicrosoftPUA:Win32/Presenoker
McAfeeArtemis!209DD84FD541
TrendMicro-HouseCallTROJ_GEN.R002H09EJ23
RisingPUA.Presenoker!8.F608 (CLOUD)
MaxSecureTrojan.Malware.74298765.susgen
Cybereasonmalicious.fd541e
DeepInstinctMALICIOUS

How to remove Ursu.370968?

Ursu.370968 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment