About “Ursu.378784” infection

The Ursu.378784 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Ursu.378784 virus can do?

• Presents an Authenticode digital signature
• Creates RWX memory
• Network activity detected but not expressed in API logs

How to determine Ursu.378784?

File Info:
crc32: 2EBA900F
md5: 7dedd4473df4fff929b9ce2fe412d6b3
name: dOPCClone.exe
sha1: 6cdd50f67a8d29589453803ab63b3d3a97bc4726
sha256: 2d003148c4eba3cf4151670bece7efcf7437b75e8edcf8c2368cf5933466a2bf
sha512: 2c37ae6ab0dd1b5627dcf4f8cbcca64c853116de52072eb1d7ada599eade10e42a40e6da1a0487393c760221049b6dabdcc84da780f41556ce106194a6bdf5dd
ssdeep: 49152:CDUjWq2sb+k9TIS+r5NmtgHveFZ8MeTjn+j9X/fS7v3NoyN1cGTCTqo8Pm2GXFw:CIj1+ahFZ8MAjnEpfSvF1cL8PWWB
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: (C) 2002-2020 Kassl GmbH
InternalName: dOPC Clone
FileVersion: 2.0.0.285
CompanyName: Kassl GmbH
LegalTrademarks: http://www.kassl.de
Comments: 
ProductName: dOPC Clone
ProductVersion: 2.0.0.285
FileDescription: dOPC Clone
OriginalFilename: 
Translation: 0x0409 0x04e4

Ursu.378784 also known as:

How to remove Ursu.378784?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.