Malware

Ursu.761338 removal

Malware Removal

The Ursu.761338 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.761338 virus can do?

  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics
  • Unusual version info supplied for binary

How to determine Ursu.761338?



File Info:

crc32: 539B7997
md5: 9fb667d5284d50b36e122d193ebd336e
name: 9FB667D5284D50B36E122D193EBD336E.mlw
sha1: 6b98a04b88058ce1f8e4cc2e9382059e2984770d
sha256: 4eee062fe9340cd7d3268e17f45d1d03a6c13f8d842c8c5a7d4435d465e99fa5
sha512: cb8de37d72f23adb309b39115191b68b411b2c524440229fd3c73e2bf39eb56fadab16c080f0a923167c51aef11dfc6dc4b74e87b2f95de248dec81f20b272f4
ssdeep: 192:4xCnaM+ZHVAeMo7d0Pf0zX/u/SfE89b0HhYIqT7IBzu0gWAghYF:barZHVAeMLPMzG/SfB9b0B93BaCAgh
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright 2017 Microsoft Corporation All rights reserved.
Assembly Version: 70.0.100.100
InternalName: Windows Security.exe
FileVersion: 70.0.100.100
CompanyName: Windows Security
Comments: Windows Defender
ProductName: Windows Security
ProductVersion: 70.0.100.100
FileDescription: Windows Security
OriginalFilename: Windows Security.exe

Ursu.761338 also known as:

K7AntiVirusTrojan ( 700000121 )
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Siggen.31367
CynetMalicious (score: 100)
CAT-QuickHealTrojan.OccamyFC.S8705613
ALYacGen:Variant.Ursu.761338
SangforTrojan.Win32.Save.a
AlibabaTrojan:MSIL/ClipBanker.90841d4d
K7GWTrojan ( 700000121 )
Cybereasonmalicious.5284d5
CyrenW32/ClipBanker.M.gen!Eldorado
ESET-NOD32a variant of MSIL/ClipBanker.LR
APEXMalicious
AvastWin32:DropperX-gen [Drp]
ClamAVWin.Packed.Clipbanker-9776642-0
KasperskyHEUR:Trojan.MSIL.Agent.gen
BitDefenderGen:Variant.Ursu.761338
MicroWorld-eScanGen:Variant.Ursu.761338
Ad-AwareGen:Variant.Ursu.761338
BitDefenderThetaGen:NN.ZemsilF.34690.am0@aKg1w0n
TrendMicroTrojanSpy.MSIL.CLIPBANKER.SM
McAfee-GW-EditionClipBanker-FCNX!9FB667D5284D
FireEyeGeneric.mg.9fb667d5284d50b3
EmsisoftGen:Variant.Ursu.761338 (B)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1141214
MicrosoftTrojan:MSIL/ClipBanker
GDataMSIL.Trojan.ClipBanker.F
AhnLab-V3Malware/Win32.RL_Generic.C3524236
McAfeeClipBanker-FCNX!9FB667D5284D
MAXmalware (ai score=87)
MalwarebytesSpyware.ClipboardStealer.Generic
TrendMicro-HouseCallTrojanSpy.MSIL.CLIPBANKER.SM
RisingSpyware.ClipBanker!1.D058 (CLOUD)
IkarusTrojan.MSIL.ClipBanker
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/ClipBanker.MZ!tr
AVGWin32:DropperX-gen [Drp]

How to remove Ursu.761338?

Ursu.761338 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment