Categories: Malware

Ursu.795233 removal tips

The Ursu.795233 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Ursu.795233 virus can do?

Executable code extraction
Creates RWX memory
Reads data out of its own binary image
A process created a hidden window
Drops a binary and executes it
A scripting utility was executed
Uses Windows utilities for basic functionality
Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
Creates a hidden or system file
Attempts to modify proxy settings

Related domains:

www.bing.com

iplogger.org

How to determine Ursu.795233?


File Info:
crc32: C33E960Dmd5: ff8eba7fa09c88b55dc8b563c2ce9ffename: spedup3.exesha1: 705ac8eeded3d68090f8909c877adbe588e4a7desha256: 6c88d196bde47f3a61f7a5ed7b77c8e81c5de843811c9bc2602d9978c556dbcbsha512: 559de6df23e5b801accee09f3d81557fe4fc0447431a9421b9b1143057cf0e1af69fd2f42420aa534ae07463e4456197c55cbb66f26bf16aa29fa84f74eed0afssdeep: 98304:Z6pQ0mBh/cj8SWgztiSNNaAdq0T7jFh7u/LJfb7JK+fp:ApDj8kztiywAAI7xhChJfptype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright:                                                                                                     FileVersion:                     CompanyName: Speedup inc                                                 Comments: This installation was built with Inno Setup.ProductName: Speedup                                                     ProductVersion: 4.8                                               FileDescription: Speedup Setup                                               Translation: 0x0000 0x04b0

Ursu.795233 also known as:

MicroWorld-eScan	Gen:Variant.Ursu.795233
Qihoo-360	Generic/Trojan.PSW.9f6
ALYac	Gen:Variant.Ursu.795233
Cylance	Unsafe
AegisLab	Trojan.Multi.Generic.4!c
Sangfor	Malware
K7AntiVirus	Trojan ( 0055d3bd1 )
BitDefender	Gen:Variant.Ursu.795233
K7GW	Trojan ( 0055d3bd1 )
TrendMicro-HouseCall	TROJ_GEN.R002H0CCN20
Avast	Win32:Trojan-gen
GData	Win32.Trojan.Agent.3608L3
Kaspersky	HEUR:Trojan-PSW.MSIL.Racealer.gen
Alibaba	TrojanPSW:MSIL/Kryptik.7fe7ba96
Ad-Aware	Gen:Variant.Ursu.795233
Emsisoft	Gen:Variant.Ursu.795233 (B)
Comodo	Malware@#3s3shgevl0yjj
F-Secure	Heuristic.HEUR/AGEN.1042347
McAfee-GW-Edition	BehavesLike.Win32.AdwareFileTour.rc
Sophos	Mal/Generic-S
APEX	Malicious
Jiangmin	Trojan.PSW.Kpot.bi
Webroot	W32.Adware.Gen
Avira	HEUR/AGEN.1042347
Antiy-AVL	Trojan[PSW]/MSIL.Racealer
Arcabit	Trojan.Ursu.DC2261
ZoneAlarm	HEUR:Trojan-PSW.MSIL.Racealer.gen
Microsoft	Trojan:Win32/Wacatac.C!ml
AhnLab-V3	Trojan/Win32.Agent.C4014674
McAfee	Artemis!FF8EBA7FA09C
MAX	malware (ai score=99)
Malwarebytes	Trojan.Dropper
ESET-NOD32	Win32/RA-based.NIZ
Ikarus	Trojan.MSIL.Agent
Fortinet	W32/RA_based.NIZ!tr
AVG	Win32:Trojan-gen
Paloalto	generic.ml