Malware

Ursu.821462 removal instruction

Malware Removal

The Ursu.821462 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.821462 virus can do?

  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

Related domains:

wpad.local-net

How to determine Ursu.821462?



File Info:

name: 8A772E4B1582C1537D77.mlw
path: /opt/CAPEv2/storage/binaries/ee9b98a1c20bde14f6dfb0793df97f27f842db76741beea0822a3a3570194210
crc32: 5179C269
md5: 8a772e4b1582c1537d77d1bfdf7c2af3
sha1: 65d79cc6bc7d57dcea228b7c1b1b3b320f4dff74
sha256: ee9b98a1c20bde14f6dfb0793df97f27f842db76741beea0822a3a3570194210
sha512: 727e9d032278074115f6269d355bed78728bb283a96fca8ce8d468e7704533cd8ed0d6c8366ca3ac99ba246126eb07d8b6f9d3751b26597bdf821560e9ff57e2
ssdeep: 1536:GpGCbeo0CvXQ10Fc0qZPgIjpWccbzWwextMCW59JC6AZhdnd/GA2GPfQjJmVcl:wGg0CvA1Kc0qZPtWccbPex6CI9c6ed/u
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DE63F90033E84614F2BF4A74787542184BB6BA676822E74E3D9928DD5F737C4D721BA3
sha3_384: 5616a689957855f121bc9d1b19e6f60980a73f2fb884ee6d15354f13f313caa6f46e6bfe5bb52aca8bcacce0572cbf8d
ep_bytes: ff250020400029002100400023002400
timestamp: 2020-04-08 13:10:44


Version Info:

Translation: 0x0000 0x04b0
Comments: A Micro Solutions module to implement RFC Protocols to control Intel products
CompanyName: Intel
FileDescription: Intel Management Engine
FileVersion: 13.6.60.8
InternalName: Intel Management Engine.exe
LegalCopyright: Copyright ©  2018
LegalTrademarks: Trademark Micro Engineers
OriginalFilename: Intel Management Engine.exe
ProductName: Intel Management Engine
ProductVersion: 13.6.60.8
Assembly Version: 13.6.60.8

Ursu.821462 also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanGen:Variant.Ursu.821462
FireEyeGeneric.mg.8a772e4b1582c153
ALYacGen:Variant.Ursu.821462
CylanceUnsafe
ZillyaTrojan.Agent.Win32.1310669
K7AntiVirusSpyware ( 0055fcc61 )
AlibabaTrojan:MSIL/Generic.39431e48
K7GWSpyware ( 0055fcc61 )
Cybereasonmalicious.b1582c
BitDefenderThetaGen:NN.ZemsilF.34294.em0@aaqoq6n
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Spy.Agent.CLA
APEXMalicious
KasperskyHEUR:Trojan-PSW.MSIL.Stealer.gen
BitDefenderGen:Variant.Ursu.821462
AvastWin32:Trojan-gen
Ad-AwareGen:Variant.Ursu.821462
SophosGeneric PUA GF (PUA)
McAfee-GW-EditionRDN/Generic PWS.y
EmsisoftGen:Variant.Ursu.821462 (B)
GDataGen:Variant.Ursu.821462
AviraHEUR/AGEN.1138822
ArcabitTrojan.Ursu.DC88D6
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Malware/Win32.RL_Generic.C4078925
McAfeeRDN/Generic PWS.y
MAXmalware (ai score=87)
MalwarebytesSpyware.PasswordStealer
IkarusTrojan.MSIL.Spy
FortinetMSIL/Agent.CLA!tr.spy
AVGWin32:Trojan-gen
MaxSecureTrojan.Malware.300983.susgen

How to remove Ursu.821462?

Ursu.821462 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment