Ursu.882682 removal tips

The Ursu.882682 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ursu.882682 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous .NET characteristics
Binary compilation timestomping detected

How to determine Ursu.882682?


File Info:
name: CBD2766CD42A40532B96.mlw
path: /opt/CAPEv2/storage/binaries/9066687f3ee7065c30791763353858adb5f9bcbd6b448fa3bb0ac0263e594dce
crc32: D28A462E
md5: cbd2766cd42a40532b965ae78e3d3d79
sha1: 5ec92f0d893fbd23cb63f83b163d328777ccd0c1
sha256: 9066687f3ee7065c30791763353858adb5f9bcbd6b448fa3bb0ac0263e594dce
sha512: 8a9ee16194917d5b953f936321306e9727b3ad19f86758b02f3765e15b83a794b239f6c575339b5fdbe30edcc473c4e787d04ff90c7eadf2ac034970ed6862b0
ssdeep: 3072:K0br145I64qw5wCsIYVPcj9O3whKl0W/XPe3a/XiyCz9A:XbBawzGIWEj9O3whKqW+3wX8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1482438A0E061C44FE915A7B69433F938A9B33DF998B4810EA5DC7DB3B673343084B529
sha3_384: b15ff7da8786010c9561514dff52caa866fc3d0d130ebd1b9e6a8b61427204e771bcbd2ced03644694efb527c5d3353a
ep_bytes: ff250020400000000000000000000000
timestamp: 2056-03-03 18:13:23

Version Info:
Translation: 0x0000 0x04b0
Comments: This software installs HyTeKModLoader for you and keep it up to date!
CompanyName: HyTeKGames
FileDescription: HyTeK Mod Loader Launcher Updater
FileVersion: 0.0.0.0
InternalName: HyTeKLauncherUpdater.exe
LegalCopyright: Copyright HyTeKGames © 2020
LegalTrademarks: HyTeKGames
OriginalFilename: HyTeKLauncherUpdater.exe
ProductName: HyTeK Mod Loader Launcher Updater
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Ursu.882682 also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Gen:Variant.Ursu.882682
Skyhigh	RDN/Generic.hbg
McAfee	RDN/Generic.hbg
Cylance	unsafe
Sangfor	Trojan.Win32.Agent.Ve99
CrowdStrike	win/malicious_confidence_100% (W)
K7GW	Trojan ( 0059c6ae1 )
K7AntiVirus	Trojan ( 0059c6ae1 )
Arcabit	Trojan.Ursu.DD77FA
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Generik.MNMHBYY
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Gen:Variant.Ursu.882682
SUPERAntiSpyware	Trojan.Agent/Gen-Ursu
Emsisoft	Gen:Variant.Ursu.882682 (B)
VIPRE	Gen:Variant.Ursu.882682
Sophos	Mal/Generic-S
Ikarus	Trojan.SuspectCRC
Webroot	W32.Trojan.Genkd
Google	Detected
Antiy-AVL	GrayWare/Win32.Presenoker
Kingsoft	Win32.Troj.Generic.jm
Xcitium	Malware@#2phbe24j5bycg
Microsoft	Program:Win32/Ymacco.AA90
GData	Gen:Variant.Ursu.882682
AhnLab-V3	Malware/Win32.RL_Generic.C4133316
Rising	Trojan.Undefined!8.1327C (CLOUD)
Yandex	Trojan.Agent!0/cN2Hk36KQ
MaxSecure	Trojan.Malware.197326238.susgen
Fortinet	Riskware/GamingRelatedHytekModLoader
DeepInstinct	MALICIOUS

How to remove Ursu.882682?

Ursu.882682 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X