Malware.AI.3268660994 removal guide

The Malware.AI.3268660994 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3268660994 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.3268660994?


File Info:
name: 532EA2BB97963F7596DF.mlw
path: /opt/CAPEv2/storage/binaries/80d871179e1036700c66def6f5c2789dcae774b93a3b571b8e2336cdd3f5a26b
crc32: 86D9267F
md5: 532ea2bb97963f7596df4b5119d69313
sha1: 0c1b3a6b84efc310ed64bec940449479dd8ee306
sha256: 80d871179e1036700c66def6f5c2789dcae774b93a3b571b8e2336cdd3f5a26b
sha512: 9aa7f843b0d211f029ee05d695734d435c903bca488115740e16f27d7011281130cfa2a4a98e64e26c109ebcdbed493ed282454876dd3cb586505da3249c5b05
ssdeep: 49152:IXhMnVtVHVHVegBM9IgBM9FgBM9TFPpfa9LL5lH8qjqjq:wFCP+HJ++
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C0A5230A35655917D0BE0BF1A691902003F23DAB3637DAADCE81B1EF44B1F429B62F57
sha3_384: 1c3ed3813f021d1ff4a425d0d4ce501d9f3f6e3a5a837acc392cbf24115813a3fd365f868e8defd5103b1f73f476545c
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-01-10 13:18:30

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: Microsoft
FileDescription: SchoolManagementSystem
FileVersion: 1.0.0.0
InternalName: SchoolManagementSystem.exe
LegalCopyright: Copyright © Microsoft 2017
LegalTrademarks: 
OriginalFilename: SchoolManagementSystem.exe
ProductName: SchoolManagementSystem
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.3268660994 also known as:

MicroWorld-eScan	Gen:Variant.MSILPerseus.204262
FireEye	Gen:Variant.MSILPerseus.204262
CAT-QuickHeal	Trojan.IgenericFC.S26035996
ALYac	Gen:Variant.MSILPerseus.204262
Arcabit	Trojan.MSILPerseus.D31DE6
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Kryptik.UMS
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-PSW.MSIL.Agent.gen
BitDefender	Gen:Variant.MSILPerseus.204262
Avast	Win32:TrojanX-gen [Trj]
Ad-Aware	Gen:Variant.MSILPerseus.204262
Emsisoft	Gen:Variant.MSILPerseus.204262 (B)
Zillya	Trojan.Kryptik.Win32.2899901
McAfee-GW-Edition	GenericRXLS-XZ!532EA2BB9796
Sophos	Mal/Generic-S
Ikarus	Win32.Outbreak
Avira	HEUR/AGEN.1145343
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Gen:Variant.MSILPerseus.204262
Cynet	Malicious (score: 100)
McAfee	GenericRXLS-XZ!532EA2BB9796
MAX	malware (ai score=81)
Malwarebytes	Malware.AI.3268660994
Rising	Trojan.Generic/MSIL@AI.100 (RDM.MSIL:ZXhsE08TTl35Y/ynMhpkVA)
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Kryptik.UMS!tr
AVG	Win32:TrojanX-gen [Trj]
Panda	Trj/GdSda.A

How to remove Malware.AI.3268660994?

Malware.AI.3268660994 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X