Malware

Malware.AI.3971638404 removal instruction

Malware Removal

The Malware.AI.3971638404 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3971638404 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Malware.AI.3971638404?



File Info:

name: 553729612E3C1330BB21.mlw
path: /opt/CAPEv2/storage/binaries/4ee54462ba51c88897eda3ae86ad5972dbc0fc49461584c5fc1dedbe2d6d441a
crc32: F7CD5669
md5: 553729612e3c1330bb21fc6db653011e
sha1: c2d9a1f29dee29082e1665a58eb16e7ac107684a
sha256: 4ee54462ba51c88897eda3ae86ad5972dbc0fc49461584c5fc1dedbe2d6d441a
sha512: 5034b4879420abff20e2ec5d140c807fb89b79f4fb1f4319c194bb73160b4b38e365fa90195cff899fa641a1824c7e8c1a1a8f2bf6624569bde287247f7f1d20
ssdeep: 24576:pLITHdoP81PV2M/EGfPF1+1aZDpmDYqBYSu16DG9lt5/lWilYFne1kS+tSLv5fbY:pcTSU1Pqw7mDYqqSu1B5HlL+t+v5fb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T140B56C23B249653FC0AF2A3955279A649C3FB77176178C5E6BF4484CCF291402F2BA4B
sha3_384: d8daf1c87060dc837bcef82f2204bb0d37aba0ad6397582bccd21b0acf342f35d562e4480bbcbd45e173e17b2fcf63b9
ep_bytes: 558bec83c4f0b86c986000e878ccdfff
timestamp: 2015-06-03 21:42:24


Version Info:

0: [No Data]

Malware.AI.3971638404 also known as:

LionicAdware.Win32.DealPly.2!c
Elasticmalicious (high confidence)
MicroWorld-eScanAdware.DealPly.1.Gen
FireEyeGeneric.mg.553729612e3c1330
CAT-QuickHealAdware.Dealply.P11
CylanceUnsafe
ZillyaAdware.DealPly.Win32.225721
K7AntiVirusAdware ( 005497bb1 )
BitDefenderAdware.DealPly.1.Gen
K7GWAdware ( 005497bb1 )
Cybereasonmalicious.12e3c1
BitDefenderThetaGen:NN.ZelphiF.34786.sUW@aWiqtKfi
VirITAdware.Win32.Dealply.KGF
CyrenW32/DealPly.BA.gen!Eldorado
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/DealPly.OR potentially unwanted
TrendMicro-HouseCallADW_DEALPLY.SMA
Paloaltogeneric.ml
Kasperskynot-a-virus:UDS:AdWare.Win32.DealPly.cos
AlibabaAdWare:Win32/DealPly.ad47d178
NANO-AntivirusVirus.Win32.Gen.ccmw
TencentMalware.Win32.Gencirc.10c885f4
Ad-AwareAdware.DealPly.1.Gen
SophosDealPly Updater (PUA)
ComodoApplicUnwnt@#1bvsgilvrddqt
DrWebAdware.DealPly.260
VIPREAdware.DealPly.1.Gen
TrendMicroADW_DEALPLY.SMA
McAfee-GW-EditionBehavesLike.Win32.Generic.vh
SentinelOneStatic AI – Malicious PE
Trapminemalicious.high.ml.score
EmsisoftAdware.DealPly.1.Gen (B)
APEXMalicious
JiangminTrojanDownloader.Genome.aecv
AviraHEUR/AGEN.1238283
Antiy-AVLTrojan/Generic.ASMalwS.3C54
MicrosoftTrojan:Win32/Occamy.C
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.DealPly.gen
GDataAdware.DealPly.1.Gen
CynetMalicious (score: 100)
AhnLab-V3PUP/Win32.DealPly.C3753052
McAfeeGenericRXQE-EC!553729612E3C
MAXmalware (ai score=100)
VBA32Adware.DealPly
MalwarebytesMalware.AI.3971638404
PandaTrj/GdSda.A
RisingAdware.DealPly!1.AA42 (CLASSIC)
YandexRiskware.Agent!yNfKOdugK7c
IkarusPUA.DealPly
MaxSecureTrojan.Malware.300983.susgen
FortinetAdware/DealPly
AVGWin32:DealPly-AJ [Adw]
AvastWin32:DealPly-AJ [Adw]
CrowdStrikewin/grayware_confidence_100% (W)

How to remove Malware.AI.3971638404?

Malware.AI.3971638404 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment