How to remove “Malware.AI.1130952915”?

The Malware.AI.1130952915 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1130952915 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Malware.AI.1130952915?


File Info:
name: 2F0EF34C64EE4D77732E.mlw
path: /opt/CAPEv2/storage/binaries/5ef09be35e1131b5460702ced71a9ee1dea82f833c74bf87adbf1e8e18decdd7
crc32: 29B72202
md5: 2f0ef34c64ee4d77732eef5c8be5aefa
sha1: b2b3bdaff79e8e2e448bddaa8b3aedc732936603
sha256: 5ef09be35e1131b5460702ced71a9ee1dea82f833c74bf87adbf1e8e18decdd7
sha512: 2576192270272e16f999346ee348a79e6c56966cbcbb7e9be45e316e79b47d3679a126e562572900a8741d3863fb5ac1edd265882432ca246eb1729958fd930d
ssdeep: 1536:8vyag61SEa5VuRmnSMZCvj31phXXVzRb84lz+urRW+gZHesWpcd+5rwX45QdGX5J:x4avuRm/U31phXXVlb8PurRW+gR+5rwq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CE734A03B5D29471E5B20A3258B0D9B19A3FFD614F61CE6B2788123E4F305D19E26E7B
sha3_384: 9b4caf16de9f5894b20f36bd8d3b1f437f694df9cf051bbeb41e5caf4583afce32ba7f6896c83a4fa0572e00565fc4f1
ep_bytes: e8c4030000e97afeffff558bec6a00ff
timestamp: 2021-09-20 04:38:42

Version Info:
CompanyName: Barron, Villa and Roy
FileDescription: Spcwin
FileVersion: 28.22.1.32
InternalName: spcwin.exe
LegalCopyright: Copyright (c) 2001 Barron, Villa and Roy
OriginalFilename: spcwin.exe
ProductName: Syndicate Rich Initiatives
ProductVersion: 9.4.3.7
Translation: 0x0409 0x04b0

Malware.AI.1130952915 also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKDZ.77047
CAT-QuickHeal	Trojan.AgentRI.S21088369
McAfee	GenericRXAA-FA!2F0EF34C64EE
Cylance	Unsafe
Sangfor	Trojan.Win32.Sabsik.FL
BitDefenderTheta	Gen:NN.ZexaE.34294.eu0@aOmg7zwi
Cyren	W32/Trojan.GJQ.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
TrendMicro-HouseCall	TROJ_GEN.R002H0CJ221
Paloalto	generic.ml
ClamAV	Win.Trojan.Trojanx-9870716-0
BitDefender	Trojan.GenericKDZ.77047
Avast	Win32:TrojanX-gen [Trj]
Ad-Aware	Trojan.GenericKDZ.77047
Emsisoft	Trojan.GenericKDZ.77047 (B)
McAfee-GW-Edition	Artemis!Trojan
FireEye	Trojan.GenericKDZ.77047
Sophos	Mal/Generic-S
APEX	Malicious
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Trojan.GenericKDZ.77047
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win.Generic.C4493311
ALYac	Trojan.GenericKDZ.77047
MAX	malware (ai score=89)
Malwarebytes	Malware.AI.1130952915
Rising	Trojan.Generic@ML.83 (RDML:Sa9Lvlt7eim4l7v5XnXrkQ)
Fortinet	W32/Graftor.960668!tr
AVG	Win32:TrojanX-gen [Trj]
MaxSecure	Trojan.Malware.82199810.susgen

How to remove Malware.AI.1130952915?

Malware.AI.1130952915 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X