Should I remove “Malware.AI.1304315648”?

Malware Removal

The Malware.AI.1304315648 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Malware.AI.1304315648 virus can do?

  • Attempts to restart the guest VM
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Malware.AI.1304315648?


File Info:

crc32: A8179B18
md5: 18eef64dd52de0f9f5d5a7930b66a30a
name: 18EEF64DD52DE0F9F5D5A7930B66A30A.mlw
sha1: f3e03a2a65fca08719b1852c3e46cc53396eff4a
sha256: 95ecfcce4ea0f2d92a0833bc561842615d8b0840b8e3c7e244739d828a292f87
sha512: 0c3044b94ca980ec1338cab4b8b61858c1e4fb67806b0870af56e4bada230480017aaa8f6c5deaf310e45a85eb24693c383a3b62abeea054d4c9b97498680976
ssdeep: 768:pyLqzcQ8zwtHEBbGoaPbs9IKRQ5qo2GLQdJAE4ztOyjg5YhtKO+:gLqzcQ5kJxWpKRfzdJAIyjg5eKp
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: xcopy
FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
CompanyName: Microsoft Corporation
ProductName: Microsoftxae Windowsxae Operating System
ProductVersion: 10.0.19041.1
FileDescription: Extended Copy Utility
OriginalFilename: XCOPY.EXE
Translation: 0x0409 0x04b0

Malware.AI.1304315648 also known as:

K7AntiVirusTrojan ( 0057c2901 )
Elasticmalicious (high confidence)
DrWebTrojan.Siggen8.23112
CynetMalicious (score: 99)
CAT-QuickHealRansom.MazeIH.S12850715
ALYacGen:Trojan.Heur.dG0@rqGC9Soi
CylanceUnsafe
K7GWTrojan ( 0057c2901 )
Cybereasonmalicious.dd52de
ESET-NOD32a variant of Win32/KillMBR.NDS
APEXMalicious
AvastMBR:CoViper-A [Trj]
ClamAVWin.Dropper.Tiggre-7061386-1
KasperskyHEUR:Trojan.Win32.KillMBR.gen
BitDefenderGen:Trojan.Heur.dG0@rqGC9Soi
NANO-AntivirusTrojan.Win32.DiskWriter.fjkdpb
MicroWorld-eScanGen:Trojan.Heur.dG0@rqGC9Soi
TencentMalware.Win32.Gencirc.10ce3cd4
Ad-AwareGen:Trojan.Heur.dG0@rqGC9Soi
SophosML/PE-A
ComodoTrojWare.Win32.Spy.Banker.Gen@1qlojk
BitDefenderThetaAI:Packer.15F91DB11C
TrendMicroTrojan.Win32.KILLMBR.SMTHOR
FireEyeGen:Trojan.Heur.dG0@rqGC9Soi
EmsisoftGen:Trojan.Heur.dG0@rqGC9Soi (B)
JiangminTrojan.DiskWriter.jo
AviraDR/Delphi.Gen
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Generic.ASMalwS.2A17B01
MicrosoftTrojan:Win32/KillMBR.G!MTB
ArcabitTrojan.Heur.EA1A45
ZoneAlarmHEUR:Trojan.Win32.KillMBR.gen
GDataGen:Trojan.Heur.dG0@rqGC9Soi
MAXmalware (ai score=82)
VBA32BScope.Trojan.DiskWriter
MalwarebytesMalware.AI.1304315648
PandaTrj/GdSda.A
TrendMicro-HouseCallTrojan.Win32.KILLMBR.SMTHOR
RisingMalware.Heuristic!ET#92% (RDMK:cmRtazreSlDT3+0v75WZJ3KHJnk0)
YandexTrojan.GenAsa!lX/idzb9k7U
IkarusTrojan.Win32.KillMBR
FortinetW32/KillMBR.NDS!tr
AVGMBR:CoViper-A [Trj]

How to remove Malware.AI.1304315648?

Malware.AI.1304315648 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment