Malware.AI.1865786449 removal guide

The Malware.AI.1865786449 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1865786449 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Malware.AI.1865786449?


File Info:
name: 3DDC078F765BE3DE995A.mlw
path: /opt/CAPEv2/storage/binaries/a63ce896e8cc59ec26db129c8abfd67f8a15b2a647dfd2736679d5024bf106b1
crc32: 7383AA34
md5: 3ddc078f765be3de995ac27f4847e040
sha1: 18c8eed689b0f5b95ac42108c22e1324feff844e
sha256: a63ce896e8cc59ec26db129c8abfd67f8a15b2a647dfd2736679d5024bf106b1
sha512: f0c948f262af95685440d0f652a7e7ec805f6d349f6890709b7aeb1f416458b9cfd0ed6b6584e9d73680c6b5ef8671147ec187ac228963aa8393427a6228c33e
ssdeep: 3072:CSYpgADPXh9gHAQwBMDPg7B4cdo2BOfQ9FsV:CSYpt/UUMDP04vI
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T122F3F809239C52E1F5AF867EE0AE2032DFB0F13A95D1F70A38C994961992796DF43353
sha3_384: 65cfa8e02c73a495ef01297bb51ac8472dc8da680d724a80ea5e700a5045d13230f371168d021100fa06167589827fa9
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-02-10 18:57:53

Version Info:
Translation: 0x0000 0x04b0
Comments: PointBlank Battle
CompanyName: MoMz Games
FileDescription: PBServer Battle
FileVersion: 2.1.3.0
InternalName: pbserver_battle.exe
LegalCopyright: Copyright © MoMz Games 2018
LegalTrademarks: 
OriginalFilename: pbserver_battle.exe
ProductName: PBServer
ProductVersion: 2.1.3.0
Assembly Version: 1.0.0.41336

Malware.AI.1865786449 also known as:

Lionic	Trojan.Win32.Zilla.4!c
Cynet	Malicious (score: 99)
FireEye	IL:Trojan.MSILZilla.11706
McAfee	RDN/Generic PWS.y
K7AntiVirus	Password-Stealer ( 0058b67f1 )
Alibaba	Trojan:MSIL/Generic.62bbfbdf
K7GW	Password-Stealer ( 0058b67f1 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/PSW.OnLineGames.CGA
TrendMicro-HouseCall	TROJ_GEN.R03BC0PAS22
BitDefender	IL:Trojan.MSILZilla.11706
MicroWorld-eScan	IL:Trojan.MSILZilla.11706
Avast	Win32:Trojan-gen
Emsisoft	IL:Trojan.MSILZilla.11706 (B)
Zillya	Trojan.OnLineGames.Win32.246284
TrendMicro	TROJ_GEN.R03BC0PAS22
McAfee-GW-Edition	RDN/Generic PWS.y
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.PSW
Avira	TR/PSW.OnlineGames.jkrfv
MAX	malware (ai score=85)
Antiy-AVL	Trojan/Generic.ASMalwS.351419D
Gridinsoft	Ransom.Win32.Wacatac.sa
Microsoft	Trojan:Win32/Wacatac.B!ml
ViRobot	Trojan.Win32.Z.Win.169984
GData	IL:Trojan.MSILZilla.11706
AhnLab-V3	Trojan/Win.PWS.C4870865
ALYac	IL:Trojan.MSILZilla.11706
Malwarebytes	Malware.AI.1865786449
APEX	Malicious
Fortinet	MSIL/Onlinegames.CGA!tr.pws
AVG	Win32:Trojan-gen

How to remove Malware.AI.1865786449?

Malware.AI.1865786449 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X