Malware.AI.2046850137 removal tips

The Malware.AI.2046850137 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2046850137 virus can do?

Behavioural detection: Executable code extraction – unpacking
Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.2046850137?


File Info:
name: 000645906D38EF9AF989.mlw
path: /opt/CAPEv2/storage/binaries/c1475012f9d363cc8feab48a67b4283f738edccff3c3335c224208cd6389b3ea
crc32: 71EB07B7
md5: 000645906d38ef9af98955d4813c5920
sha1: 1379a488f0b79afa7a2792eff5928378ab471c4b
sha256: c1475012f9d363cc8feab48a67b4283f738edccff3c3335c224208cd6389b3ea
sha512: 9d5cdbd1a54c28de9a432a30543826b1d3e3b63d390dc8a9f65bcf62fd90975067a7e736b3fb2a9d0e3bc58a89b33e689dbff67313b333816d00e128b8c5957f
ssdeep: 12288:oSxG+c5888888888888W88888888888lI9N3q/D4uzFV3kOCQECOVaUK5QBbdnrG:XxGVIr3oBzFV0fQLxEF0mVg
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T184D49E23F3C24472E0611A7CCC26E184AE2BBD612EF5655A3EF8DE4C5E396815C79393
sha3_384: 9e568ec883f4be8b2eeb49a161fc3c888ddfcc6c733ee33e9e6bee350b3e195800d5043638ebecf596e69afce7b087bd
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2014-07-09 07:58:13

Version Info:
Comments: This installation was built with Inno Setup.
CompanyName: 极速压缩                                                        
FileDescription: 极速压缩快速智能的压缩软件                                               
FileVersion: 2015.0805.1637.27   
LegalCopyright: Copyright © 2012-2015 极速压缩, Inc.                                                                    
ProductName: 极速压缩                                                        
ProductVersion: 1.0                                               
Translation: 0x0000 0x04b0

Malware.AI.2046850137 also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (moderate confidence)
ClamAV	Win.Trojan.Trojanx-9992287-0
FireEye	Generic.mg.000645906d38ef9a
Skyhigh	BehavesLike.Win32.Obfuscated.hh
McAfee	Artemis!000645906D38
Malwarebytes	Malware.AI.2046850137
Zillya	Trojan.Agent.Win32.1302276
CrowdStrike	win/grayware_confidence_100% (W)
APEX	Malicious
Sophos	Generic ML PUA (PUA)
Ikarus	Trojan.Win32.Genome
Antiy-AVL	Trojan/Win32.BTSGeneric
Xcitium	Malware@#33vhnalb06dmt
Microsoft	Trojan:Win32/Ymacco.AAC1
ViRobot	Trojan.Win32.Z.Agent.607919
Varist	W32/Trojan.PGQD-7356
AhnLab-V3	PUP/Win32.Adload.R162255
MAX	malware (ai score=95)
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H06E823
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.8823615.susgen
Fortinet	W32/Multidr.JD!tr
Cybereason	malicious.8f0b79
DeepInstinct	MALICIOUS

How to remove Malware.AI.2046850137?

Malware.AI.2046850137 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X