How to remove “Malware.AI.2586580012”?

The Malware.AI.2586580012 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2586580012 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine Malware.AI.2586580012?


File Info:
name: 181C0F77AB225483676D.mlw
path: /opt/CAPEv2/storage/binaries/c1ffe0b168d6e6dfb2ad39361a045d3e4b4dfc32f2aca4c6797c612725bb0b87
crc32: 809F0486
md5: 181c0f77ab225483676d79846e14e7b2
sha1: 52a2e82863823ce17fcb245a662fbc3e3dd91f9a
sha256: c1ffe0b168d6e6dfb2ad39361a045d3e4b4dfc32f2aca4c6797c612725bb0b87
sha512: 49f7ddc99d2038f123c0403476967758e0559baa66a625b93760cbec7895273a0b4339975ce1b9784d3988d7fedd0ab57159d2a55c64a942ac47e5fe4ea1f31e
ssdeep: 768:abUsjmQsl9lUHwVNbgG8T/LCKR12/FMoOShZeGRh:abUdQoNU2NMcJ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14D53410326DD6EC6E6BD4771377247C4D3B9EE094132E60E2D89605C9CBD243BA927E2
sha3_384: 1824c0ccaa362b184f8a8b42a5d7585344abe06bf4dceb75482ec6a944d2ffeb354ee988c9d7dcedeae6a6c0d34bc6f3
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-09-28 17:32:31

Version Info:
Translation: 0x0000 0x04b0
Comments: Demonstration of RS232 interfacing with VB.Net
FileDescription: VB.Net Moasis GUI
FileVersion: 1.24.0.0
InternalName: Zeltiq - Main Env Chamber Shell 12P1.exe
LegalCopyright:  
OriginalFilename: Zeltiq - Main Env Chamber Shell 12P1.exe
ProductVersion: 1.24.0.0
Assembly Version: 1.24.0.0

Malware.AI.2586580012 also known as:

Lionic	Trojan.MSIL.SpyGate.m!c
MicroWorld-eScan	Gen:Variant.Razy.718972
FireEye	Generic.mg.181c0f77ab225483
ALYac	Gen:Variant.Razy.718972
Cylance	Unsafe
Zillya	Backdoor.SpyGate.Win32.5213
Sangfor	Backdoor.MSIL.SpyGate.afdu
Alibaba	Backdoor:MSIL/SpyGate.c1d3b9f9
Cybereason	malicious.7ab225
BitDefenderTheta	Gen:NN.ZemsilF.34294.dm0@aibCrZi
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Generik.JPFLNZT
TrendMicro-HouseCall	TROJ_GEN.R002C0WH221
Paloalto	generic.ml
Kaspersky	Backdoor.MSIL.SpyGate.afdu
BitDefender	Gen:Variant.Razy.718972
NANO-Antivirus	Trojan.Win32.SpyGate.ixsbzq
Avast	Win32:Malware-gen
Ad-Aware	Gen:Variant.Razy.718972
Sophos	Mal/Generic-S
Comodo	Malware@#5yfkpoiqf7sl
TrendMicro	TROJ_GEN.R002C0WH221
McAfee-GW-Edition	RDN/Generic PWS.y
Emsisoft	Gen:Variant.Razy.718972 (B)
APEX	Malicious
Avira	BDS/SpyGate.knmjw
Antiy-AVL	Trojan/Generic.ASMalwS.28BF703
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.Razy.718972
AhnLab-V3	Trojan/Win32.SpyGate.R245816
McAfee	RDN/Generic PWS.y
VBA32	TScope.Trojan.MSIL
Malwarebytes	Malware.AI.2586580012
Tencent	Msil.Backdoor.Spygate.Dwjs
Yandex	Backdoor.SpyGate!1+5S6YA12tM
Ikarus	Backdoor.SpyGate
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/SpyGate.AFDU!tr.bdr
AVG	Win32:Malware-gen
Panda	Trj/GdSda.A

How to remove Malware.AI.2586580012?

Malware.AI.2586580012 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X