How to remove “Malware.AI.2653147699”?

The Malware.AI.2653147699 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2653147699 virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.2653147699?


File Info:
name: 415F2A4FA871A2B6C6EA.mlw
path: /opt/CAPEv2/storage/binaries/6fd8606b2e3283e2ac5278985bef096afe55f8389f3a196350f40ac472e22f46
crc32: 1E13DC33
md5: 415f2a4fa871a2b6c6ea9b2572d5acbd
sha1: a4394c252feb299dd475510e20216cf3b4592887
sha256: 6fd8606b2e3283e2ac5278985bef096afe55f8389f3a196350f40ac472e22f46
sha512: faa31bdf4f59f17fa395758260f1d4d40971e2f84c48c73d93a96784594c77f38eb3edab70d347c7fff369399dbd10a3793cceafda7efdc64ee894af5d70e4d9
ssdeep: 49152:GZUVmj317F20Z2br3c9+51mym8wAXxKclOcSK0FyRDWiYx+9aZ6:RO317UM2H9hKcYZK0FyR7YZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T136F58D0272C1A532E1EB56F1A1BB873AE7BAFA824333C7CF1558996C0D757944D313A2
sha3_384: fd849698fe6fdb72a532a4b8a3c3752bc154b4102557d673bcf973fae138f1a6759c8e9ffa6a6dc0c1fb803fcd630bfd
ep_bytes: 6a6068987a4200e80d340000bf940000
timestamp: 2001-02-16 11:59:57

Version Info:
CompanyName: Electronic Arts, Inc.
FileDescription: Uninstall
FileVersion: 1.1.42.1
InternalName: eauninstall7.exe
LegalCopyright: (c) 2002 Electronic Arts, Inc.  All rights reserved.
OriginalFilename: eauninstall7.exe
ProductName: EA Uninstall
ProductVersion: 1.1.42.1
Translation: 0x0409 0x04e4

Malware.AI.2653147699 also known as:

Lionic	Trojan.Win32.Virut.4!c
MicroWorld-eScan	Trojan.GenericKD.70246052
Skyhigh	Artemis!Virus
Cylance	unsafe
VIPRE	Trojan.GenericKD.70246052
Sangfor	Trojan.Win32.Virut.Vjrg
Alibaba	Virus:Win32/Virut.98e8e2f3
CrowdStrike	win/malicious_confidence_100% (W)
Arcabit	Trojan.Generic.D42FDEA4
Symantec	W32.Virut.CF
Elastic	malicious (high confidence)
ESET-NOD32	Win32/Virut.NBP
Cynet	Malicious (score: 100)
APEX	Malicious
BitDefender	Trojan.GenericKD.70246052
Avast	Win32:Vitro [Inf]
Tencent	Virus.Win32.Virut.ua
Sophos	Mal/Generic-S
Baidu	Win32.Virus.Virut.gen
TrendMicro	TROJ_GEN.R002C0OKF23
Emsisoft	Trojan.GenericKD.70246052 (B)
Ikarus	Virus.Win32.Virut
Jiangmin	Win32/Virut.bv
Varist	W32/SuspPack.FW.gen!Eldorado
Antiy-AVL	Virus/Win64.Expiro.rsrc
Microsoft	Program:Win32/Wacapew.C!ml
GData	Trojan.GenericKD.70246052
Google	Detected
ALYac	Trojan.GenericKD.70246052
Malwarebytes	Malware.AI.2653147699
TrendMicro-HouseCall	TROJ_GEN.R002C0OKF23
Rising	Virus.Virut!8.44 (CLOUD)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.220520032.susgen
Fortinet	W32/CoinMiner.F
AVG	Win32:Vitro [Inf]
Cybereason	malicious.52feb2
DeepInstinct	MALICIOUS

How to remove Malware.AI.2653147699?

Malware.AI.2653147699 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X