Malware

Malware.AI.2704589606 removal

Malware Removal

The Malware.AI.2704589606 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Malware.AI.2704589606 virus can do?

  • Attempts to connect to a dead IP:Port (33 unique times)
  • Reads data out of its own binary image
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Exhibits possible ransomware file modification behavior

Related domains:

www.bestoffersnetworks.com
www.yimuw197.xyz
s9.cnzz.com
ocsp.globalsign.com
ocsp2.globalsign.com
crl.globalsign.com
z12.cnzz.com
c.cnzz.com
www.govhechi.cn
wqec3r.com
xa8mbv.com
kvemm.com
kvecc.com
kvezz.com
kveaa.com
3338632.com
3338655.com
8882915.com
3337192.com
3338653.com
3332112.com
img.123456img.com
s4.cnzz.com
ocsp.digicert.com
statuse.digitalcertvalidation.com
crt.sectigo.com
crt.usertrust.com
z3.cnzz.com
8.t-s-s.cn
hm.baidu.com
fmtu.netfhtu.com
ocsp.comodoca.com
ocsp.usertrust.com
ocsp.sectigo.com

How to determine Malware.AI.2704589606?


File Info:

crc32: FD3A99C9
md5: e8a1a51ed68d3d68fc769a0bb6587109
name: E8A1A51ED68D3D68FC769A0BB6587109.mlw
sha1: 26d90018cbfe4ceab86c0587e13e7942c85dc0b5
sha256: b7240ba1d1bc6a2830b7a29bc5b25cbb598e1819bc919310732162ab1f5c2919
sha512: e0b343126a4f0837ebf1f325651081a9c9329fa504d6c5c3512aafbc8a7f80fdbffd865b874c8d433cc2019beaec79bf42d4114adb27b0fb3de7a12d4c9ed0d0
ssdeep: 1536:JIdjZ7vxGQ8I6MlXnPBIGrXy2q9/CerXlxLKMj8/58lG4l:mjZrxGvW/BNrU/CyXiV/r4
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

ProductVersion: 2, 0, 1, 3
PrivateBuild: A
SpecialBuild: A
FileVersion: 2, 0, 1, 3
FileDescription: The Best Offers
Translation: 0x0409 0x04e4

Malware.AI.2704589606 also known as:

LionicAdware.Win32.BetterInternet.kZEh
Elasticmalicious (high confidence)
DrWebAdware.BetterInternet
ALYacMemScan:Adware.Betterinternet.BD
CylanceUnsafe
SangforSuspicious.Win32.Save.a
AlibabaAdWare:Win32/BetterInternet.11ebca98
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
CyrenW32/BetterI.gen
SymantecAdware.Aurora
APEXMalicious
AvastWin32:MalOb-BT [Cryp]
CynetMalicious (score: 100)
Kasperskynot-a-virus:AdWare.Win32.BetterInternet.bd
BitDefenderMemScan:Adware.Betterinternet.BD
NANO-AntivirusTrojan.Win32.BetterInternet.bsjqch
MicroWorld-eScanMemScan:Adware.Betterinternet.BD
Ad-AwareMemScan:Adware.Betterinternet.BD
SophosMal/Packer
ComodoPacked.Win32.MUPX.Gen@24tbus
BitDefenderThetaAI:Packer.04A01A8D1F
VIPREABetterInternet.Aurora (v)
TrendMicroAdware_AbetterInternet
McAfee-GW-EditionBehavesLike.Win32.Generic.mc
FireEyeGeneric.mg.e8a1a51ed68d3d68
EmsisoftMemScan:Adware.Betterinternet.BD (B)
SentinelOneStatic AI – Malicious PE
JiangminAdWare/BetterInternet.ji
WebrootW32.Malware.Gen
AviraTR/Crypt.ULPM.Gen
Antiy-AVLTrojan/Generic.ASMalwS.97A0C
KingsoftWin32.Troj.BetterIntern.bd.(kcloud)
MicrosoftTrojan:Win32/Wacatac.A!ml
SUPERAntiSpywareAdware.Best Offers Network
ZoneAlarmPacked.Multi.SuspiciousPacker.gen
GDataMemScan:Adware.Betterinternet.BD
AhnLab-V3Trojan/Win32.Clicker.C57854
McAfeeAdware-abetterintrnt.l.gen.a
MAXmalware (ai score=100)
VBA32AdWare.Win32.BetterInternet.c
MalwarebytesMalware.AI.2704589606
PandaTrj/Genetic.gen
TrendMicro-HouseCallAdware_AbetterInternet
RisingHack.Anti.Win32.Agent.k (CLASSIC)
YandexAdware.BetterInternet!mX0qgPqn5Gc
Ikarusnot-a-virus:AdWare.Win32.BetterInternet
FortinetAdware/BetterInternet
AVGWin32:MalOb-BT [Cryp]
Paloaltogeneric.ml

How to remove Malware.AI.2704589606?

Malware.AI.2704589606 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment