What is “Malware.AI.2926217831”?

The Malware.AI.2926217831 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2926217831 virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Malware.AI.2926217831?


File Info:
name: E43138E805720932828E.mlw
path: /opt/CAPEv2/storage/binaries/7d0d2525b1cf68c5b2bef00dcc03bfd0c634e6674f2772751a87d857e3c59872
crc32: FACF166E
md5: e43138e805720932828e2df472106311
sha1: 9cfa906dff8113c13563b73d85cb2bc4d692013e
sha256: 7d0d2525b1cf68c5b2bef00dcc03bfd0c634e6674f2772751a87d857e3c59872
sha512: 9ca4df329af31f196f8bd22b6a8580ab2926e64692b94a22c68cd44453b21a026b2d40523b1c61aaef4bb6149a59c732ac8dc2d98659132f303c16a180ff57da
ssdeep: 49152:NvyhW5LlCSvhobxYJ4RHA05A48vuUInOMK9f5hZ5HgYkLLqwS:oovhTwbA4YuUIOMAfZ5HgYm
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19FA58D2137C18076D6A335759E5EA37DA1A9E6305B3482C7A2801F3D2E355D3BA3C62F
sha3_384: da7d61cb5bc0e4153b21f5a94f48fe870875320229e29a318006d34dfd3ed34ba5f67a083cc233d6262333f25493bbdd
ep_bytes: e8db830000e979feffff3b0db0dc5d00
timestamp: 2020-07-17 05:14:07

Version Info:
CompanyName: Internet Medietack Regstry Company
FileDescription: Medietack Regstry Water
FileVersion: 2.3.7.5
InternalName: SCmabmFrante.exe
LegalCopyright: (C)Internet Medietack Regstry Company 保留所有权利。
OriginalFilename: SCmabmFrante.exe
ProductName: SCmabm Frante Regstry Water
ProductVersion: 2.3.7.5
Translation: 0x0804 0x03a8

Malware.AI.2926217831 also known as:

Lionic	Adware.Win32.KuwanBar.2!c
MicroWorld-eScan	Gen:Variant.Johnnie.299081
FireEye	Gen:Variant.Johnnie.299081
McAfee	Artemis!E43138E80572
Cylance	Unsafe
Zillya	Tool.YouXun.Win32.1532
Sangfor	Adware.Win32.KuwanBar.gen
K7AntiVirus	Riskware ( 005571cf1 )
Alibaba	AdWare:Win32/KuwanBar.b93da07d
K7GW	Riskware ( 005571cf1 )
Cybereason	malicious.805720
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/RiskWare.YouXun.AC
APEX	Malicious
Avast	Win32:Adware-gen [Adw]
Kaspersky	not-a-virus:HEUR:AdWare.Win32.KuwanBar.gen
BitDefender	Gen:Variant.Johnnie.299081
Tencent	Uw:RiskWare.Win32.DDLives.wb
Ad-Aware	Gen:Variant.Johnnie.299081
Sophos	Generic PUA JM (PUA)
TrendMicro	TROJ_GEN.R03FC0WKS21
McAfee-GW-Edition	BehavesLike.Win32.PUP.vh
Emsisoft	Gen:Variant.Johnnie.299081 (B)
GData	Gen:Variant.Johnnie.299081
Jiangmin	AdWare.KuwanBar.bq
Antiy-AVL	Trojan/Generic.ASMalwS.34E406A
Gridinsoft	Ransom.Win32.Wacatac.sa
Microsoft	PUA:Win32/Bitrepeyp.B
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Johnnie.299081
MAX	malware (ai score=82)
VBA32	Adware.KuwanBar
Malwarebytes	Malware.AI.2926217831
TrendMicro-HouseCall	TROJ_GEN.R03FC0WKS21
Rising	Adware.YouXun!1.D190 (CLOUD)
Yandex	PUA.KuwanBar!HNX2r68Pm4Q
MaxSecure	Trojan.Malware.79570637.susgen
Fortinet	Riskware/YouXun
AVG	Win32:Adware-gen [Adw]
Panda	Trj/GdSda.A

How to remove Malware.AI.2926217831?

Malware.AI.2926217831 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X