Should I remove “Malware.AI.3185368688”?

The Malware.AI.3185368688 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3185368688 virus can do?

The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.3185368688?


File Info:
name: 228171C20A571720C3D5.mlw
path: /opt/CAPEv2/storage/binaries/e04bef43e0611e4d62e85f047a4d068d83e04340efd3954d2091d7cc482e1212
crc32: 00F1C97E
md5: 228171c20a571720c3d56a6d72c64679
sha1: d687fcfe8f0a8219a27ed82109927adfcf892b93
sha256: e04bef43e0611e4d62e85f047a4d068d83e04340efd3954d2091d7cc482e1212
sha512: b13b4476817687ca76dbfd7a1a66487751d1ddd04f929ce414b2953f8ca46691b8e97d8381ebd44ca20462adde0ec83fbab2695c04288db3ed714f4f681d905c
ssdeep: 49152:pNNjBc8iIfteliiWHbG1egChUCi49ZZPx3WG4x5480uvpMOFDp+RzJ1mv8MwzF3:pNRa8JtyCC1zaUCRZJ2B/D0Rj2twJ3
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F2E52300F5C54572D8321A31893DB731A9BBB9204F249ECF63F85A79AD726D2B530B63
sha3_384: 62625ada3e773ef6dc6991a6eaa77b9ec64720c737844c28213d5f78a6648588edca4ed17d79dbaec0eecb1fd302687c
ep_bytes: e884040000e988feffff3b0d68d64300
timestamp: 2020-06-25 10:38:24

Version Info:
Comments: Based on the original Media Player Classic v6.4.9.0 © Gabest
CompanyName: MPC-HC Team
FileDescription: MPC-HC
FileVersion: 1.9.6 (0bd59bea7)
InternalName: mpc-hc
LegalCopyright: Copyright 2002-2020 all contributors, see Authors.txt
OriginalFilename: mpc-hc.exe
ProductName: MPC-HC
ProductVersion: 1.9.6 (0bd59bea7)
Translation: 0x0409 0x04b0

Malware.AI.3185368688 also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.PowerShell.Agent.4!c
DrWeb	Trojan.DownLoader35.34504
MicroWorld-eScan	Gen:Variant.Graftor.942942
FireEye	Generic.mg.228171c20a571720
ALYac	Gen:Variant.Graftor.942942
Cylance	Unsafe
Sangfor	Trojan.Powershell.Agent.ky
K7AntiVirus	Trojan ( 0056c22e1 )
Alibaba	Trojan:Script/PSLoader.220b7fe4
K7GW	Trojan ( 0056c22e1 )
Cybereason	malicious.20a571
Cyren	Trojan.ILGG-0
Symantec	Trojan.Gen.2
ESET-NOD32	VBS/Agent.NMR
APEX	Malicious
Avast	VBS:Dropper-QD [Trj]
ClamAV	Win.Malware.Generic-9869674-0
Kaspersky	UDS:Trojan.PowerShell.Agent
BitDefender	Gen:Variant.Graftor.942942
NANO-Antivirus	Trojan.Win32.Dwn.ivzumi
Ad-Aware	Gen:Variant.Graftor.942942
Emsisoft	Gen:Variant.Graftor.942942 (B)
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Dropper.vc
Sophos	Generic PUA NG (PUA)
Paloalto	generic.ml
GData	Gen:Variant.Graftor.942942
Avira	TR/AD.PSLoader.jtxjt
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 99)
McAfee	Artemis!228171C20A57
MAX	malware (ai score=84)
VBA32	Trojan.Downloader
Malwarebytes	Malware.AI.3185368688
TrendMicro-HouseCall	TROJ_GEN.R03BH0CF321
Tencent	Win32.Trojan.Graftor.Hprt
MaxSecure	Trojan.Malware.1207211.susgen
Fortinet	VBS/Agent.OQZ!tr
AVG	VBS:Dropper-QD [Trj]

How to remove Malware.AI.3185368688?

Malware.AI.3185368688 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X