How to remove "Malware.AI.3416346225"?

The Malware.AI.3416346225 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Malware.AI.3416346225 virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (2 unique times)
Creates RWX memory
Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
Reads data out of its own binary image
Drops a binary and executes it
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
Queries information on disks, possibly for anti-virtualization
Creates a copy of itself
Uses suspicious command line tools or Windows utilities

Related domains:

api.ip138.com

tj.jdlook.com

dwonload.sz-qudou.net

How to determine Malware.AI.3416346225?


File Info:
crc32: 81FC2314
md5: bf9bdc9555b5ba89b4a17641dbac68ea
name: BF9BDC9555B5BA89B4A17641DBAC68EA.mlw
sha1: 6ccedfdd4d460a8d6e2734d49458e01dc7f83db8
sha256: 238b28ff3d423fb3d1cc3df0a8c663b1433eea4cb7c12912b5494cc2580e75de
sha512: fffc5580efbf49517fd9d9c7b74849b841e03fe1e4b56461edf4eeab36a1ea6167f1c83abe16e7757d06e48f4b753b5e83a197eaaf682f7d87c99b9abd4365a0
ssdeep: 24576:EXle6icxeTycrB5Y23AVpgvBUxJN530O42+Qj3Ssl3WO3LfOtPmnJfHahy8BHHAS:An9xeTycbY23W990z2+YpjiP2f6VBHHJ
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright (C) 2018
InternalName: x6781x901fx4e0bx8f7dx5668
CompanyName: x6781x901fx4e0bx8f7dx5668
ProductName: x6781x901fx4e0bx8f7dx5668
ProductVersion: 1,2,3,18908
FileDescription: x6781x901fx4e0bx8f7dx5668
OriginalFilename: Setup.exe
Translation: 0x0804 0x04b0

Malware.AI.3416346225 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Adware ( 0053e9eb1 )
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader27.6939
Cynet	Malicious (score: 100)
CAT-QuickHeal	PUA.Bundler.S3936668
Cylance	Unsafe
K7GW	Adware ( 0053e9eb1 )
Cybereason	malicious.d4d460
Cyren	W32/S-623a050e!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Softcnapp.AN potentially unwanted
APEX	Malicious
Avast	Win32:AdwareX-gen [Adw]
ClamAV	Win.Malware.Softcnapp-6940714-0
Kaspersky	HEUR:Trojan.Win32.Generic
NANO-Antivirus	Trojan.Win32.Mlw.fipbtx
Tencent	Malware.Win32.Gencirc.10b3fcda
Sophos	Mal/Generic-S
Comodo	Application.Win32.AdWare.Softcnapp.H@7x5l7p
BitDefenderTheta	Gen:NN.ZexaF.34294.Tz3@aOoKVBhj
McAfee-GW-Edition	BehavesLike.Win32.Generic.tc
FireEye	Generic.mg.bf9bdc9555b5ba89
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Generic.cqjhm
Avira	ADWARE/Adware.Gen7
Antiy-AVL	Trojan/Generic.ASMalwS.282B0EF
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Trojan:Win32/Skeeyah.A!rfn
Acronis	suspicious
McAfee	GenericRXGO-EO!BF9BDC9555B5
VBA32	BScope.Trojan.Downloader
Malwarebytes	Malware.AI.3416346225
Panda	Trj/Genetic.gen
Rising	Trojan.Generic@ML.100 (RDML:gbt2/AvqJekq7WnV6uSRVw)
Yandex	Trojan.GenAsa!T2hgklBBNow
Ikarus	Trojan.Win32.Krypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Symmi.CD14!tr
AVG	Win32:AdwareX-gen [Adw]
Paloalto	generic.ml

How to remove Malware.AI.3416346225?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

How to remove “Malware.AI.3416346225”?