Should I remove “Malware.AI.3491380844”?

The Malware.AI.3491380844 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3491380844 virus can do?

Sample contains Overlay data
Reads data out of its own binary image
Authenticode signature is invalid

How to determine Malware.AI.3491380844?


File Info:
name: EA1E347CEBF2CE996DAC.mlw
path: /opt/CAPEv2/storage/binaries/d48e2a3a72b26f55f1df132b5a00559cfd64d8daa8f56b25abaf1a1703e107fd
crc32: 3377E177
md5: ea1e347cebf2ce996dac2a51c657208f
sha1: 9afecca5d4fc7bbe317a8df2a39495ffaa74f011
sha256: d48e2a3a72b26f55f1df132b5a00559cfd64d8daa8f56b25abaf1a1703e107fd
sha512: 00abe5cecff6429aee31863a8162db2d202be8ccd5f797c9a3b1ad22d41b6e185f1e27e5b3469b20b031781d9375cb4be57716bf505b257f65ab9d8ffedafad8
ssdeep: 49152:Ahr9xHOLYRKJ5SmoaxvnoEo+eNK0C5p604S21FtZtCLkM:crPbRwSRaxvy7NC5p6UoFtZtkkM
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A6953313BFD4CB7BE049123805A7C7BF8B70DB6E614B150702805EAFA8B93516D7BA25
sha3_384: d21a352f1b84e188338923953589dc7c2eb469e0c2bdc2c59462a0e6c20d7c5b6abcb1ad2af257521688acaadb05fdae
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-06-06 21:41:59

Version Info:
0: [No Data]

Malware.AI.3491380844 also known as:

Lionic	Riskware.Win32.PSWTool.1!c
DrWeb	Trojan.PWS.Siggen2.37293
CAT-QuickHeal	Trojan.Ditertag
Skyhigh	BehavesLike.Win32.PUP.tc
Cylance	unsafe
Zillya	Tool.MPR.Win32.406
Sangfor	Infostealer.Win32.Mpr.Vrg0
K7AntiVirus	Trojan ( 7000000f1 )
K7GW	Trojan ( 7000000f1 )
VirIT	Trojan.Win32.Generic.CBEI
Symantec	MultiPassRecover
ESET-NOD32	a variant of Win32/MultiPasswordRecovery.A potentially unsafe
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	not-a-virus:PSWTool.Win32.MPR.df
NANO-Antivirus	Trojan.Win32.TrjGen.edtong
F-Secure	PrivacyRisk.SPR/PSW.Gen
TrendMicro	TSPY_LDPINCH.CGT
Sophos	MultiPasswordRecovery (PUA)
Ikarus	Trojan-PWS.Win32.LdPinch
Jiangmin	PSWTool.MPR.d
Webroot	W32.Malware.Gen
Google	Detected
Avira	SPR/PSW.Gen
Antiy-AVL	Trojan[PSWTool]/Win32.MPR
Xcitium	ApplicUnsaf@#oe7w6c1i15pg
ViRobot	PSWTool.MPR.1973961
ZoneAlarm	not-a-virus:HEUR:PSWTool.Win32.Generic
Microsoft	Trojan:Win32/Wacatac.B!ml
Varist	W32/Trojan.LZPF-7615
AhnLab-V3	Trojan/Win32.LdPinch.C203725
McAfee	Artemis!EA1E347CEBF2
Malwarebytes	Malware.AI.3491380844
Panda	Trj/CI.A
TrendMicro-HouseCall	TSPY_LDPINCH.CGT
Rising	Malware.Heuristic!ET#94% (CLOUD)
Yandex	Riskware.Agent!XvMNkqGFEZg
Fortinet	Riskware/MPR
DeepInstinct	MALICIOUS

How to remove Malware.AI.3491380844?

Malware.AI.3491380844 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X