Malware.AI.3521218158 removal instruction

The Malware.AI.3521218158 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3521218158 virus can do?

Presents an Authenticode digital signature
Dynamic (imported) function loading detected
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Malware.AI.3521218158?


File Info:
name: 4722BAC3122F3FA0A56A.mlw
path: /opt/CAPEv2/storage/binaries/dff36070bd48da81c67dfb742f5f3c4c5e0be3aa4606cd43562b9b2bb1b3b5c6
crc32: 564E5494
md5: 4722bac3122f3fa0a56a94f6b9518bd0
sha1: d170c2f6f5754988c55123c66bf8e51c7584f784
sha256: dff36070bd48da81c67dfb742f5f3c4c5e0be3aa4606cd43562b9b2bb1b3b5c6
sha512: cd0c94b1606c3ca171633605823356807dd1f547b59a9c62a1d29f52f9dc6b8162ad3c469a8a92e03c35a50ff337d59cc03fcd77e3de4b3866df52830609201b
ssdeep: 1536:ZHn5BVKQdQ5hz5IxysHqhSY3g2B3Zfcpn+1MVoyJPkbu1OK1OvR6EPOsmHfEXXk1:ZHn5x8yIsKx395GfqPTc9TTJ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A674DDE9D7E357D3F8326E36CB91523460323EC9A4E46DF555C8B62C49302DEA31A92C
sha3_384: 7e8ffc7953c222308a4460344581a5065fb15258154dfb7615be705553de9120abbfed99d375bacb503b06f22ea5aa7e
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-03-22 13:03:59

Version Info:
CompanyName: TeamViewer Germany GmbH
FileDescription: TeamViewer 15
FileVersion: 15.0.8397.0
InternalName: TeamViewer
LegalCopyright: TeamViewer Germany GmbH
LegalTrademarks: TeamViewer
OriginalFilename: TeamViewer.exe
PrivateBuild: TeamViewer Remote Control Application
ProductName: TeamViewer
ProductVersion: 15.0.8397.0
Translation: 0x0809 0x04b0

Malware.AI.3521218158 also known as:

MicroWorld-eScan	Gen:Variant.MSILHeracles.2163
FireEye	Generic.mg.4722bac3122f3fa0
McAfee	GenericRXMN-IN!4722BAC3122F
Cylance	Unsafe
Sangfor	Trojan.Win32.Wacatac.B
Alibaba	Backdoor:Win32/Redcap.3cd0495d
Cybereason	malicious.3122f3
BitDefenderTheta	Gen:NN.ZemsilF.34182.vm2@a8qMj4Aj
Symantec	Backdoor.Trojan
Avast	Win32:BackdoorX-gen [Trj]
ClamAV	Win.Trojan.Graybird-7491042-0
BitDefender	Gen:Variant.MSILHeracles.2163
Emsisoft	Gen:Variant.MSILHeracles.2163 (B)
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	GenericRXMN-IN!4722BAC3122F
Jiangmin	Backdoor/Hupigon.beeg
Webroot	W32.Trojan.Gen
Avira	TR/Redcap.teffm
Antiy-AVL	Trojan/Generic.ASMalwS.30FE6F9
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.MSILHeracles.2163
Cynet	Malicious (score: 99)
ALYac	Gen:Variant.MSILHeracles.2163
MAX	malware (ai score=81)
Malwarebytes	Malware.AI.3521218158
Yandex	Trojan.Redcap!QXdL/4gJp4I
MaxSecure	Trojan.Malware.109604881.susgen
Fortinet	PossibleThreat
AVG	Win32:BackdoorX-gen [Trj]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Malware.AI.3521218158?

Malware.AI.3521218158 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X