Should I remove “Malware.AI.3526971100”?

The Malware.AI.3526971100 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3526971100 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Authenticode signature is invalid

How to determine Malware.AI.3526971100?


File Info:
name: A0B60CA561897BED096A.mlw
path: /opt/CAPEv2/storage/binaries/799b82830977f1e159bde8818bef466ad05fb438194d834537af461f11a53834
crc32: 8657F46E
md5: a0b60ca561897bed096a2d2171fc43e9
sha1: 863db3a58c14ac26dacb1928a72a8f30eade65a4
sha256: 799b82830977f1e159bde8818bef466ad05fb438194d834537af461f11a53834
sha512: 6c005299753c264d420287e9e36ede1b3be10451ddb7ffbf104d50424f121153811214bee0b3ec3b2474918484f49c0d709e04db81af05b6e99f70cf48627e9e
ssdeep: 3072:8vbWx06qih5yUUtx8BuDFhkee7l2aaQFyu8dshvWzuc4czoEbHiF:8vbr6DhEUUx8BuphLe7l2aa+mstWzuSi
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T166147C2635E2C4BBD54200304EF49FB9B7FDE5654F2798C38B985B5C8B31CB2862B199
sha3_384: f17521d605643872063b84bf70b03fdb89c8a57ff1fd24f4153702f839dbe0e936e2cbfb767a0c517645b74a0e1546df
ep_bytes: 558bec6aff6820334200680c81400064
timestamp: 2007-06-20 17:42:38

Version Info:
Comments: 
CompanyName: Foofus Networking
FileDescription: Password dumping utility
FileVersion: 1, 4, 3, 0
InternalName: PWD
LegalCopyright: Copyright 2006 Foofus Networking
LegalTrademarks: Licensed under the GPL - see COPYING for more details
OriginalFilename: PWD.exe
PrivateBuild: 
ProductName: pwd
ProductVersion: 1, 4, 3, 0
SpecialBuild: 
Translation: 0x0409 0x04b0

Malware.AI.3526971100 also known as:

Lionic	Riskware.Win32.PWDump.1!c
McAfee	PWCrack-Pwdump.k
Cylance	Unsafe
Zillya	Tool.PWDump.Win32.221
Sangfor	Infostealer.Win32.PWDump.f
K7AntiVirus	Password-Stealer ( 0002677d1 )
K7GW	Password-Stealer ( 0002677d1 )
Cyren	W32/Trojan.WGNG-6388
Symantec	Pwdump
ESET-NOD32	a variant of Win32/PSWTool.PWDump6.G potentially unsafe
Avast	Win32:Malware-gen
Kaspersky	not-a-virus:PSWTool.Win32.PWDump.f
NANO-Antivirus	Riskware.Win32.PWDump.bprcd
SUPERAntiSpyware	Hack.Tool/Gen-PWDump
Comodo	Malware@#1kj4w3q6pwb6m
DrWeb	Tool.Pwdump.276
VIPRE	PSWTool.Win32.PWDump.f
TrendMicro	TROJ_FRS.0NA103CP19
McAfee-GW-Edition	PWCrack-Pwdump.k
Sophos	Generic Reputation PUA (PUA)
Paloalto	generic.ml
Jiangmin	PSWTool.PWDump.bg
eGambit	Trojan.Generic
Antiy-AVL	Trojan[PSWTool]/Win32.PWDump
Kingsoft	Win32.Malware.Heur_Generic.B.(kcloud)
Gridinsoft	Ransom.Win32.Wacatac.sa
Microsoft	Trojan:Win32/Wacatac.B!ml
MAX	malware (ai score=61)
Malwarebytes	Malware.AI.3526971100
TrendMicro-HouseCall	TROJ_FRS.0NA103CP19
Rising	Trojan.Tiggre!8.ED98 (CLOUD)
Yandex	Trojan.GenAsa!qoWwHcJgzwY
Fortinet	Riskware/PWDump
AVG	Win32:Malware-gen
Panda	HackTool/Samdump

How to remove Malware.AI.3526971100?

Malware.AI.3526971100 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X