Malware

Malware.AI.3638344080 removal instruction

Malware Removal

The Malware.AI.3638344080 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3638344080 virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • A process created a hidden window
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Interacts with known DarkComet registry keys

How to determine Malware.AI.3638344080?



File Info:

crc32: F51A33EE
md5: a7ec5a861f335281e096bc8d709400aa
name: A7EC5A861F335281E096BC8D709400AA.mlw
sha1: 99a38ac387b7fb9f3b75b64a76b5e3e62d67963c
sha256: 3c6591d78134de2a069db77e119498d7774373ae2f91f98dbac0458d01b17202
sha512: 4a0bf78dc80a88eefbbf6c78c5435b48b21f6cfc2ae7f168812f254818f8f82cf6663988a25d2369a165dd568bc923cd20603d1b1498d312701b026ec5b3c343
ssdeep: 24576:ntb20pkaCqT5TBWgNQ7avQ9ZWMEsxnIrAmUHQ7h7dZ6A:kVg5tQ7avQ4sxIM1s7H5
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0809 0x04b0

Malware.AI.3638344080 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanAIT:Trojan.GenericTKA.48
FireEyeGeneric.mg.a7ec5a861f335281
CAT-QuickHealTrojan.Zapchast.C5
McAfeeArtemis!A7EC5A861F33
CylanceUnsafe
SangforTrojan.Win32.Save.a
BitDefenderAIT:Trojan.GenericTKA.48
Cybereasonmalicious.61f335
BaiduAutoIt.Trojan.Injector.d
CyrenW32/AutoIt.QE.gen!Eldorado
SymantecTrojan.Gen.MBT
APEXMalicious
AvastScript:SNH-gen [Trj]
KasperskyHEUR:Trojan.Script.Generic
NANO-AntivirusTrojan.Script.AutoIt.estdtw
RisingTrojan.Injector/Autoit!1.C5B5 (CLASSIC)
Ad-AwareAIT:Trojan.GenericTKA.48
EmsisoftAIT:Trojan.GenericTKA.48 (B)
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.tc
SophosML/PE-A + Troj/Autoit-BSC
MaxSecureTrojan.Malware.300983.susgen
AviraHEUR/AGEN.1100057
MAXmalware (ai score=89)
MicrosoftTrojan:Win32/Scrarev.C
ArcabitAIT:Trojan.GenericTKA.48
ZoneAlarmHEUR:Trojan.Script.Generic
GDataAIT:Trojan.GenericTKA.48 (2x)
CynetMalicious (score: 100)
BitDefenderThetaAI:Packer.6A29D41418
ALYacAIT:Trojan.GenericTKA.48
MalwarebytesMalware.AI.3638344080
ESET-NOD32a variant of Win32/Injector.Autoit.BKC
IkarusTrojan.Win32.Injector
eGambitUnsafe.AI_Score_80%
FortinetW32/Autoit.BKC!tr
AVGScript:SNH-gen [Trj]
CrowdStrikewin/malicious_confidence_90% (D)
Qihoo-360HEUR/QVM10.1.8807.Malware.Gen

How to remove Malware.AI.3638344080?

Malware.AI.3638344080 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment