How to remove “Malware.AI.3661212905”?

The Malware.AI.3661212905 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3661212905 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Sample contains Overlay data
Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.3661212905?


File Info:
name: 03A568909887EE3C00F5.mlw
path: /opt/CAPEv2/storage/binaries/2deef90deb4b5f09ddbeaa554d2f58c92fcb3f063bf5a58b0700a3d69de9b3b5
crc32: 5EE89000
md5: 03a568909887ee3c00f5743c429cde8d
sha1: b0b78940d1e9b17f1a3f6259186772365750cbc7
sha256: 2deef90deb4b5f09ddbeaa554d2f58c92fcb3f063bf5a58b0700a3d69de9b3b5
sha512: dbd27908271b6395120d6244dd7999059175aa3fe55912a94ab114a604ea633700d857ce5dd6106d620f88772449238d2d7194daa936965b24720ffb2106d864
ssdeep: 3072:zNf3wRqQxKvxnsRcaCYXaVX/lzES2RaEiC07d:BPeyxT4CNzEIjd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F0F38F412BE4C061F6630A7089F2D757FE7ABE652F20852F5594B20E6F73784BB21329
sha3_384: f98435098bea93b4447d33bdb4f706081810b2cb7574b4b911ea61890f7b48e911debed143ac4826088440f7fbcb98a4
ep_bytes: 558becb82c150000e88a030000535657
timestamp: 2001-07-19 22:01:47

Version Info:
CompanyName: Microsoft Corporation
FileDescription: msn
FileVersion: 6.10.0016.1624
InternalName: msn
LegalCopyright: Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename: msn.exe
ProductName: Microsoft(R) MSN (R) Communications System
ProductVersion: 6.10.0016.1624
Built by: msnbld
Translation: 0x0409 0x04b0

Malware.AI.3661212905 also known as:

tehtris	Generic.Malware
MicroWorld-eScan	Gen:Variant.Graftor.954933
FireEye	Generic.mg.03a568909887ee3c
ALYac	Gen:Variant.Graftor.954933
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Riskware ( 0040eff71 )
K7GW	Riskware ( 0040eff71 )
BitDefenderTheta	Gen:NN.ZexaF.34786.km3@aS2w!nbi
VirIT	Backdoor.Win32.Darkshell.JM
Cyren	W32/Patched.BD.gen!Eldorado
Elastic	malicious (high confidence)
ClamAV	Win.Trojan.Generic-9944113-0
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Graftor.954933
SUPERAntiSpyware	Trojan.Agent/Gen-Undef
Ad-Aware	Gen:Variant.Graftor.954933
Emsisoft	Gen:Variant.Graftor.954933 (B)
VIPRE	Gen:Variant.Graftor.954933
McAfee-GW-Edition	RDN/Generic.dx
SentinelOne	Static AI – Malicious PE
Sophos	Generic ML PUA (PUA)
APEX	Malicious
GData	Win32.Trojan.PSE1.1J8QXD0
Avira	HEUR/AGEN.1244252
Arcabit	Trojan.Graftor.DE9235
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
Acronis	suspicious
McAfee	RDN/Generic.dx
MAX	malware (ai score=82)
Malwarebytes	Malware.AI.3661212905
Ikarus	Trojan.Agent
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Agent.F7E1!tr
CrowdStrike	win/malicious_confidence_70% (D)

How to remove Malware.AI.3661212905?

Malware.AI.3661212905 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X