Malware.AI.3758861074 removal guide

The Malware.AI.3758861074 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Malware.AI.3758861074 virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (1 unique times)
Creates RWX memory
Expresses interest in specific running processes
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX

Related domains:

z.whorecord.xyz

a.tomx.xyz

dssp.toolsabc.cn

How to determine Malware.AI.3758861074?


File Info:
crc32: 911D3936
md5: f828081dee54ee5b70426ea0dd36c2f8
name: F828081DEE54EE5B70426EA0DD36C2F8.mlw
sha1: 07c4dde17cb238a8b9b0ec13f1439a1ad73be4bf
sha256: acfbdd561930489694be16d84b86010c9834526337a44e7c7594e089c99f0db6
sha512: 7481adcb7cf12bb2ac8e9870cae5bfe02e548527ad9a0259869206f2e820a15375e4bcac9782fd02cd102a86bde4e5be27c11a528dde5ec646bc18d7099f64d4
ssdeep: 24576:nCPBUsjEFxEJowm6YqomiYtnv0XhrrUMdGXCGzSiXAL:nCPBE/EJowjYyi8nv0XhrUE0VSiXA
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:
LegalCopyright: Copyright (C) 2011
InternalName: WoWLauncher
FileVersion: 1, 0, 0, 1
ProductName: WoWLauncher
ProductVersion: 1, 0, 0, 1
FileDescription: WoWLauncher
OriginalFilename: WoWLauncher.exe
Translation: 0x0804 0x04b0

Malware.AI.3758861074 also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Ransom.District.1
FireEye	Generic.mg.f828081dee54ee5b
CAT-QuickHeal	Trojan.WacatacRI.S18008451
Qihoo-360	Generic/Trojan.Ransom.d6f
ALYac	Gen:Variant.Ransom.District.1
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Ransom.Win32.District.1
K7AntiVirus	Riskware ( 0040eff71 )
BitDefender	Gen:Variant.Ransom.District.1
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.dee54e
BitDefenderTheta	Gen:NN.ZexaF.34590.snLfaew1chmj
Cyren	W32/Ransom.OXNL-2206
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:RansomX-gen [Ransom]
Alibaba	Trojan:Win32/RansomX.583e2ffd
Tencent	Malware.Win32.Gencirc.11b39c6b
Ad-Aware	Gen:Variant.Ransom.District.1
Emsisoft	Gen:Variant.Ransom.District.1 (B)
F-Secure	Trojan.TR/Ransom.District.sphdn
TrendMicro	TROJ_GEN.R002C0RLH20
McAfee-GW-Edition	BehavesLike.Win32.Dropper.tc
Sophos	Mal/Generic-S + Troj/AutoG-KS
SentinelOne	Static AI – Suspicious PE
Avira	TR/Ransom.District.sphdn
Antiy-AVL	Trojan/Win32.Generic
Microsoft	Trojan:Win32/Ymacco.AAAC
Arcabit	Trojan.Ransom.District.1
GData	Gen:Variant.Ransom.District.1
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win32.Generic.C4276274
McAfee	GenericRXAA-AA!F828081DEE54
MAX	malware (ai score=89)
VBA32	BScope.Trojan.JakyllHyde
Malwarebytes	Malware.AI.3758861074
ESET-NOD32	a variant of Generik.EQTCSBJ
TrendMicro-HouseCall	TROJ_GEN.R002C0RLH20
Rising	Malware.Undefined!8.C (CLOUD)
Ikarus	Trojan.SuspectCRC
Fortinet	W32/Generik.EQTCSBJ!tr
AVG	Win32:RansomX-gen [Ransom]
CrowdStrike	win/malicious_confidence_100% (W)
MaxSecure	Trojan.Malware.74051743.susgen

How to remove Malware.AI.3758861074?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Malware.AI.3758861074 removal guide