Malware.AI.3789005897 removal tips

The Malware.AI.3789005897 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3789005897 virus can do?

Presents an Authenticode digital signature
Anomalous binary characteristics

How to determine Malware.AI.3789005897?


File Info:
crc32: 560AAA79
md5: 540a5d51f667c3fb72fb9aff5f39df27
name: 540A5D51F667C3FB72FB9AFF5F39DF27.mlw
sha1: 734a9f528e3dd292e78a1b335b466e1f7daa34fc
sha256: 0ea6564393fd9d17cd3153e67a46181b10d9a5fdada9203c23f6278c23916386
sha512: 21aeef74777933ffb83588b8b94aeb267dbe832541a6bcadf465459d3f0752f69f0f615183cfc2b4507a2c02c1e4acf5afd058b29a0dd6f505fdbddcd41e7997
ssdeep: 12288:EMCjB7y1oYxMf9IC0xiBB8is2yU/7uoHHCwXAmDSRZZYpKoOvhTUu4BQD2bjpW82:PCYWYxM1x0QD8iu4unxvSOQJh1I
type: MS-DOS executable, MZ for MS-DOS

Version Info:
LegalCopyright: Copyright (C) xa9 2000 U.S. Robotics Corporation
InternalName: 3cshtdwn.exe
FileVersion: 4. 11. 21
CompanyName:  U.S. Robotics Corporation
PrivateBuild: 
LegalTrademarks: 
Comments: 
ProductName: U.S. Robotics Modem Driver
SpecialBuild: 
ProductVersion: 4. 11. 21
FileDescription:  U.S. Robotics shutdown helper
OriginalFilename: 3cshtdwn.exe
Translation: 0x0409 0x04b0

Malware.AI.3789005897 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.36326848
McAfee	RDN/Qakbot
Cylance	Unsafe
Sangfor	Riskware.Win32.Agent.ky
CrowdStrike	win/malicious_confidence_70% (W)
Symantec	ML.Attribute.HighConfidence
Paloalto	generic.ml
Kaspersky	UDS:DangerousObject.Multi.Generic
Rising	Spyware.Ursnif!8.1DEF (CLOUD)
Ad-Aware	Trojan.GenericKD.36326848
F-Secure	Trojan.TR/AD.Qbot.lnidt
DrWeb	Trojan.Inject4.7123
TrendMicro	TROJ_FRS.VSNTBA21
McAfee-GW-Edition	Artemis!Trojan
FireEye	Trojan.GenericKD.36326848
Emsisoft	Trojan.GenericKD.36326848 (B)
Avira	TR/AD.Qbot.lnidt
MAX	malware (ai score=82)
Kingsoft	Win32.Troj.Generic_a.a.(kcloud)
Microsoft	Trojan:Win32/Wacatac.B!ml
Gridinsoft	Trojan.Heur!.01002130
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Win32.Trojan.QBot.G0F5HG
Cynet	Malicious (score: 85)
Malwarebytes	Malware.AI.3789005897
Panda	Trj/Qbot.AS
ESET-NOD32	a variant of Win32/GenKryptik.FBLS
TrendMicro-HouseCall	TROJ_FRS.VSNTBA21
Yandex	Trojan.Agent!MxAltOW1cTg
Ikarus	Trojan.Win32.Krypt
eGambit	PE.Heur.InvalidSig
Fortinet	W32/GenKryptik.FBLS!tr
Webroot	W32.Trojan.Gen
AVG	Win32:Trojan-gen
Avast	Win32:Trojan-gen
Qihoo-360	Win32/Backdoor.QakBot.HgkASOwA

How to remove Malware.AI.3789005897?

Malware.AI.3789005897 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X