How to remove “Malware.AI.3867659397”?

The Malware.AI.3867659397 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3867659397 virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.3867659397?


File Info:
name: FA1E93C8F0C013CFD45D.mlw
path: /opt/CAPEv2/storage/binaries/c2a754a28d3792df8ef10eb5b05e625849504667b229e3a444218e835bfc217c
crc32: 2D42462B
md5: fa1e93c8f0c013cfd45d64fa2b2fcf2c
sha1: 5776183994e500140f4e64a30368a378c8600a7b
sha256: c2a754a28d3792df8ef10eb5b05e625849504667b229e3a444218e835bfc217c
sha512: d3d103dfa294ad6ec3123bdd8e895946e6235c6bc12086a31cbab08aebbd3c30e6f643358807b8a2d8062235ee32e61ec7b0a0c177e54dfdec36a1ad1ba8b257
ssdeep: 768:agO5xRYi+SfSWHHNvvG5bnl/NqNwsKVDstHxYDXBaXKynF0vpmYZS0HdJnfWO:RshfSWHHNvoLqNwDDGw8epmh0HjWO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AD835B9F74D494FEFC2456B4146B1BB08577AA80123A5BCB3BA8CD79953B126873C383
sha3_384: 227a9145a2cff947c3ab884479527afb849dfee79fa18a173227c42ba9f8fced7a5a86ec2cd4a4bdc61a154360ad9827
ep_bytes: 03f3a48b84241801000080380074108b
timestamp: 1970-01-01 00:00:00

Version Info:
0: [No Data]

Malware.AI.3867659397 also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Generic.Dacic.9C483F5C.A.756EE445
ClamAV	Win.Malware.Ulise-9951569-0
ALYac	Generic.Dacic.9C483F5C.A.756EE445
Malwarebytes	Malware.AI.3867659397
Sangfor	Suspicious.Win32.Save.ins
CrowdStrike	win/malicious_confidence_100% (W)
K7GW	Riskware ( 0040eff71 )
K7AntiVirus	Riskware ( 0040eff71 )
Baidu	Win32.Trojan.Agent.abh
VirIT	Trojan.Win32.Agent2.YNQ
Cyren	W32/Agent.FYF.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Generic.Dacic.9C483F5C.A.756EE445
Avast	Win32:Agent-FK [Trj]
Emsisoft	Generic.Dacic.9C483F5C.A.756EE445 (B)
F-Secure	Trojan.TR/Agent.bo.10
VIPRE	Generic.Dacic.9C483F5C.A.756EE445
McAfee-GW-Edition	BehavesLike.Win32.Generic.mm
Trapmine	suspicious.low.ml.score
FireEye	Generic.mg.fa1e93c8f0c013cf
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Malicious PE
GData	Win32.Trojan.PSE.10VVNJC
Avira	TR/Agent.bo.10
Antiy-AVL	Trojan/Win32.Agent.bo
Arcabit	Generic.Dacic.9C483F5C.A.756EE445
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Trojan/Win.Dacic.R568963
McAfee	GenericRXAA-FA!FA1E93C8F0C0
MAX	malware (ai score=81)
VBA32	suspected of Trojan.Agent.11
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R03BH09DS23
Rising	Stealer.OnlineGames!1.6995 (CLASSIC)
Yandex	Trojan.Agent!jU8rxjUb+38
Ikarus	Trojan.Win32.Agent
Fortinet	W32/Agent.BO!tr
BitDefenderTheta	Gen:NN.ZexaF.36164.fuY@aSWbVkl
AVG	Win32:Agent-FK [Trj]
DeepInstinct	MALICIOUS

How to remove Malware.AI.3867659397?

Malware.AI.3867659397 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X