Malware.AI.3904150994 removal

The Malware.AI.3904150994 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3904150994 virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.3904150994?


File Info:
name: D3D5C273C81B66D9BD8D.mlw
path: /opt/CAPEv2/storage/binaries/5bbbf3e04ee56a23b358f70444f61c3c2757127a5bb9455ce7593318fd668c99
crc32: F73AC3D9
md5: d3d5c273c81b66d9bd8d8deb289e9758
sha1: c42ab5d47799d26248af3f26fb04e45d7f9e7cd5
sha256: 5bbbf3e04ee56a23b358f70444f61c3c2757127a5bb9455ce7593318fd668c99
sha512: e3b015553556a826341ae9cf037297141606d3b3426a7b4dbd2c0cf49455e898725039a26135c54549c3abca049580e6abe4abcf42492e30e96be08edbd77304
ssdeep: 768:jMPEMnRPvsR/VzjViu7AA4LmrRvusqNnbcuyD7Ur5:jUrwVNsivN4nouy8r5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11C23F74933E9CEE2E4AE2B7118FAA2455AB2FA155D31C23F209C911F3D7D2009967772
sha3_384: 263f70858913409897ca17565e31ff3fd079869a38ce778b30fd5b76125b5f082e963c1de31230518c94598bd795326c
ep_bytes: 60be006041008dbe00b0feff5789e58d
timestamp: 2013-10-21 13:11:36

Version Info:
CompanyName: SASLITE Corp.
FileDescription: SASTIK Self Extractor
FileVersion: 1, 0, 0, 0
LegalCopyright: (C)SASLITE Corp. 2007-2013
OriginalFilename: 7zSD.sfx
ProductName: SASTIK Sevice
Translation: 0x0000 0x0000

Malware.AI.3904150994 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (moderate confidence)
MicroWorld-eScan	Trojan.GenericKD.68578385
FireEye	Generic.mg.d3d5c273c81b66d9
ALYac	Trojan.GenericKD.68578385
Malwarebytes	Malware.AI.3904150994
Sangfor	Trojan.Win32.Save.a
BitDefenderTheta	Gen:NN.ZexaF.36350.dm0@aOlCbpei
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
BitDefender	Trojan.GenericKD.68578385
Avast	Win32:Malware-gen
Emsisoft	Trojan.GenericKD.68578385 (B)
F-Secure	Heuristic.HEUR/AGEN.1334820
VIPRE	Trojan.GenericKD.68578385
McAfee-GW-Edition	BehavesLike.Win32.Generic.pt
Trapmine	suspicious.low.ml.score
GData	Trojan.GenericKD.68578385
Avira	HEUR/AGEN.1334820
Antiy-AVL	Trojan/Win32.Wacatac
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
Acronis	suspicious
McAfee	Artemis!D3D5C273C81B
MAX	malware (ai score=84)
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002H0CGL23
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.214147563.susgen
Fortinet	W32/ULPM.16C0!tr
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_70% (W)

How to remove Malware.AI.3904150994?

Malware.AI.3904150994 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X