Malware.AI.3973187812 removal instruction

The Malware.AI.3973187812 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3973187812 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.3973187812?


File Info:
name: 7BDE1BE1E062ABBAAA99.mlw
path: /opt/CAPEv2/storage/binaries/c2c7f09272f0b420cb190c7e2d66c4c083055306f54ff8a00686f1ce9d39056c
crc32: D4AB5BF1
md5: 7bde1be1e062abbaaa99769b302cf1bc
sha1: 6502ac4140790634763a657479997278e67a8df7
sha256: c2c7f09272f0b420cb190c7e2d66c4c083055306f54ff8a00686f1ce9d39056c
sha512: 432bd7d5a32f91adc59626db1d654b2ca7db2b91c2bdd3bdaf2f152f949d225c813553bc9c51cb0ee449013cd6d095d394730b7e69fe037ddc91d23c6daa3810
ssdeep: 12288:lQSWcLCFCBL5GpXePNR9PnQSWcLCFCBL5GpX:lQSPLCFCBL5GJ0R1QSPLCFCBL5GJ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C0B4C05FF6D9B935E9B718B01E45FE7E4925ED701B0409973680AEFAA4101E2082DF8F
sha3_384: d9ce20b6aa7e454a028987c76ec39f2a0d05796bfd5b63be53b4c659e327ea072425f8f647c763b130ed1d4558930f3b
ep_bytes: e87e070000e9000000006a5c6858bd41
timestamp: 1980-10-16 18:26:13

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Notepad
FileVersion: 10.0.17134.1 (WinBuild.160101.0800)
InternalName: Notepad
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: NOTEPAD.EXE
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.17134.1
Translation: 0x0409 0x04b0

Malware.AI.3973187812 also known as:

Elastic	malicious (high confidence)
DrWeb	Win32.HLLW.FSB
MicroWorld-eScan	Trojan.GenericKD.31231822
FireEye	Trojan.GenericKD.31231822
CAT-QuickHeal	Worm.Fesber.A8
McAfee	W32/Fesber.worm.gen
Malwarebytes	Malware.AI.3973187812
Zillya	Worm.Fesber.Win32.3
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_70% (D)
BitDefenderTheta	Gen:NN.ZelphiF.34182.amGfaC!@D6b
Cyren	W32/Fesber.QPGQ-0002
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Win32/Fesber.A
TrendMicro-HouseCall	WORM_YERO.A
ClamAV	Win.Worm.Fesber-1
Kaspersky	Worm.Win32.Fesber.g
BitDefender	Trojan.GenericKD.31231822
NANO-Antivirus	Trojan.Win32.Fesber.fjhfvl
Avast	Win32:Agent-AVCC [Trj]
Ad-Aware	Trojan.GenericKD.31231822
Emsisoft	Trojan.GenericKD.31231822 (B)
Baidu	Win32.Worm.Agent.g
VIPRE	Worm.Win32.Fesber.am (v)
TrendMicro	WORM_YERO.A
McAfee-GW-Edition	BehavesLike.Win32.HLLP.hc
Sophos	W32/Fesber-A
Ikarus	Worm.Win32.Fesber
GData	Trojan.GenericKD.40592054
Avira	WORM/Fesber
Kingsoft	Heur.SSC.19849.0010.(kcloud)
ZoneAlarm	Worm.Win32.Fesber
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Worm/Win.Fesber.R440040
ALYac	Trojan.GenericKD.31231822
MAX	malware (ai score=86)
VBA32	Virus.Fsb.1
Rising	Worm.Fesber!1.65A8 (CLASSIC)
Yandex	Trojan.GenAsa!EKe4anrraVI
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/Fesber.A!tr
AVG	Win32:Agent-AVCC [Trj]
Cybereason	malicious.1e062a
Panda	Trj/Genetic.gen

How to remove Malware.AI.3973187812?

Malware.AI.3973187812 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X