Malware

Malware.AI.4121972892 removal instruction

Malware Removal

The Malware.AI.4121972892 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4121972892 virus can do?

  • Sample contains Overlay data
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid

How to determine Malware.AI.4121972892?



File Info:

name: 695C9C35257D2FE05445.mlw
path: /opt/CAPEv2/storage/binaries/e6a13f2accb0d2002a4369e1e9a67526aeaa552e9e335d6e1ab21d19c0b6772d
crc32: B6C5629B
md5: 695c9c35257d2fe05445843cc08f6a11
sha1: 09febd0eb79acaa208209da701525dc01cb67988
sha256: e6a13f2accb0d2002a4369e1e9a67526aeaa552e9e335d6e1ab21d19c0b6772d
sha512: 386fd583979dd5d5be1ff5ae7cbd0f8cd2363c38a671f4f192946d3d242554d4fd80bf354434d9a98cc1cdcb3eae34594f13af111f6bb053e24d3a29fda2750c
ssdeep: 384:bGasE7bOtbkUCHpC/VksUXbPqnqwXoPWMriLtslE+fLWCWRW6r:7NnJU9UXrqnqvVriLWJWD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14A030A166A5F0BE0E5D9CC70807F76BD413AECC64E155EDBA780FD2E5832B919D2220E
sha3_384: fb2f7b5a9c614f73959590ef17f4561215bc593988ec9a67c46f1724553b379b8678921c688c5fb25f71125a68ff5af9
ep_bytes: 558bec6aff680859400068b63d400064
timestamp: 2014-10-21 13:47:35


Version Info:

Comments: Generic Host Process for Win32 Services.
CompanyName: Microsoft Corporation
FileDescription: Generic Host Process for Win32 Services
FileVersion: 5.1.2600.5512
InternalName: svchost
LegalCopyright: ? Microsoft Corporation. All rights reserved.
LegalTrademarks: 
OriginalFilename: svchost.exe
PrivateBuild: 
ProductName: Microsoft? Windows? Operating System
ProductVersion: 5.1.2600.5512
SpecialBuild: 
Translation: 0x0409 0x04b0

Malware.AI.4121972892 also known as:

LionicTrojan.Win32.Small.4!c
MicroWorld-eScanGen:Variant.Zusy.321102
ClamAVWin.Trojan.Graftor-3037
FireEyeGen:Variant.Zusy.321102
CAT-QuickHealTrojan.Bagsu.S20034
ALYacGen:Variant.Zusy.321102
CylanceUnsafe
ZillyaTrojan.Small.Win32.25339
SangforTrojan.Win32.Agent.WNP
K7AntiVirusTrojan ( 004e3c5a1 )
K7GWTrojan ( 004e3c5a1 )
Cybereasonmalicious.5257d2
BaiduWin32.Trojan.Kryptik.fr
VirITTrojan.Win32.Agent5.BEV
CyrenW32/SmallTrojan.BA.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Agent.WNP
APEXMalicious
CynetMalicious (score: 99)
KasperskyTrojan.Win32.Small.csx
BitDefenderGen:Variant.Zusy.321102
NANO-AntivirusTrojan.Win32.Small.dimodw
SUPERAntiSpywareTrojan.Agent/Gen-FakeMS
AvastWin32:Trojan-gen
TencentMalware.Win32.Gencirc.10b15c83
Ad-AwareGen:Variant.Zusy.321102
EmsisoftGen:Variant.Zusy.321102 (B)
ComodoTrojWare.Win32.Agent.WNP@6ueqfr
DrWebTrojan.KillFiles.15795
VIPREGen:Variant.Zusy.321102
TrendMicroTROJ_AGENT_FC1700AA.UVPA
McAfee-GW-EditionTrojan-FEQY!695C9C35257D
SophosML/PE-A + Mal/LPDrag-A
GDataGen:Variant.Zusy.321102
JiangminTrojan/Small.pav
AviraTR/Crypt.FKM.Gen
MAXmalware (ai score=86)
Antiy-AVLTrojan/Generic.ASMalwS.3C54
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win32.Agent.R124855
McAfeeTrojan-FEQY!695C9C35257D
TACHYONTrojan/W32.Small.41017.B
VBA32Trojan.Small
MalwarebytesMalware.AI.4121972892
TrendMicro-HouseCallTROJ_AGENT_FC1700AA.UVPA
RisingTrojan.Generic@AI.88 (RDMK:la7dJN5He8gQlYzrV1nY2Q)
YandexTrojan.FKM!dFSjXW4H7zk
IkarusTrojan.Win32.Small
MaxSecureTrojan.Small.csw
FortinetW32/Graftor.B!tr
BitDefenderThetaGen:NN.ZexaF.34592.cq1@amBB2Ppb
AVGWin32:Trojan-gen
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Malware.AI.4121972892?

Malware.AI.4121972892 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment