Malware

Malware.AI.4135062985 (file analysis)

Malware Removal

The Malware.AI.4135062985 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4135062985 virus can do?

  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Malware.AI.4135062985?



File Info:

crc32: E7260051
md5: e888239edae25237663cd348bbacbef1
name: E888239EDAE25237663CD348BBACBEF1.mlw
sha1: 362280d3d7ceb2e8a00203e14c179eebd9639e30
sha256: a8aef9337f3b74d8a545a9014b693b671e1f58fbfd70e9f458c2d2fd0099efa1
sha512: 7a7d6eba9f5b9c912b9acd3f269b578c52a32f916c0340da6adeb34f33854d4383aaac1fd8ec51809b51fb583da6637a848686bc15eaedde3c74779b0994724f
ssdeep: 1536:s1u2YNIFC331qD7Rkt/sbMhPavDtKdWq9QMbHcqIU9J:s1qmFcm7a/iOP4DmLQMZIU9J
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:  (c) Direct Revenue.  All rights reserved.
InternalName: Buddy.exe
FileVersion: 1.0.2.8
CompanyName: Direct Revenue
PrivateBuild: 1028
Comments: Browser window for Direct Revenue
ProductName: Buddy Window
SpecialBuild: 1000
ProductVersion: 1.0.2.8
FileDescription: Aurora
OriginalFilename: Buddy.exe
Translation: 0x0409 0x04e4

Malware.AI.4135062985 also known as:

K7AntiVirusAdware ( 004b9cd11 )
DrWebAdware.BetterInternet
CynetMalicious (score: 100)
ALYacAdware.Betterinternet.AA
CylanceUnsafe
ZillyaAdware.BetterInternet.Win32.80
AlibabaAdWare:Win32/DirectRevenue.604c750e
K7GWAdware ( 004b9cd11 )
Cybereasonmalicious.edae25
CyrenW32/Adware.SOGM-4771
SymantecAdware.BetterInternet
ESET-NOD32Win32/Adware.BetterInternet
APEXMalicious
AvastWin32:Adan-BB [Adw]
ClamAVWin.Adware.Toolbar-31
Kasperskynot-a-virus:HEUR:AdWare.Win32.DirectRevenue.gen
BitDefenderAdware.Betterinternet.AA
NANO-AntivirusRiskware.Win32.BetterInternet.bmqre
ViRobotAdware.BetterInternet.79360.Z
MicroWorld-eScanAdware.Betterinternet.AA
TencentMalware.Win32.Gencirc.10ccd306
Ad-AwareAdware.Betterinternet.AA
SophosBetterInternet (PUA)
ComodoApplication.Win32.Adware.BetterInternet@2i5m
F-SecureAdware.ADSPY/AdSpy.Gen
BitDefenderThetaAI:Packer.8076920E1F
VIPREABetterInternet.Aurora (v)
TrendMicroADW_BETTERNET.D
McAfee-GW-EditionAdware-abetterintrnt.ae
FireEyeGeneric.mg.e888239edae25237
EmsisoftAdware.Betterinternet.AA (B)
SentinelOneStatic AI – Malicious PE
JiangminAdWare/BetterInternet.bj
WebrootAdware:Win32/DirectRevenue.B
AviraADSPY/AdSpy.Gen
Antiy-AVLGrayWare[AdWare]/Win32.BetterInternet
MicrosoftTrojan:Win32/Wacatac.A!ml
ArcabitAdware.Betterinternet.AA
SUPERAntiSpywareAdware.Direct Revenue
GDataAdware.Betterinternet.AA
TACHYONTrojan-Clicker/W32.BetterInternet.79360
AhnLab-V3Trojan/Win32.Clicker.C13518
McAfeeAdware-abetterintrnt.ae
VBA32AdWare.BetterInternet
MalwarebytesMalware.AI.4135062985
PandaAdware/Aurora
TrendMicro-HouseCallADW_BETTERNET.D
RisingHack.Anti.Win32.Agent.k (CLASSIC)
YandexAdware.BetterInternet!vnA5yiShjZI
Ikarusnot-a-virus:AdWare.Win32.BiSpy
MaxSecureTrojan.Malware.8385185.susgen
FortinetAdware/BetterInternet
AVGWin32:Adan-BB [Adw]

How to remove Malware.AI.4135062985?

Malware.AI.4135062985 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment