How to remove "Malware.AI.4153979153"?

The Malware.AI.4153979153 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Malware.AI.4153979153 virus can do?

Executable code extraction
Presents an Authenticode digital signature
Creates RWX memory
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Installs itself for autorun at Windows startup
Attempts to identify installed AV products by registry key
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Malware.AI.4153979153?


File Info:
crc32: FC39C443
md5: b395cf0f46b7c0b4e68f60bbee3624a6
name: B395CF0F46B7C0B4E68F60BBEE3624A6.mlw
sha1: 91b8dd4513e24bf877a33e5adf65e6640ce7c143
sha256: 1dfbd9af7e23e5c2e11fe848d03314c06dfe0811e1ac7f06ac556d0c8741908c
sha512: fb4543ce8a43913542d049f0e88a71b860f1aa54023fb5fa8c7acd312c3f04c9cc3beba879114dcc134f1463cd310e4dcafb63022f3d90fc2cccb8874640c7e7
ssdeep: 3072:A8FR8xw3qMCGGGGG+y5gHXsKu65N3H5a1Bn4gK/BBCGqBJZ:A878xLGGGGG+ypKuu0/cWTZ
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright (c) 2003-2016 Glarysoft Ltd
InternalName: Report.exe
FileVersion: 5, 0, 0, 6
CompanyName:  Glarysoft Ltd
ProductName: Glary Utilities
ProductVersion: 5, 0, 0, 1
FileDescription: Glarysoft Crash Report
OriginalFilename: CrashReport.exe
Translation: 0x0804 0x03a8

Malware.AI.4153979153 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 0053d37f1 )
Lionic	Trojan.Win32.NetStream.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen7.65429
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.Mauvaise.SL1
ALYac	Trojan.Ranapama.ABW
Cylance	Unsafe
Zillya	Trojan.NetStream.Win32.305
CrowdStrike	win/malicious_confidence_80% (D)
Alibaba	Trojan:Win32/Bunitu.ali1000105
K7GW	Trojan ( 0053d37f1 )
Cybereason	malicious.f46b7c
Cyren	W32/Trojan.BUF.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.GTKI
APEX	Malicious
Avast	Win32:TrojanX-gen [Trj]
ClamAV	Win.Dropper.Bunitu-9897412-0
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Trojan.Ranapama.ABW
NANO-Antivirus	Trojan.Win32.Kryptik.flqqpi
MicroWorld-eScan	Trojan.Ranapama.ABW
Tencent	Malware.Win32.Gencirc.10b7d8bb
Ad-Aware	Trojan.Ranapama.ABW
Sophos	Mal/Generic-S + Mal/Cerber-AM
Comodo	TrojWare.Win32.TrojanProxy.Bunitu.JL@80mh7b
BitDefenderTheta	Gen:NN.ZexaF.34266.zq1@aqsHQmfj
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TrojanSpy.Win32.TRICKBOT.SMB.hp
McAfee-GW-Edition	GenericRXHC-GR!B395CF0F46B7
FireEye	Generic.mg.b395cf0f46b7c0b4
Emsisoft	Trojan.Ranapama.ABW (B)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan.Generic.dypkh
Avira	TR/AD.Bunitu.eomba
eGambit	PE.Heur.InvalidSig
Antiy-AVL	Trojan/Generic.ASMalwS.2A0EB5D
Microsoft	Ransom:Win32/CerberCrypt.PB!MTB
GData	Trojan.Ranapama.ABW
AhnLab-V3	PUP/Win32.Agent.R250558
Acronis	suspicious
McAfee	GenericRXHC-GR!B395CF0F46B7
MAX	malware (ai score=100)
VBA32	BScope.Trojan.Yakes
Malwarebytes	Malware.AI.4153979153
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TrojanSpy.Win32.TRICKBOT.SMB.hp
Rising	Trojan.Kryptik!1.B56C (CLASSIC)
Yandex	Trojan.GenAsa!UH2cMIV8h/s
Ikarus	Trojan.Win32.Crypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Kryptik.GLWT!tr
AVG	Win32:TrojanX-gen [Trj]
Paloalto	generic.ml

How to remove Malware.AI.4153979153?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

How to remove “Malware.AI.4153979153”?