Should I remove “Malware.AI.4169252790”?

The Malware.AI.4169252790 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4169252790 virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.4169252790?


File Info:
name: E95416D18E3E50AFA1D3.mlw
path: /opt/CAPEv2/storage/binaries/a4de569409c54e93bd07fc7eac6b5160eee99c12d189e73a2d010e1cb64e8dbf
crc32: 0FA334C5
md5: e95416d18e3e50afa1d338a19e7b615e
sha1: 04934374ec0399a26c7ae9af4b109503c18ac54d
sha256: a4de569409c54e93bd07fc7eac6b5160eee99c12d189e73a2d010e1cb64e8dbf
sha512: 7ffe28c544e632830040c0dbf1bbc5ccaa174378bf0280282bbb747bd2af93cf46f8e3d424765522c2d03e7910709348502440b5ca35f56c057e829a3ae9a6a9
ssdeep: 3072:SP53UalVLsMnu6I2Ff5rZpNFIEL6h7YcCla:SP5UKLTu6IOxL3IEL6GR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T176D302737B5CF0A4C45A17B12BFB62A6AD32AF014438938E17445C84FF76915E93923B
sha3_384: ab979dc03318b8db961fe0ed49c6f1f6c63c95417771db2cd3a43d45c8beff447fa6b33343e6421a986e3f4bbfb31843
ep_bytes: 558bec81ec1804000053568b35d4ca40
timestamp: 1998-04-19 03:37:34

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Notepad
FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
InternalName: Notepad
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: NOTEPAD.EXE
ProductName: Microsoft® Windows® Operating System
ProductVersion: 6.1.7600.16385
Translation: 0x0409 0x04b0

Malware.AI.4169252790 also known as:

Bkav	W32.AIDetect.malware2
tehtris	Generic.Malware
MicroWorld-eScan	Gen:Variant.Symmi.19743
ClamAV	Win.Packed.Zbot-9759036-0
FireEye	Generic.mg.e95416d18e3e50af
Cylance	Unsafe
Zillya	Trojan.PornoAsset.Win32.5470
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.18e3e5
VirIT	Trojan.Win32.Generic.CFFA
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Symmi.19743
NANO-Antivirus	Trojan.Win32.Popuper.bbwujs
Avast	Sf:Agent-A [Trj]
Ad-Aware	Gen:Variant.Symmi.19743
Emsisoft	Gen:Variant.Symmi.19743 (B)
Comodo	TrojWare.Win32.Kryptik.AMMJ@4r4i67
DrWeb	Trojan.Popuper.41126
VIPRE	Gen:Variant.Symmi.19743
McAfee-GW-Edition	Generic-FALQ!E95416D18E3E
Trapmine	malicious.high.ml.score
Sophos	ML/PE-A + Troj/Katusha-CB
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.Symmi.19743
Avira	TR/Obfuscate.acbna
MAX	malware (ai score=82)
Antiy-AVL	Trojan/Generic.ASMalwS.24D
Arcabit	Trojan.Symmi.D4D1F
Microsoft	PWS:Win32/Zbot
Google	Detected
AhnLab-V3	Trojan/Win32.Jorik.R38777
McAfee	Generic-FALQ!E95416D18E3E
Malwarebytes	Malware.AI.4169252790
Rising	Trojan.Agent!1.6710 (CLASSIC)
Yandex	Trojan.GenAsa!bWqJiZybGMU
Ikarus	Worm.Win32.Cridex
Fortinet	W32/CoinMiner.F
BitDefenderTheta	Gen:NN.ZexaF.34646.iKW@aekhpoki
AVG	Sf:Agent-A [Trj]
Panda	Generic Suspicious
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Malware.AI.4169252790?

Malware.AI.4169252790 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X