Malware

How to remove “Malware.AI.4202066680”?

Malware Removal

The Malware.AI.4202066680 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4202066680 virus can do?

  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • Executed a very long command line or script command which may be indicative of chained commands or obfuscation
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Appears to use command line obfuscation
  • Anomalous binary characteristics

How to determine Malware.AI.4202066680?



File Info:

name: B202FE625188613E98F0.mlw
path: /opt/CAPEv2/storage/binaries/9e077b338df0ea996f2a2406586de2578a8b1e66ae73969484c276dbd280eef5
crc32: 4162E491
md5: b202fe625188613e98f0af5f6e2ab114
sha1: 470ceb8d336549589a64a3958210a81e2d31c1e8
sha256: 9e077b338df0ea996f2a2406586de2578a8b1e66ae73969484c276dbd280eef5
sha512: f746f85c66cba8cc8863fbdd98088d676f7553487f468d719c31bc8f3088668d5cac065b1804b73b5b78d6c374ea74840d84028e1bd83b8d0f268fe840161709
ssdeep: 98304:z1Eesln5ojWj3L/9ptq9h4pbXh5PQmDeyASb5XKGzU7FiGkwG2BCa2BMrAYPIY7a:z1Eecn52Wj3Bzq9ylhZiBSb17wGoAoIF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1ED4633A07AD5C07BD2C11838E861E7F98B16FD201B4823D76E813D13BA6F1D36A7E195
sha3_384: 33345f652e3336e941dfcc3260bc447f9419878073803a2fa9589bab719ba2fe0cd4a36203d3c54cda42ab4bd69d3a99
ep_bytes: 558bec6aff6878c84100684095410064
timestamp: 2016-04-02 22:14:00


Version Info:

CompanyName: Zeka
FileDescription: Air Explorer - это удобный инструмент, который понравится пользователям, работающим с облачными сервисами. 
FileVersion: 4.0.1.0
InternalName: AirExplorerProPortable;AirExplorerPort;Air;
LegalCopyright: Network
OriginalFilename: AirExplorerProPortable 4.0.1.exe
PrivateBuild: 3433E98D
ProductName: Addon for Total Commander PowerUser
ProductVersion: 4.0.1.0
Translation: 0x0000 0x04b0

Malware.AI.4202066680 also known as:

BkavW32.AIDetect.malware2
MicroWorld-eScanTrojan.GenericKD.39507992
CAT-QuickHealBackdoor.Bladabindi
McAfeeArtemis!B202FE625188
CylanceUnsafe
SangforBackdoor.Win32.Bladabindi.ml
CrowdStrikewin/grayware_confidence_70% (W)
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
CyrenW32/MSIL_Kryptik.FJL.gen!Eldorado
SymantecML.Attribute.HighConfidence
Paloaltogeneric.ml
ClamAVWin.Trojan.Generic-9855249-0
BitDefenderTrojan.GenericKD.39507992
RisingTrojan.Generic/MSIL@AI.90 (RDM.MSIL:lnpwPH1q7NKN/4hWGiHYeQ)
Ad-AwareTrojan.GenericKD.39507992
EmsisoftTrojan.GenericKD.39507992 (B)
ComodoMalware@#3qfva0lv2cciu
F-SecureBackdoor.BDS/Redcap.jyidv
TrendMicroBackdoor.Win32.BLADABINDI.USASHDF22
McAfee-GW-EditionBehavesLike.Win32.Sality.tc
FireEyeTrojan.GenericKD.39507992
SophosGeneric Reputation PUA (PUA)
GDataTrojan.GenericKD.39507992
AviraBDS/Redcap.jyidv
KingsoftWin32.HeurC.KVM007.a.(kcloud)
MicrosoftBackdoor:Win32/Bladabindi!ml
CynetMalicious (score: 100)
ALYacTrojan.GenericKD.39507992
MAXmalware (ai score=89)
VBA32TScope.Trojan.MSIL
MalwarebytesMalware.AI.4202066680
TrendMicro-HouseCallBackdoor.Win32.BLADABINDI.USASHDF22
IkarusSuspectFile
MaxSecureTrojan.Malware.110502737.susgen
FortinetW32/PossibleThreat
BitDefenderThetaGen:NN.ZemsilF.34606.jm0@aSQBGfo
Cybereasonmalicious.251886

How to remove Malware.AI.4202066680?

Malware.AI.4202066680 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment