Malware.AI.4208869491 removal instruction

The Malware.AI.4208869491 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4208869491 virus can do?

Yara rule detections observed from a process memory dump/dropped files/CAPE
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.4208869491?


File Info:
name: 77447D02897882EACDA4.mlw
path: /opt/CAPEv2/storage/binaries/71a1e3753056462037b8f750b493cc231836f4594d87166bda6efa24df582ef1
crc32: 7F5D4911
md5: 77447d02897882eacda492e9b20c130d
sha1: 84a34e8ce3500853971b89cb95a25ddab6d1335d
sha256: 71a1e3753056462037b8f750b493cc231836f4594d87166bda6efa24df582ef1
sha512: bd780a78a544f8ddb8d4467aff9bbdd313637f075cf58d617f00207651e87876cf1d0186300c3ea28df1c2838fc012ebdda8edd7391eb4e7ff23c6c88f2c18cd
ssdeep: 49152:SpPsIaTdFz8p8rSrlyrXucFRvvdeIGHKH/bR545wAgsiXHzKU:SpEIeU8Wr+XuseIGHKjR545wAgsiX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T112C58C227CB484A3E16B173149CDF33D31ACAD61073540D7A3953B5CBA3A2D3962B6A7
sha3_384: 888868870556e8a407804a6038f50574dadf8633265757beb3a4f9ce6e050a0ddab8cfcbc99e4996865848a8f902bcc8
ep_bytes: e8b00a0000e98efeffffff25f4795a00
timestamp: 2021-07-06 11:48:39

Version Info:
CompanyName: Fsmeeting.com
FileDescription: MeetingAssist.exe
FileVersion: 1.0.0.1
InternalName: MeetingAssist.exe
LegalCopyright: Copyright(C) 2020 Fsmeeting.com.  All rights reserved.
OriginalFilename: MeetingAssist.exe
ProductName: MeetingAssist.exe
ProductVersion: 1.0.0.1
Translation: 0x0409 0x04e4

Malware.AI.4208869491 also known as:

Lionic	Trojan.Win32.Agentb.X!c
MicroWorld-eScan	Gen:Variant.Fragtor.144773
FireEye	Gen:Variant.Fragtor.144773
CAT-QuickHeal	Trojan.Agentb
ALYac	Gen:Variant.Fragtor.144773
Cylance	Unsafe
VIPRE	Gen:Variant.Fragtor.144773
Sangfor	Trojan.Win32.Fragtor.Vrov
Kaspersky	HEUR:Trojan.Win32.Agentb.gen
BitDefender	Gen:Variant.Fragtor.144773
Avast	FileRepMalware [Misc]
Rising	Trojan.Agent!8.B1E (CLOUD)
Ad-Aware	Gen:Variant.Fragtor.144773
Emsisoft	Gen:Variant.Fragtor.144773 (B)
Zillya	Trojan.Agent.Win32.2969633
McAfee-GW-Edition	BehavesLike.Win32.BadFile.vh
Sophos	Mal/Generic-S
GData	Gen:Variant.Fragtor.144773
Jiangmin	Trojan.Agentb.mwh
Antiy-AVL	Trojan/Generic.ASMalwS.422
Kingsoft	Win32.Heur.KVMH008.a.(kcloud)
Arcabit	Trojan.Fragtor.D23585
Microsoft	Trojan:Win32/Wacatac.B!ml
McAfee	Artemis!77447D028978
MAX	malware (ai score=86)
Malwarebytes	Malware.AI.4208869491
TrendMicro-HouseCall	TROJ_GEN.R002H09IL22
Fortinet	W32/PossibleThreat
BitDefenderTheta	Gen:NN.ZexaF.34698.DM0@aWIQ7Nfi
AVG	FileRepMalware [Misc]

How to remove Malware.AI.4208869491?

Malware.AI.4208869491 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X