Malware.AI.4255551949 removal tips

The Malware.AI.4255551949 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4255551949 virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Malware.AI.4255551949?


File Info:
name: 2E39FD7D7427063DA043.mlw
path: /opt/CAPEv2/storage/binaries/b741f0dda66dec0acc5169128bb9867e0b3aa0a912d8e05e45709900191cc378
crc32: 808C92DC
md5: 2e39fd7d7427063da0435e60fc2f3daf
sha1: 6d97186c8cbb44a9b5bbd1a701351fd9927a88f6
sha256: b741f0dda66dec0acc5169128bb9867e0b3aa0a912d8e05e45709900191cc378
sha512: fa90998ecd13844ac7752d34fc3abfe46dbc7ac901f205d72b44496b1ba53109f06297ac7d101ea742ac81018354e8b73a1cb50fc0138b3e699e70dbf8b984b8
ssdeep: 384:F/zfvwxxO/7FANb+1bl+Ai5FGt2pDxF4A0xP9p/Jp2ndJs1d+ju1q/5oXs/myV:VznIxy7FABwbGzZdTdyn/vWdJs1rI/
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B2233A43778898FFD1E496F90D5353169173BE740A39CB935ECCBE6B4CFA280A560690
sha3_384: 592b562494c988417729e375b3535ad884b5cf9bdb7d2bce4bfe92b5268f6133e48c731e1084b106d85f037a06d5459e
ep_bytes: 60be005042008dbe00c0fdff5783cdff
timestamp: 2005-10-04 10:47:49

Version Info:
0: [No Data]

Malware.AI.4255551949 also known as:

MicroWorld-eScan	Gen:Variant.Zusy.426582
FireEye	Generic.mg.2e39fd7d7427063d
McAfee	Artemis!2E39FD7D7427
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.ins
Cybereason	malicious.c8cbb4
Baidu	Win32.Trojan.Sality.j
Cyren	W32/Backdoor.J.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
ESET-NOD32	Win32/Sality.NAR
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	VHO:Trojan.Win32.Sdum.gen
BitDefender	Gen:Variant.Zusy.426582
Avast	Win32:Malware-gen
Tencent	Trojan.Win32.Vilsel.aab
Ad-Aware	Gen:Variant.Zusy.426582
Sophos	ML/PE-A
DrWeb	Win32.Sector.12
VIPRE	Gen:Variant.Zusy.426582
McAfee-GW-Edition	BehavesLike.Win32.Generic.pt
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Variant.Zusy.426582 (B)
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.Zusy.426582
Jiangmin	Trojan/Vilsel.aaoz
Avira	RKIT/Sality.A
MAX	malware (ai score=80)
Microsoft	PWS:Win32/Zbot!ml
Google	Detected
AhnLab-V3	Trojan/Win.Vilsel.R511757
VBA32	Rootkit.Win32.Sality.baka
ALYac	Gen:Variant.Zusy.426582
Malwarebytes	Malware.AI.4255551949
Rising	Backdoor.Cylent!1.A239 (CLASSIC)
Ikarus	Virus.Win32.Sality
MaxSecure	Trojan.Malware.82199810.susgen
Fortinet	W32/ULPM.16C0!tr
BitDefenderTheta	Gen:NN.ZexaF.34682.cmW@a0JYHV
AVG	Win32:Malware-gen
CrowdStrike	win/malicious_confidence_70% (D)

How to remove Malware.AI.4255551949?

Malware.AI.4255551949 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X