Malware

Malware.AI.4276344132 removal guide

Malware Removal

The Malware.AI.4276344132 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4276344132 virus can do?

  • Dynamic (imported) function loading detected
  • Starts servers listening on 0.0.0.0:943, 0.0.0.0:4510
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup

How to determine Malware.AI.4276344132?



File Info:

name: 42F1B4B9FA0DF2916B1E.mlw
path: /opt/CAPEv2/storage/binaries/a79c80d04af89f4500950783aff855c4d1b70a7feab14d8cd483ff32ca77f9d2
crc32: 65A15653
md5: 42f1b4b9fa0df2916b1e73b62edca9c4
sha1: 08eb0f71d09b43ab3f34566445b354eeaa59e908
sha256: a79c80d04af89f4500950783aff855c4d1b70a7feab14d8cd483ff32ca77f9d2
sha512: 9d2ba073ac43e8da96cfe5b6f763eac446a408048dbdbd872f2fab91ac430f166195560348e4cb5ef0221eb8dfe4c1a339c4eae242838670060ed0d40de99e3b
ssdeep: 1536:jCWC+YrB9gOeyisEnToI5rXk4Od+A2Lj3UHv6GpAQK:jCWLW5ETtNXk4rAmUHv6GyQK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15324D411A532B5F6D8A04DFC647BCA9F552D5D3236D3E0B6F288FE0F35B31A1A822419
sha3_384: cc587fcc7ac8a1dbb1cc2ed7b398e0ae78e60c485f282952be710c0f24922754e345a670c9daa035e9f9f055515a3845
ep_bytes: 558bec6aff68c8e9400068b6b2400064
timestamp: 2017-06-26 06:07:52


Version Info:

Comments: 20.16061
CompanyName: 云呼叫中心
FileDescription: 电话条卫士
FileVersion: 1, 0, 0, 4
InternalName: CINAgentGuard
LegalCopyright: 云呼叫中心 版权所有
LegalTrademarks: 
OriginalFilename: CINAgentGuard.EXE
PrivateBuild: 
ProductName: 电话条守护卫士
ProductVersion: 1, 0, 0, 4
SpecialBuild: 
Translation: 0x0804 0x04b0

Malware.AI.4276344132 also known as:

MicroWorld-eScanGen:Variant.Mikey.117674
FireEyeGen:Variant.Mikey.117674
ALYacGen:Variant.Mikey.117674
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforInfostealer.Win32.Zbot.ml
K7GWUnwanted-Program ( 0054839e1 )
K7AntiVirusUnwanted-Program ( 0054839e1 )
BitDefenderThetaGen:NN.ZexaF.34182.nq1@aW!6VPfj
CyrenW32/Trojan.KVUY-2780
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/RiskWare.CINGuard.A
TrendMicro-HouseCallTROJ_GEN.R002H09IG21
Paloaltogeneric.ml
BitDefenderGen:Variant.Mikey.117674
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Mikey.117674
SophosGeneric Reputation PUA (PUA)
ZillyaTool.CINGuard.Win32.5
McAfee-GW-EditionBehavesLike.Win32.Dropper.dt
EmsisoftGen:Variant.Mikey.117674 (B)
Antiy-AVLTrojan/Generic.ASMalwS.349D94D
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftPWS:Win32/Zbot!ml
GDataGen:Variant.Mikey.117674
AhnLab-V3Malware/Win32.Generic.C3130853
McAfeeRDN/Generic.grp
MalwarebytesMalware.AI.4276344132
APEXMalicious
RisingRiskWare.CINGuard!8.8798 (CLOUD)
YandexRiskWare.CINGuard!budU5wTsSmY
MAXmalware (ai score=88)
MaxSecureTrojan.Malware.138712406.susgen
FortinetRiskware/CINGuard
AVGWin32:Malware-gen
Cybereasonmalicious.9fa0df

How to remove Malware.AI.4276344132?

Malware.AI.4276344132 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment