Malware.AI.3151040109 removal guide

The Malware.AI.3151040109 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3151040109 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.3151040109?


File Info:
name: 0C49C4A1F9CAD0FD3AB1.mlw
path: /opt/CAPEv2/storage/binaries/f1598279b8b5567bd79fc5b6086423f7159784b61537ba2fcc90363603fad9f0
crc32: 375F2421
md5: 0c49c4a1f9cad0fd3ab1840e1383c384
sha1: 6c7622b4dc97af84df7dcd12b817367d2955a768
sha256: f1598279b8b5567bd79fc5b6086423f7159784b61537ba2fcc90363603fad9f0
sha512: 6e7a6c4017c79550612f46d82314efb2f39b024cb92e87354f1dc12bd7ba5bbf7329710df662a2ee3308fbc9085117d2eda10dd786ad24f31ec387cff421e7ac
ssdeep: 6144:G8qvZU3DmS4muzd5RhsCIUtkZKebnUGOiflz9nGyPRFAQoXsQ2uu2xNnhq:UZcmSzuXRhs0t4KeHnz9nGhD2uR7h
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T17AB4CF6A671C0CDCE039083C25D22057C67C3E66E36267DB79AA971B3F669F44D36283
sha3_384: 6060515cff55b819a2dc0fc500401d4e052233ad8e1aa840674fe6ab47cdcf0e5198195d33379945865d517314fc0491
ep_bytes: 475150455243b96000000065498b0145
timestamp: 2065-04-25 15:07:57

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Microsoft (R) Diagnostics Hub Standard Collector
FileVersion: 11.00.17134.765 (WinBuild.160101.0800)
InternalName: DiagnosticsHub.StandardCollector.Service.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: DiagnosticsHub.StandardCollector.Service.exe
ProductName: Internet Explorer
ProductVersion: 11.00.17134.765
Translation: 0x0409 0x04b0

Malware.AI.3151040109 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Win64.Expiro.Gen.6
FireEye	Generic.mg.0c49c4a1f9cad0fd
Cylance	Unsafe
K7AntiVirus	Virus ( 00535e4a1 )
K7GW	Virus ( 00535e4a1 )
Cyren	W64/Expiro.AH.gen!Eldorado
ESET-NOD32	a variant of Win64/Expiro.CO
TrendMicro-HouseCall	Virus.Win64.EXPIRO.MR
ClamAV	Win.Virus.Expiro-9891421-0
Kaspersky	HEUR:Virus.Win64.Expiro.gen
BitDefender	Win64.Expiro.Gen.6
NANO-Antivirus	Virus.Win64.Expiro.clnvwd
Avast	Win64:Xpirat [Inf]
Ad-Aware	Win64.Expiro.Gen.6
Sophos	ML/PE-A + W64/Expiro-AX
DrWeb	Win64.Expiro.132
TrendMicro	Virus.Win64.EXPIRO.MR
SentinelOne	Static AI – Malicious PE
Emsisoft	Win64.Expiro.Gen.6 (B)
APEX	Malicious
GData	Win64.Expiro.Gen.6
Jiangmin	Trojan.Bingoml.akq
Avira	TR/Patched.Gen
Antiy-AVL	Trojan/Generic.ASVirus.30B
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
Acronis	suspicious
ALYac	Win64.Expiro.Gen.6
MAX	malware (ai score=81)
Malwarebytes	Malware.AI.3151040109
Ikarus	Virus.Win64.Expiro
MaxSecure	virus.win64.expiro.gen
Fortinet	W64/Expiro.BS
AVG	Win64:Xpirat [Inf]
CrowdStrike	win/malicious_confidence_80% (D)

How to remove Malware.AI.3151040109?

Malware.AI.3151040109 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X