About “Malware.AI.3707607618” infection

The Malware.AI.3707607618 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3707607618 virus can do?

Authenticode signature is invalid

How to determine Malware.AI.3707607618?


File Info:
name: 20FA84C410E2F49403DA.mlw
path: /opt/CAPEv2/storage/binaries/64e1c75a06463e9dac93742a863adebe520f960ca95659cba1a30d52f596b79a
crc32: 2DDCA02A
md5: 20fa84c410e2f49403da11167128e82f
sha1: 3a283b0aed969251acbc49327a523a12cabfcf80
sha256: 64e1c75a06463e9dac93742a863adebe520f960ca95659cba1a30d52f596b79a
sha512: 23ea2badd59bde18147dd47af6fc1042df1c6c39da3d261f883cba6ffcfe55d348830ff717948020b37332b8fb16dbac907eb4b5f414e1954903ce7c068ced9d
ssdeep: 12288:nfZyJaUMAdB8qr0zw9iXQ40AOzDr5YJjsF/5v3ZkHRik8H:niaatr0zAiX90z/F0jsFB3SQkQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16655121739EF80B3D9931E302A7898866677797079E25B0BA3C03F0F6B74581CD54AE6
sha3_384: 83f9ec831b2b07a2693431f4de9d89e6da078e510acfd560e745016e3e8869f00516d096c08dcf6b44d65cc7b9eaa0a2
ep_bytes: e8505c0900e935fdffff558bec81ec28
timestamp: 2006-10-27 06:44:49

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Groove Audit Service
FileVersion: 12.0.4518.1014
InternalName: GrooveAuditService
LegalCopyright: © 2006 Microsoft Corporation.  All rights reserved.
OriginalFilename: GrooveAuditService.exe
ProductName: Groove Audit Service
ProductVersion: 4.2.0.2623
Translation: 0x0000 0x04b0

Malware.AI.3707607618 also known as:

Bkav	W32.AIDetect.malware1
Cynet	Malicious (score: 100)
FireEye	Generic.mg.20fa84c410e2f494
ALYac	Win32.Expiro.Gen.7
Cyren	W32/Expiro.AU.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Expiro.NDP
APEX	Malicious
ClamAV	Win.Trojan.Expiro-9937503-0
Kaspersky	VHO:Trojan.Win32.Waldek.gen
BitDefender	Win32.Expiro.Gen.7
NANO-Antivirus	Virus.Win32.Virut-Gen.bwpxnc
MicroWorld-eScan	Win32.Expiro.Gen.7
Avast	Win32:Vitro [Inf]
Emsisoft	Win32.Expiro.Gen.7 (B)
DrWeb	Win32.Expiro.153
MAX	malware (ai score=83)
Antiy-AVL	Trojan/Generic.ASVirus.316
Microsoft	Trojan:Script/Phonzy.C!ml
GData	Win32.Expiro.Gen.7
VBA32	Trojan.Sabsik.TE
Malwarebytes	Malware.AI.3707607618
Ikarus	Trojan.Patched
Fortinet	W32/Expiro.NDO!tr
AVG	Win32:Vitro [Inf]
Cybereason	malicious.aed969

How to remove Malware.AI.3707607618?

Malware.AI.3707607618 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X