Malware.AI.4188367437 removal tips

The Malware.AI.4188367437 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4188367437 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.4188367437?


File Info:
name: 5921CDC604CA0EDF7315.mlw
path: /opt/CAPEv2/storage/binaries/fff58bff464d9927d05fb272c826acfd91ed52750dc025d60616f6746f1f99cc
crc32: E04A415B
md5: 5921cdc604ca0edf7315f6162c7a05a8
sha1: 97a0e75a3ce919e6049a40c0c03bd186ac9cb68b
sha256: fff58bff464d9927d05fb272c826acfd91ed52750dc025d60616f6746f1f99cc
sha512: 1fecf1b67ae054f44fa0ffd6705c1163da29b27f8d4e449cf657a7bb4f531591b43723dfe6e02070cb7ba77c5a43077ab09118d4ec41e5abea9518e2f0e2f21a
ssdeep: 6144:MbBVteka/4YZ9ViL/mmUGHMMafnpdl5vF0/clcrqMLk6CS9JuMW90/o:eBVtztI9ViTwG6nfl5dmcSd3z9J/o
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C1947DB3621B49C4DFB932725B76FB08B039C2A5DF58A9427CC5783608BBBD127484D9
sha3_384: f063013553a3fbda2943004ece1e6d1aa01f1d697daef0f7cf2be2697786fcf4f3af67345408314be1e412589cedc653
ep_bytes: 5653522bf683c630648b1e518b4b084b
timestamp: 2019-01-23 14:35:14

Version Info:
CompanyName: Microsoft Corporation
FileDescription: COM Surrogate
FileVersion: 10.0.17134.1 (WinBuild.160101.0800)
InternalName: dllhost.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: dllhost.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.17134.1
Translation: 0x0409 0x04b0

Malware.AI.4188367437 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Win32.Expiro.Gen.6
ALYac	Win32.Expiro.Gen.6
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Virus ( 00580a951 )
K7GW	Virus ( 00580a951 )
Cybereason	malicious.604ca0
Cyren	W32/Expiro.CG
ESET-NOD32	a variant of Win32/Expiro.CP
APEX	Malicious
ClamAV	Win.Virus.Expiro-9887956-0
BitDefender	Win32.Expiro.Gen.6
NANO-Antivirus	Virus.Win32.Gen.ccmw
Avast	Win32:Xpirat-C [Inf]
Tencent	Virus.Win32.Expiro.ns
Ad-Aware	Win32.Expiro.Gen.6
Sophos	ML/PE-A
McAfee-GW-Edition	BehavesLike.Win32.Virut.gc
Trapmine	malicious.moderate.ml.score
FireEye	Generic.mg.5921cdc604ca0edf
Emsisoft	Win32.Expiro.Gen.6 (B)
SentinelOne	Static AI – Malicious PE
GData	Win32.Expiro.Gen.6
Jiangmin	Backdoor.Manuscrypt.l
Avira	W32/Infector.Gen8
Microsoft	Trojan:Win32/Sabsik.EN.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win.Generic.C4589902
MAX	malware (ai score=85)
VBA32	BScope.Trojan.Wacatac
Malwarebytes	Malware.AI.4188367437
Ikarus	Virus.Win32.Expiro
Fortinet	W32/Xpirat.C
AVG	Win32:Xpirat-C [Inf]
Panda	Trj/Genetic.gen
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Malware.AI.4188367437?

Malware.AI.4188367437 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X