How to remove “Malware.AI.4194451587”?

The Malware.AI.4194451587 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4194451587 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.4194451587?


File Info:
name: 4733663789451DB774F9.mlw
path: /opt/CAPEv2/storage/binaries/55e784089e20ce7421082129c15e0e6fc447f1d86f4621b36f956897ce8be342
crc32: 9044B722
md5: 4733663789451db774f934443cf9b183
sha1: 8957778d8a9bd0cd30889566d2588563f82ce4d0
sha256: 55e784089e20ce7421082129c15e0e6fc447f1d86f4621b36f956897ce8be342
sha512: 3e8643e0ac8536257c7670fd92137e282e44a380b69ff64f6bc432334ff706e892d1774e87fca253351447c08ce350af82f44e0b24f6be4b1e3eecfede8c671c
ssdeep: 24576:dsZba8vUqftx+y3Nr2PkNceSId5S3poXIsjW:IG4UMx+2pckNceSo5Ypo4A
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T11665AE5AEF6A4AD6F1BB84748833C102F67278489D31B3179158E2AF1EF38C45DA6F50
sha3_384: d224e0a6b6fad738cdc6c0b76cfb7e43c141cb0aa554aff3979541842d4cf613f566eba801afa92f39182887819bb56f
ep_bytes: 90554889e55648ffce57415441554156
timestamp: 1992-07-21 04:31:44

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Microsoft Application Virtualization Client Service
FileVersion: 10.0.17134.1276 (WinBuild.160101.0800)
InternalName: AppVClient.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: AppVClient.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.17134.1276
Translation: 0x0409 0x04b0

Malware.AI.4194451587 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Win64.Expiro.Gen.3
FireEye	Generic.mg.4733663789451db7
ALYac	Win64.Expiro.Gen.3
Cylance	Unsafe
Zillya	Virus.Expiro.Win64.34
CrowdStrike	win/malicious_confidence_100% (D)
K7GW	Virus ( 0040f8071 )
K7AntiVirus	Virus ( 0040f8071 )
Baidu	Win64.Virus.Expiro.r
Cyren	W64/Expiro.D!gen
Symantec	W64.Xpiro.F
ESET-NOD32	Win64/Expiro.AG
APEX	Malicious
Kaspersky	Virus.Win64.Expiro.g
BitDefender	Win64.Expiro.Gen.3
NANO-Antivirus	Virus.Win64.Expiro.dtfhve
Avast	Win32:Expiro-DD
Tencent	Virus.Win64.Expiro.ad
Ad-Aware	Win64.Expiro.Gen.3
TACHYON	Virus/W64.Expiro.C
Emsisoft	Win64.Expiro.Gen.3 (B)
DrWeb	Win64.Expiro.108
VIPRE	Virus.Win64.Expiro.gen.a (v)
TrendMicro	PE64_EXPIRO.AR
McAfee-GW-Edition	W64/Expiro.a
Sophos	ML/PE-A + W64/Expiro-S
SentinelOne	Static AI – Malicious PE
GData	Win64.Expiro.Gen.3
Avira	W64/Expiro.AF
Antiy-AVL	Trojan/Generic.ASVirus.311
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Win64/Expiro2.Gen
Acronis	suspicious
McAfee	W64/Expiro.a
MAX	malware (ai score=88)
Malwarebytes	Malware.AI.4194451587
TrendMicro-HouseCall	PE64_EXPIRO.AR
Rising	Virus.Expiro!1.A140 (CLASSIC)
Ikarus	Virus.Win32.Expiro
Fortinet	W64/Expiro.Q
AVG	Win32:Expiro-DD
Panda	W32/Expiro.gen
MaxSecure	virus.win64.expiro.gen

How to remove Malware.AI.4194451587?

Malware.AI.4194451587 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X