Malware.AI.4248163110 removal guide

The Malware.AI.4248163110 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4248163110 virus can do?

The binary likely contains encrypted or compressed data.
Anomalous binary characteristics

How to determine Malware.AI.4248163110?


File Info:
crc32: B7FCF90C
md5: a81a30a39d405b9b8448d547afd480ce
name: A81A30A39D405B9B8448D547AFD480CE.mlw
sha1: 4e4236ae0f5e48b8c18156b3e84dbffa2230a7a9
sha256: 9a412c1c1965901b90ac3173e61d139df5008b5bd23e2a44e4214ff663eb27bc
sha512: 97d84bfba3fd22370bd5cadf9c08d42872000ddf0dc903158f913a88196f0ea92887b2e9fcbf7488e231f1bcb2af3d8846831705a0d68f3db8d4999e99739138
ssdeep: 6144:m0mwXSJGI8hrX/ijpsI2XGswPKY24kDrwZ9TCwfhSiRYVdmdmGYvrF3+PK79:EwXAwhbMpsIziVyowfE4yumnFB
type: PE32+ executable (GUI) x86-64, for MS Windows

Version Info:
LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: ehSched.exe
FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
CompanyName: Microsoft Corporation
ProductName: Microsoftxae Windowsxae Operating System
ProductVersion: 6.1.7600.16385
FileDescription: Windows Media Center Scheduler Service
OriginalFilename: ehSched.exe
Translation: 0x0409 0x04b0

Malware.AI.4248163110 also known as:

K7AntiVirus	Virus ( 00535e4a1 )
Elastic	malicious (high confidence)
ALYac	Win64.Expiro.Gen.6
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
BitDefender	Win64.Expiro.Gen.6
K7GW	Virus ( 00535e4a1 )
Cybereason	malicious.39d405
Cyren	W64/Expiro.R.gen!Eldorado
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of Win64/Expiro.CO
APEX	Malicious
Cynet	Malicious (score: 100)
NANO-Antivirus	Virus.Win64.Expiro.clnvwd
MicroWorld-eScan	Win64.Expiro.Gen.6
Ad-Aware	Win64.Expiro.Gen.6
Sophos	ML/PE-A + W64/Expiro-AV
TrendMicro	Virus.Win64.EXPIRO.MR
McAfee-GW-Edition	BehavesLike.Win64.Ransomware.hc
FireEye	Generic.mg.a81a30a39d405b9b
Emsisoft	Win64.Expiro.Gen.6 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Bingoml.avt
Avira	TR/Patched.Gen
Antiy-AVL	Trojan/Generic.ASVirus.307
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Win64.Expiro.Gen.6
Acronis	suspicious
McAfee	Artemis!A81A30A39D40
MAX	malware (ai score=82)
Malwarebytes	Malware.AI.4248163110
TrendMicro-HouseCall	Virus.Win64.EXPIRO.MR
Ikarus	Virus.Win64.Expiro
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W64/Expiro.CE

How to remove Malware.AI.4248163110?

Malware.AI.4248163110 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X