How to remove “Malware.AI.4280752119”?

The Malware.AI.4280752119 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4280752119 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.4280752119?


File Info:
name: 3989BE7924187789F807.mlw
path: /opt/CAPEv2/storage/binaries/6898e15f339958f43a389c8df312ec38185df7cb3604e8166cbf9ac93f6c0547
crc32: 472BC382
md5: 3989be7924187789f8071671c63e31f7
sha1: 9a0c266f605fb3a6883fe272b4122def178c109a
sha256: 6898e15f339958f43a389c8df312ec38185df7cb3604e8166cbf9ac93f6c0547
sha512: 120bd06a4547b2e55144485854e165e20abf8e079c84472e4c510dbd3c42833019cfc15a66482b4f29475af20be35500da6a1f8182fac8f3015423291d075bb7
ssdeep: 12288:vXesVmQAP78ZJRtNtZHoipLki6QVlLicgbvG8ubMSbz2+KBQAWlV3FZWw9pUr9Qb:/eq5t57DL5gjFbSbz2+KBQAC1FQw/UZ6
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1A3D47B26F91276A9E5112F75D6BC8F09B358011B08B0D0D9661ED881DFCEB33798ABD3
sha3_384: aedf5b0a84782a30ab45d516a67c713da125e915258624678222b2f4f5cdbcfe4f22c7e57caf3dc842d7661f6c776874
ep_bytes: 90554889e55648ffce57415441554156
timestamp: 2008-11-08 16:22:40

Version Info:
CompanyName: Microsoft Corporation
FileDescription: SNMP Trap
FileVersion: 10.0.17134.1 (WinBuild.160101.0800)
InternalName: snmptrap.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: snmptrap.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.17134.1
Translation: 0x0409 0x04b0

Malware.AI.4280752119 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Win64.Expiro.Gen.3
FireEye	Generic.mg.3989be7924187789
McAfee	W64/Expiro.a
Cylance	Unsafe
Zillya	Virus.Expiro.Win64.34
K7AntiVirus	Virus ( 0040f8071 )
K7GW	Virus ( 0040f8071 )
Cybereason	malicious.924187
Baidu	Win64.Virus.Expiro.r
Cyren	W64/Expiro.D!gen
Symantec	W64.Xpiro.F
ESET-NOD32	Win64/Expiro.AG
APEX	Malicious
ClamAV	Win.Virus.Expiro-7391369-0
Kaspersky	Virus.Win64.Expiro.g
BitDefender	Win64.Expiro.Gen.3
NANO-Antivirus	Virus.Win64.Expiro.dtfhve
Avast	Win32:Expiro-DD
Tencent	Virus.Win64.Expiro.ad
Ad-Aware	Win64.Expiro.Gen.3
Emsisoft	Win64.Expiro.Gen.3 (B)
DrWeb	Win64.Expiro.108
VIPRE	Virus.Win64.Expiro.gen.a (v)
TrendMicro	PE64_EXPIRO.AR
McAfee-GW-Edition	BehavesLike.Win64.Expiro.hc
Sophos	ML/PE-A + W64/Expiro-S
SentinelOne	Static AI – Malicious PE
GData	Win64.Expiro.Gen.3
Avira	W64/Expiro.AF
MAX	malware (ai score=89)
Antiy-AVL	Trojan/Generic.ASVirus.311
Arcabit	Win64.Expiro.Gen.3
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Win64/Expiro2.Gen
Acronis	suspicious
ALYac	Win64.Expiro.Gen.3
TACHYON	Virus/W64.Expiro.C
Malwarebytes	Malware.AI.4280752119
TrendMicro-HouseCall	PE64_EXPIRO.AR
Rising	Virus.Expiro!1.A140 (CLASSIC)
Ikarus	Virus.Win32.Expiro
Fortinet	W64/Expiro.Q
AVG	Win32:Expiro-DD
Panda	W32/Expiro.gen
CrowdStrike	win/malicious_confidence_100% (D)
MaxSecure	virus.win64.expiro.gen

How to remove Malware.AI.4280752119?

Malware.AI.4280752119 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X