Virus

Expiro.Virus.FileInfector.DDS removal

Malware Removal

The Expiro.Virus.FileInfector.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Expiro.Virus.FileInfector.DDS virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Arabic (Oman)
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Expiro.Virus.FileInfector.DDS?



File Info:

name: 86051A1A436BB4020736.mlw
path: /opt/CAPEv2/storage/binaries/ca1d3139116510da555957a86e243d6516005fd440c2cac1bb014ea3dcad2bc2
crc32: 507657F5
md5: 86051a1a436bb40207361ffd77c6342d
sha1: 733b07f1d6913d391af71ad70dfe436f858e9b62
sha256: ca1d3139116510da555957a86e243d6516005fd440c2cac1bb014ea3dcad2bc2
sha512: 14a90432452925bd2521239bc4d520b0e2d4b14a5329e7560c3d875b264bc6fe092b4e60b02bc1b0479f61f5db3d4b3aa9bddabce52c63fe10d61bfd49177c4d
ssdeep: 49152:KTipzT89Gc76AdznjWxlftOKeZnTNK1KdIFVMs9iBal1O:Gip0oI6Adznj+lftJ0TGKdS1
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1B37622129D3D8022E1B296B1B4D8469731A05E6DB82D7B873E93F4F91C374F062D897B
sha3_384: 1eca774071caccda478d282e17dc22b890ef3f15ea9a9f3bed03777ff89136e0bb2ad60ee4da5bd02818155501a11551
ep_bytes: e8f3700000e97bfeffff558bec8b550c
timestamp: 2016-01-01 03:16:02


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Setup
FileVersion: 10.0.40820.00
InternalName: vstor40_x64.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: vstor40_x64.exe
ProductName: Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
ProductVersion: 10.0.40820.00
Translation: 0x0409 0x04b0

Expiro.Virus.FileInfector.DDS also known as:

BkavW32.AIDetect.malware2
LionicAdware.Win32.DownloadHelper.2!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Graftor.971469
FireEyeGeneric.mg.86051a1a436bb402
McAfeeDLAssistant
CylanceUnsafe
VIPREGen:Variant.Graftor.971469
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005464371 )
AlibabaAdWare:Win32/Kryptik.be243577
K7GWTrojan ( 005464371 )
Cybereasonmalicious.a436bb
ArcabitTrojan.Graftor.DED2CD
CyrenW32/Trojan.FLD.gen!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Kryptik.GNEP
APEXMalicious
CynetMalicious (score: 100)
Kasperskynot-a-virus:HEUR:AdWare.Win32.DownloadHelper.gen
BitDefenderGen:Variant.Graftor.971469
NANO-AntivirusTrojan.Win32.Cognac.fpzrni
AvastFileRepMalware [Trj]
TencentWin32.AdWare.Downloadhelper.Jcnw
Ad-AwareGen:Variant.Graftor.971469
ComodoMalware@#2nyllxqhfv1eh
DrWebTrojan.Cognac.9
ZillyaTrojan.Kryptik.Win32.3683243
TrendMicroTrojanSpy.Win32.URSNIF.SMY.hp
McAfee-GW-EditionDLAssistant
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Graftor.971469 (B)
SentinelOneStatic AI – Malicious PE
JiangminAdWare.DownloadHelper.jph
AviraHEUR/AGEN.1228681
Antiy-AVLGrayWare[AdWare]/Win32.DownloadHelper
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataGen:Variant.Graftor.971469
GoogleDetected
BitDefenderThetaGen:NN.ZexaF.34796.@x0@aWDjlLkO
ALYacGen:Variant.Graftor.971469
MAXmalware (ai score=94)
VBA32BScope.Trojan.Fuerboos
MalwarebytesExpiro.Virus.FileInfector.DDS
TrendMicro-HouseCallTrojanSpy.Win32.URSNIF.SMY.hp
RisingTrojan.Kryptik!1.B5BE (CLASSIC)
YandexPUA.DownloadHelper!kSsTcTuPQjo
IkarusTrojan.Win32.Krypt
FortinetW32/Kryptik.GGIJ!tr
AVGFileRepMalware [Trj]
PandaTrj/Genetic.gen

How to remove Expiro.Virus.FileInfector.DDS?

Expiro.Virus.FileInfector.DDS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment