Trojan.Win64.Kryplod.ypf removal guide

The Trojan.Win64.Kryplod.ypf is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Win64.Kryplod.ypf virus can do?

Authenticode signature is invalid

How to determine Trojan.Win64.Kryplod.ypf?


File Info:
name: 0782111839C8407A205A.mlw
path: /opt/CAPEv2/storage/binaries/85d79e55423a3f40bde4f5fa1346e4e2d84f3937890c8e82416a69b5eac4d514
crc32: D3F23570
md5: 0782111839c8407a205ae1e8ceae0e1f
sha1: 1421d9f4e6ae53bfc2bde4fbfb832045439b0c46
sha256: 85d79e55423a3f40bde4f5fa1346e4e2d84f3937890c8e82416a69b5eac4d514
sha512: ce31e439f6c6f6caa2fa8519c68cc471b226389f6e890a594819372240dc300e1199951a2ad79a299638f53614aadd535470334719a4b186ce871af0d7d8edf4
ssdeep: 12288:7uzvXc3ajG+hjQKymY8efKCpD7Gj9G6GlT8nQkCu83L3Wl/np9DBDt3kbE:7uzvsqjnhMgeiCl7G0QehbGZpbD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18E5512E776E5C0BAF5320575C9F8F1BD742AFD7BAC300503B2902B6D65B44406A38A6B
sha3_384: cc19cb3d0389cb46a3ff41ec708d6827b461a144e2f7fb3446052834f5de1148cc92d52431b5f53db3c609985debbf48
ep_bytes: e8a1e6ffff6a1468882a4000e81bf7ff
timestamp: 2015-11-06 02:21:13

Version Info:
CompanyName: Microsoft Corporation
FileDescription: .NET Runtime Optimization Service
FileVersion: 4.6.1055.0 built by: NETFXREL2
InternalName: mscorsvw.exe
LegalCopyright: © Microsoft Corporation.  All rights reserved.
OriginalFilename: mscorsvw.exe
ProductName: Microsoft® .NET Framework
ProductVersion: 4.6.1055.0
Comments: Flavor=Retail
PrivateBuild: DDBLD400
Translation: 0x0409 0x04b0

Trojan.Win64.Kryplod.ypf also known as:

Bkav	W32.AIDetect.malware1
Lionic	Trojan.Win32.Convagent.i!c
FireEye	Generic.mg.0782111839c8407a
Cylance	Unsafe
K7AntiVirus	Trojan ( 0058c5701 )
Alibaba	Trojan:Win64/Kryplod.443e43ea
K7GW	Trojan ( 0058c5701 )
Cybereason	malicious.4e6ae5
Cyren	W32/Expiro.AU.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Expiro.NDP
ClamAV	Win.Malware.Expiro-6994210-0
Kaspersky	Trojan.Win64.Kryplod.ypf
NANO-Antivirus	Virus.Win32.Virut-Gen.bwpxnc
Avast	FileRepMalware
Tencent	Win32.Virus.Expiro.Fru
McAfee-GW-Edition	Artemis!Virus
Sophos	Mal/Generic-S
APEX	Malicious
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
McAfee	Artemis!0782111839C8
Rising	Virus.Expiro!8.375 (CLOUD)
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/Expiro.NDO!tr
AVG	FileRepMalware
CrowdStrike	win/malicious_confidence_70% (W)

How to remove Trojan.Win64.Kryplod.ypf?

Trojan.Win64.Kryplod.ypf removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X