Virus

Virus.Expiro.2414 removal instruction

Malware Removal

The Virus.Expiro.2414 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Virus.Expiro.2414 virus can do?

  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Virus.Expiro.2414?



File Info:

name: 9D48D34794814F6CAB4C.mlw
path: /opt/CAPEv2/storage/binaries/7412eb156fa0bfe18b71836a859a735d06dce02e9c339de15231a9fa9a58986d
crc32: 78259997
md5: 9d48d34794814f6cab4c516cf27e03b0
sha1: cbe3b16d3da972abc0056d3e0bd8a988cb0281d5
sha256: 7412eb156fa0bfe18b71836a859a735d06dce02e9c339de15231a9fa9a58986d
sha512: aafdda1e6a68ea790fdf743588a19220005145d95eeba98bc1e6ad9ad422941357697c3b42496ca0f544cf437d553ce7b6250314abd7bc261875668ae673b255
ssdeep: 6144:CH6CBF0ZcCGmunr4ANn5/LAGokvSf4ZbpZ6K604ix/VLWL4KCIBztNPeSNMNdrhi:CTG6CknkKnskPZeg/uGItPX+rhOi9O
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15FE49E5F10E04942F993B931CE21354E832EA698D97AF74870DD13A9B63865C4F2EB73
sha3_384: 1c18b0fc76173bfa7e99be0f0f68a7fd3c75d9966a411c76615b0dbbdd90f24a4db0aa151cd4858ecf7d238b6a92eee6
ep_bytes: 605589e581ec08010000c745f8010000
timestamp: 2010-11-20 08:49:20


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Setup Unattend Generic Command Processor
FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
InternalName: SetupUGC.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: SETUPUGC.EXE
ProductName: Microsoft® Windows® Operating System
ProductVersion: 6.1.7601.17514
Translation: 0x0409 0x04b0

Virus.Expiro.2414 also known as:

BkavW32.Expiro2NHc.PE
AVGWin32:Xpirat [Inf]
Elasticmalicious (high confidence)
MicroWorld-eScanWin32.Expiro.Gen.3
FireEyeGeneric.mg.9d48d34794814f6c
CAT-QuickHealW32.Expiro.L4
SkyhighBehavesLike.Win32.Expiro.jc
ALYacWin32.Expiro.Gen.3
MalwarebytesGeneric.Malware.AI.DDS
ZillyaVirus.Expiro.Win32.42
SangforTrojan.Win32.Save.a
K7AntiVirusVirus ( 0040f4dc1 )
AlibabaVirus:Win32/Expiro.27ac5c2f
K7GWVirus ( 0040f4dc1 )
BitDefenderThetaAI:FileInfector.6CBEB04B12
VirITWin32.Expiro.AL
SymantecW32.Xpiro.F
tehtrisGeneric.Malware
ESET-NOD32Win32/Expiro.AY
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Trojan.Expiro-34
KasperskyVirus.Win32.Expiro.ar
BitDefenderWin32.Expiro.Gen.3
NANO-AntivirusVirus.Win32.Expiro.clnvwd
AvastWin32:Xpirat [Inf]
RisingVirus.Expiro!1.A140 (CLASSIC)
EmsisoftWin32.Expiro.Gen.3 (B)
BaiduWin32.Virus.Expiro.c
F-SecureMalware.W32/Expiro.NU
DrWebWin32.Expiro.80
VIPREWin32.Expiro.Gen.3
TrendMicroPE_EXPIRO.AR
Trapminemalicious.high.ml.score
SophosW32/Expiro-S
IkarusVirus.Win32.Expiro
VaristW32/Expiro.BG
AviraW32/Expiro.NU
Antiy-AVLVirus/Win32.Expiro.nr
KingsoftWin32.Infected.AutoInfector.a
MicrosoftVirus:Win32/Expiro.CD
XcitiumVirus.Win32.Expiro.SR@564eat
ArcabitWin32.Expiro.Gen.3
ZoneAlarmVirus.Win32.Expiro.ar
GDataWin32.Expiro.Gen.3
GoogleDetected
AhnLab-V3Win32/Expiro5.Gen
McAfeeW32/Expiro.gen.p
VBA32Virus.Expiro.2414
Cylanceunsafe
PandaW32/Expiro.O
TrendMicro-HouseCallPE_EXPIRO.AR
TencentVirus.Win32.Expiro.aab
MAXmalware (ai score=100)
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Expiro.W
DeepInstinctMALICIOUS
alibabacloudVirus:Win/Expiro.QPUNLJHDDWOINBUN

How to remove Virus.Expiro.2414?

Virus.Expiro.2414 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment