Should I remove “Virus:Win32/Expiro.DB!MTB”?

The Virus:Win32/Expiro.DB!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Virus:Win32/Expiro.DB!MTB virus can do?

Behavioural detection: Executable code extraction – unpacking
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Virus:Win32/Expiro.DB!MTB?


File Info:
name: 7DA2C9C976141F04F98D.mlw
path: /opt/CAPEv2/storage/binaries/4705dce9b0a21a3c376a91b841cbb265f41787f13ddc58b755feaf639779f2ab
crc32: A812351C
md5: 7da2c9c976141f04f98dcda981dd85ff
sha1: cf0c12278cfe001b7c4ef64dc987d9d2a44c98f1
sha256: 4705dce9b0a21a3c376a91b841cbb265f41787f13ddc58b755feaf639779f2ab
sha512: d50d5915404ebcedcddfc6fd8fe866a970dec52dfcac733f5ab6eacc46c3bfdb673a5ceca622e18ebedc62264614634c7d754fe92bf33e15f35742a464515abd
ssdeep: 6144:temQBUY/7OYskbiyAwCukDhgKnc5xqP51nyC4m06PODZcdFBiUXa0AV+g/0R3kZ8:g6M5AwCukqKnc5gznyC4m02DFBhKxVhf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16674DF1EFBD2D9B4FC9205B189340425B829FDF2874DD2E753960E1BD8B56D2AE31223
sha3_384: bc1aba5aef3466c962bdf644cb97faae7c0531aea895beec16ee90753c97d636336ac3e93b0160b12cf91d2e68a5babe
ep_bytes: 525650ba18000000648b3201d601d68b
timestamp: 2014-12-16 17:14:01

Version Info:
CompanyName: Adobe Systems Incorporated
FileDescription: Adobe Acrobat Update Service
FileVersion: 1.801.10.4720
InternalName: armsvc.exe
LegalCopyright: Copyright © 2013 Adobe Systems Incorporated.  All rights reserved.
OriginalFilename: armsvc.exe
ProductName: Adobe Acrobat Update Service
ProductVersion: 1.801.10.4720
Translation: 0x0409 0x04b0

Virus:Win32/Expiro.DB!MTB also known as:

Bkav	W32.AIDetectMalware
Lionic	Virus.Win32.Expiro.n!c
MicroWorld-eScan	Trojan.GenericKD.68520793
ClamAV	Win.Packed.Expiro-10007164-0
FireEye	Generic.mg.7da2c9c976141f04
ALYac	Trojan.GenericKD.68520793
Malwarebytes	Generic.Malware/Suspicious
Sangfor	Suspicious.Win32.Save.a
Alibaba	Virus:Win32/Expiro.fccba0f5
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	AI:FileInfector.1CD444C412
Cyren	W32/Expiro.BT.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Expiro.NDG
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	Virus.Win32.Expiro.ns
BitDefender	Trojan.GenericKD.68520793
NANO-Antivirus	Virus.Win32.Gen.ccmw
Avast	Win32:MalOb-FE [Cryp]
Tencent	Virus.Win32.Expiro.kb
Emsisoft	Trojan.GenericKD.68520793 (B)
F-Secure	Malware.W32/Infector.Gen8
VIPRE	Trojan.GenericKD.68520793
TrendMicro	TROJ_GEN.R002C0RGT23
McAfee-GW-Edition	BehavesLike.Win32.Generic.fc
Trapmine	malicious.high.ml.score
Sophos	W32/Expiro-AV
SentinelOne	Static AI – Suspicious PE
GData	Trojan.GenericKD.68520793
Avira	W32/Infector.Gen8
Xcitium	Malware@#1gmasrvvnvr60
Arcabit	Trojan.Generic.D4158B59
ZoneAlarm	Virus.Win32.Expiro.ns
Microsoft	Virus:Win32/Expiro.DB!MTB
Google	Detected
AhnLab-V3	Malware/Win.Generic.R589694
Acronis	suspicious
MAX	malware (ai score=83)
VBA32	BScope.Trojan.Packed
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002C0RGT23
Rising	Trojan.Generic@AI.100 (RDML:Bikxcktw/31vfI76A89E2g)
Ikarus	Virus.Win32.Expiro
Fortinet	W32/Xpirat.C
AVG	Win32:MalOb-FE [Cryp]
Cybereason	malicious.976141
DeepInstinct	MALICIOUS

How to remove Virus:Win32/Expiro.DB!MTB?

Virus:Win32/Expiro.DB!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X