Virus

Virus:Win32/Expiro!F malicious file

Malware Removal

The Virus:Win32/Expiro!F is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Virus:Win32/Expiro!F virus can do?

  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

How to determine Virus:Win32/Expiro!F?


File Info:

crc32: 3F0E02B2
md5: a913ca127d9a25b1f8fd29e7a40ed453
name: A913CA127D9A25B1F8FD29E7A40ED453.mlw
sha1: d21b785a57259ebfa3fbef1af6cacd648cef08a8
sha256: 99a1c1d1720e0d194c4c9fe28edb3f0f9d7f4299555884d4fd08c3cee90bf568
sha512: a3af6ed5e5fb3afa973a0021768b680486347c3588f262f19eb0d81b82f0ee00c15e35675341161157a18445f4a8097933c442877a54b52579375da8041c664b
ssdeep: 3072:RG8uuBD/6AqM8icbBlhIG5Mtn2QFyCWCcdy:vBD6AEbBlhWwLd
type: MS-DOS executable, MZ for MS-DOS

Version Info:

LegalCopyright: Copyright xa9 Microsoft Corporation 1996-2001
InternalName: mnmsrvc
FileVersion: 5.1.2600.2180
CompanyName: Microsoft Corporation
LegalTrademarks: Microsoftxae is a registered trademark of Microsoft Corporation. Windowsxae is a registered trademark of Microsoft Corporation.
ProductName: Windowsxae NetMeetingxae
ProductVersion: 3.01
FileDescription: NetMeeting Remote Desktop Sharing
OriginalFilename: mnmsrvc.dll
Translation: 0x0409 0x04b0

Virus:Win32/Expiro!F also known as:

K7AntiVirusTrojan ( 005376ae1 )
LionicTrojan.Win32.Expiro.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanWin32.Expiro.BC
ALYacWin32.Expiro.BC
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (D)
AlibabaVirus:Win32/Expiro.4e539a08
K7GWTrojan ( 0049c30b1 )
Cybereasonmalicious.27d9a2
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Expiro.NAS
APEXMalicious
AvastFileRepMalware
CynetMalicious (score: 100)
BitDefenderWin32.Expiro.BC
NANO-AntivirusTrojan.Win32.Expiro.fnnhcg
TencentWin32.Virus.Expiro.Llgt
Ad-AwareWin32.Expiro.BC
ComodoMalCrypt.Indus!@1qrzi1
BitDefenderThetaAI:FileInfector.7E32D4940F
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
FireEyeGeneric.mg.a913ca127d9a25b1
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_97%
ArcabitWin32.Expiro.BC
MicrosoftVirus:Win32/Expiro.gen!F
Acronissuspicious
McAfeeArtemis!A913CA127D9A
MAXmalware (ai score=83)
MalwarebytesRansom.Petya.Generic
PandaTrj/CI.A
IkarusVirus.Win32.Virut.n
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Expiro.NR
AVGFileRepMalware
Paloaltogeneric.ml

How to remove Virus:Win32/Expiro!F?

Virus:Win32/Expiro!F removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment