What is “Win64:Expiro-AJ [Inf]”?

The Win64:Expiro-AJ [Inf] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win64:Expiro-AJ [Inf] virus can do?

• The binary likely contains encrypted or compressed data.
• Authenticode signature is invalid
• Anomalous binary characteristics

How to determine Win64:Expiro-AJ [Inf]?

File Info:
name: 0EF305DD530FE7B79F08.mlw
path: /opt/CAPEv2/storage/binaries/2d5f7a936e44ced0b9ce802a0f79424e9ff17675d6c3b4527dd3963595e33b8d
crc32: 69D3A186
md5: 0ef305dd530fe7b79f087064255fa658
sha1: 03874edbbb04557b9680d0a37e04f575d36b5842
sha256: 2d5f7a936e44ced0b9ce802a0f79424e9ff17675d6c3b4527dd3963595e33b8d
sha512: a18f15e38ed71309ec765a1dcb73294a02d8ee31dd7ba3c5b3f3c223dbeb614d7806be165f759d981e5d144ca829dae17b72d5cb62f66d9c80d8054e26a7c5a2
ssdeep: 12288:xIXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DBDt3kbE:xIsqjnhMgeiCl7G0nehbGZpbD
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T10A4523BF920C51CAD92918F5C3DAE11DB8073E66E9240842BD97B8FEF6B54584F3C812
sha3_384: ef5582842492c43a0489cfdf2262223ed2664d247fa4a85b5be4eb8d92d2a6c9aa2edf1ff54d055e71ff88c76d6e6a5a
ep_bytes: 7d05783ce5fecface20c824b80d46be3
timestamp: 2015-07-30 12:21:34

Version Info:
0: [No Data]

Win64:Expiro-AJ [Inf] also known as:

How to remove Win64:Expiro-AJ [Inf]?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.