Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Expiro infection


  • This topic is locked This topic is locked
5 replies to this topic

#1 cerealkillaah

cerealkillaah

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:06 AM

Posted 05 May 2016 - 08:03 AM

Hello, good people!

I've got a problem with my computer. Here's my story:

I've been having issues with my desktop for some time, some applications stopped working. Recently Windows settings didn't work. I ran a scan with eset online scanner - it found many infections of Expiro or Xpirat, mbam shows the computer is clean. When I ran a scan with Avast it detected Expiro and put a lut of files in the quarantine. As a result some of the programs (Internet explorer, open office or  Audacity) stopped working. I noticed that the missing .exe files are in th virus chest. I browsed through several pages and forums and found that Expiro is a nasty thing. Is it worth fighting or is it better to format the computer and reinstall the system?

here are the frst logs:

 

Attached Files



BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 AM

Posted 05 May 2016 - 01:28 PM

Hello cerealkillaah and Welcome to the BleepingComputer. :welcome: 
My name is Yılmaz and please read:

 

Expiro Virüs:

 

:step1:

http://www.bleepingcomputer.com/forums/t/603712/black-screen-with-cursor-virus-is-zeroaccess/?p=3928298

Unfortunately I have bad news, from your logs I can see that you are infected with Expiro:

 

Virus:Win32/Expiro is a file infector which targets and infects .exe files and files referenced by .Ink files.The virus infects executable files with .exe extension by appending virus code to them; whenever a file is accessed it may be infected. Executable files that have been infected by W32.Expiro may be damaged and therefore may not execute correctly, system files can also become infected. It can also collect personal data and opens a backdoor on the infected computer, allowing hackers to control your computer.

I will help you backup and reformat if you wish to do so. I can also attempt to clean the computer, but I would not do so without a backup of all files you would not want to lose. There is a chance the system could become unbootable or could be reinfected very easily by cleaning depending on how badly the system is infected. There are no guarantees with cleaning the computer and reinstalling will generally be much faster, but I am willing to try to clean the system. Let me know what you choose to do.

  :step2:
http://www.bleepingcomputer.com/forums/t/569011/expiro-infection/?p=3650166

 

quietman7 >>

File infectors can cause so much damage to critical system files that they cannot be completely cleaned or repaired. I do not know of any security vendor who will guarantee complete removal of file infectors since they cannot ensure that some files will not get corrupted during the disinfection process. This means that infected executables and system files can become unusable after attempting to repair them and afterward, there is still no guarantee the virus is really gone. Since many of the affected files are legitimate critical files required by the operating system, deletion is not a viable option. Even many anti-virus vendors admit that some malicious programs like file infectors cannot be properly disinfected by their products.

 

Regards


Edited by olgun52, 05 May 2016 - 01:31 PM.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 cerealkillaah

cerealkillaah
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:06 AM

Posted 06 May 2016 - 01:45 AM

Hello Yilmaz!

 

Thank you for your information. I was afraid that you would say that. I think that formatting will be the best option. I will handle it myself, I think, but a few questions:

I understand that this virus affects only .exe or .lnk files. Does that mean, that all the other files (documents, pictures, zip or .rar files etc.) are clean? What is the best way to backup all the remaining data? Wil simple copying do that or should I use special software?

 

Thanks in advance!

 

Regards.



#4 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 AM

Posted 06 May 2016 - 03:38 PM

I can not say, anything definite, In this regard. There is risk always. your backup, spend from scanning.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#5 cerealkillaah

cerealkillaah
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:06 AM

Posted 09 May 2016 - 10:34 AM

Thanks for your help and information. I'll copy the data before formatting. I don't have a lot of it, so it won't be a problem. I hope I won't get infected so severely anymore.

Cheers!



#6 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 AM

Posted 09 May 2016 - 02:55 PM

manos.gif Good Luck.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users