ExpressFiles
What is ExpressFiles?
ExpressFiles is software application developed by Express Solutions. It is most commonly found on computers running Windows 7 with nearly 67.50% of installations running this operating system. ExpressFiles's installer is typically 9.00 MB in size and installs around 5 files. The most common release is 2.0.0.0 with 9.40% of all installations currently using this version.
ExpressFiles is most popular in the United States with 24.74% of installations residing in this country.
ExpressFiles adds 2 scheduled tasks to the Windows Task Scheduler launching the program at randomly scheduled times. When using a computer that is connected to the internet, ExpressFiles is known to create 3 firewall exceptions to allow inbound and outbound connectivity.
Multiple virus scanners have detected malware in ExpressFiles.
| Scanner Software | Version | Result |
|---|---|---|
| AhnLab-V3 | 2013.12.23.00 | PUP/Win32.ExpressFiles |
| Avira AntiVir | 7.11.121.86 | Adware/ExpressFiles.DA |
| avast! | 8.0.1489.320 | Win32:Downloader-TSH [PUP] |
| AVG | 13.0.0.3169 | MalSign.Faglaro Enterprises Limited |
| Comodo Security | 17483 | ApplicUnwnt |
| ESET-NOD32 | 9190 | a variant of Win32/ExpressFiles.B |
| G Data | 22 | Win32.Application.ExpressFiles.B |
| K7 AntiVirus | 9.174.10588 | Unwanted-Program ( 00454f261 ) |
| K7GW | 9.174.10588 | Unwanted-Program ( 00454f261 ) |
| Malwarebytes | 1.75.0001 | PUP.Optional.ExpressFiles.A |
| McAfee | 6.0.4.564 | Artemis!9F1F06761937 |
| McAfee-GW-Edition | 2013 | Artemis!9F1F06761937 |
| Sophos | 4.96.0 | Express Files |
| Vba32 AntiVirus | 3.12.24.3 | TrojanDownloader.Genome |
| VIPRE Antivirus | 24644 | ExpressFiles Installer (fs) |
| Baidu-International | 3.5.1.41473 | Trojan.Win32.YourFileDownloader.B |
| Dr.Web | 7.00.7.12100 | Tool.DownLoader.52 |
| Symantec | 20131.1.5.61 | WS.Reputation.1 |
| TrendMicro-HouseCall | 9.700-1001 | TROJ_GEN.F47V1216 |
| Rising Antivirus | 25.0.0.11 | PE:Malware.XPACK/RDM!5.1 |
| Scanner Software | Version | Result |
|---|---|---|
| avast! | 8.0.1489.320 | Win32:Downloader-TSH [PUP] |
| AVG | 13.0.0.3169 | MalSign.Faglaro Enterprises Limited |
| G Data | 22 | Win32.Application.ExpressFiles.B |
| McAfee | 5.600.0.1067 | Artemis!59776ED29A9B |
| McAfee-GW-Edition | 2013 | Artemis!59776ED29A9B |
| Rising Antivirus | 25.0.0.11 | PE:Malware.XPACK/RDM!5.1 |
| TrendMicro-HouseCall | 9.700.0.1001 | TROJ_GEN.F47V1125 |
| VIPRE Antivirus | 24958 | ExpressFiles Installer (fs) |
Software Behaviors
- Firewall:
-
- ExpressFiles.exe is added as a firewall exception for 'C:\Programfiler\ExpressFiles\ExpressFiles.exe'.
- expressdl.exe is added as a firewall exception for 'C:\Programfiler\ExpressFiles\ExpressDL.exe'.
- EFUpdater.exe is added as a firewall exception for 'C:\Program Files\ExpressFiles\EFUpdater.exe'.
- Scheduled tasks:
-
- ExpressFiles.exe is scheduled as a task with the class '{EDAED22B-F07A-4682-8EE6-CDFF7B5AE11A}' (runs on registration).
- EFUpdater.exe is scheduled as a task with the class '{A1C41E9F-5CF6-4ADE-8409-2E6687ABA69A}' (runs on registration).
Startup Entries
- Startup tasks:
-
- EFUpdater.exe is automatically launched at startup through a scheduled task named Express Files Updater.
Software Details
- URL:
- https://www.express-files.com
- Support:
- https://www.express-files.com/help
- Installation path:
- C:\Program Files\ExpressFiles
- Uninstaller:
- "C:\Program Files\ExpressFiles\uninstall.exe"
- Size:
- 9.00 MB
- Language:
- English
ExpressFiles Executable Details
- Primary executable:
- expressfiles.exe
- Name:
- ExpressFiles
- Path:
- C:\Program Files\ExpressFiles\expressfiles.exe
- MD5:
- 0094df60653a6183ac40b620c3d244e8
- SHA-1:
- –
- SHA-256:
- –
| File Type | Filename | MD5 |
|---|---|---|
|
EXE
|
uninstall.exe
Malware
|
9f1f067619374ccd9197f8361a1fb438 |
|
DLL
|
a55b82103a202c20717f45c201ec4553 | |
|
EXE
|
expressdl.exe
Malware
|
59776ed29a9bf70aa43d381a1a09dd4c |
|
EXE
|
07f0ba98afc5a4fe92c2e30a326f9830 | |
|
EXE
|
0094df60653a6183ac40b620c3d244e8 |