Trojan

BScope.Trojan.InstallCore removal tips

Malware Removal

The BScope.Trojan.InstallCore is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.Trojan.InstallCore virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Performs some HTTP requests
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Creates a hidden or system file

Related domains:

download.spamfighter.com

How to determine BScope.Trojan.InstallCore?



File Info:

crc32: E6D02FC1
md5: efe1a4a034c793a2607dcbed2faeedd2
name: spamfighter-7.6.155.exe
sha1: 27fc7ea611491ad366791074ec508179f4948bf8
sha256: 2f60377ec61d1817914b201eebba70b959d125d0e70bfa729f18bcf820753f13
sha512: 038387dc5e3ba25fd6f618c23e06e180d567a0b841e8a1738d83276a83ed020cee78794c30fe91ccf8afaf107e98657984e0dfad1d0534713df601908e5c3dfa
ssdeep: 49152:sSS/7/ZGfpquDpxFfWb52OUTv+6GhfZZqye2jAqMh5rTanjj:jS/axFfWb52LlGG2Kva/
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2010 SPAMfighter ApS
InternalName: SPAMfighter Setup
FileVersion: 7.6.148.0
CompanyName: SPAMfighter ApS
ProductName: SPAMfighter
ProductVersion: 7.6.148.0
FileDescription: SPAMfighter Installation Package
OriginalFilename: SPAMfighterSetup.exe
Translation: 0x0000 0x04b0

BScope.Trojan.InstallCore also known as:

DrWebProgram.Unwanted.4080
VBA32BScope.Trojan.InstallCore

How to remove BScope.Trojan.InstallCore?

BScope.Trojan.InstallCore removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment