BScope.Trojan.Mimdau removal

The BScope.Trojan.Mimdau is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What BScope.Trojan.Mimdau virus can do?

Attempts to connect to a dead IP:Port (3 unique times)
Starts servers listening on 127.0.0.1:36586
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Unconventionial language used in binary resources: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX

Related domains:

gmt.yunliao8.com

tiebapic.baidu.com

imgsrc.baidu.com

www.globalsign.com

How to determine BScope.Trojan.Mimdau?


File Info:
crc32: 9741DA84
md5: 516c412a56870c221847a4932e9486d0
name: 516C412A56870C221847A4932E9486D0.mlw
sha1: 722fd42365d8fe455b4e29766e601d7bcde0b6ed
sha256: 7be2a79b911a55ce63b6d971d8167ff07731887316a6942ff40222b2efdccf7a
sha512: 0683ec219073732df2521e28177a3252326e87b1f908cebc3a16f1f53490a54a76b2d4838cf9dfd79f0d1fc9bee91b121af660f0e34febc1ebfda17f48b253e2
ssdeep: 12288:fuLMSKpXkEBK88+b0ko5QVyQe+YobCWdUEhuQahUR79pqKp:XXkEY+hpVyQPpyOTt9L
type: PE32 executable (console) Intel 80386, for MS Windows, UPX compressed

Version Info:
LegalCopyright: (c) Microsoft Corporation. All rights reserved.
InternalName: winaudio.exe
FileVersion: 1.0.0.1
CompanyName: Microsoft Corporation
ProductName: winaudio.exe
ProductVersion: 1.0.0.1
FileDescription: winaudio.exe
OriginalFilename: winaudio.exe
Translation: 0x0409 0x04b0

BScope.Trojan.Mimdau also known as:

K7AntiVirus	Trojan ( 005776e01 )
Lionic	Trojan.Win32.Mimdau.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader39.20590
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Graftor.962297
Zillya	Trojan.Agent.Win32.2170526
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_80% (W)
K7GW	Trojan ( 005776e01 )
Cybereason	malicious.a56870
Cyren	W32/Agent.CHX.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Agent.ULI
APEX	Malicious
Avast	Win32:TrojanX-gen [Trj]
ClamAV	Win.Malware.Trojanx-9870270-0
Kaspersky	HEUR:Trojan.Win32.Mimdau.vho
BitDefender	Gen:Variant.Graftor.962297
NANO-Antivirus	Trojan.Win32.Mimdau.ixfwzd
MicroWorld-eScan	Gen:Variant.Graftor.962297
Tencent	Malware.Win32.Gencirc.10ce5879
Ad-Aware	Gen:Variant.Graftor.962297
Sophos	Troj/Agent-BGQT
BitDefenderTheta	Gen:NN.ZexaF.34266.JmMfaqPojVij
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R035C0PG721
McAfee-GW-Edition	BehavesLike.Win32.Fake.hc
FireEye	Gen:Variant.Graftor.962297
Emsisoft	Gen:Variant.Graftor.962297 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Mimdau.bt
Avira	HEUR/AGEN.1142358
Antiy-AVL	Trojan/Generic.ASMalwS.336EB38
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.Graftor.962297
AhnLab-V3	Trojan/Win.Generic.R434216
McAfee	GenericRXAA-FA!516C412A5687
MAX	malware (ai score=85)
VBA32	BScope.Trojan.Mimdau
Malwarebytes	Trojan.Crypt
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_GEN.R035C0PG721
Yandex	Trojan.Mimdau!T4qays7yfk0
Ikarus	Trojan.Win32.Agent
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Agent.ULI!tr
AVG	Win32:TrojanX-gen [Trj]

How to remove BScope.Trojan.Mimdau?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

BScope.Trojan.Mimdau removal