BScope.TrojanPSW.Cimuz.B removal

The BScope.TrojanPSW.Cimuz.B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What BScope.TrojanPSW.Cimuz.B virus can do?

At least one process apparently crashed during execution
Attempts to connect to a dead IP:Port (1 unique times)
Drops a binary and executes it
Attempts to repeatedly call a single API many times in order to delay analysis time
Installs itself for autorun at Windows startup
Checks the system manufacturer, likely for anti-virtualization
Creates a copy of itself

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine BScope.TrojanPSW.Cimuz.B?


File Info:
crc32: A9726BD7
md5: 4ffe209446e475c3802663ac8f4461da
name: server.exe
sha1: 5036744a932ed0a7253fe83035088cb20a41be25
sha256: fab2df7fd7f7574244e9a7cc6ebb1aebcd015afb1b5400b98d6eeeacc5e67a2a
sha512: da702fe4e0ad131aca6ee551210fccc6e9ad3a76ebd0e04dfe2f7ca7b50cee3d489649e8ce515f372b5cbcd68f699e4c909f96dee6830167f3f52c2c53b51ef5
ssdeep: 768:sX0mvrQFZiRigW3BeBPkgkqMptgYToDWzbjDs:sXBrCGigWxaOmiHHs
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

BScope.TrojanPSW.Cimuz.B also known as:

Bkav	W32.AIDetectVM.malware
DrWeb	Trojan.Siggen7.25806
MicroWorld-eScan	Gen:Variant.Ulise.88916
FireEye	Generic.mg.4ffe209446e475c3
CAT-QuickHeal	Trojan.Mauvaise.SL1
Qihoo-360	Generic/HEUR/QVM07.1.17C1.Malware.Gen
McAfee	GenericRXFT-ZL!4FFE209446E4
Cylance	Unsafe
VIPRE	Trojan.Win32.Redosdru.C (v)
Sangfor	Malware
K7AntiVirus	Trojan ( 004b78a51 )
BitDefender	Gen:Variant.Ulise.88916
K7GW	Trojan ( 004b78a51 )
Cybereason	malicious.446e47
TrendMicro	BKDR_ZEGOST.SM37
BitDefenderTheta	AI:Packer.B4D7A47F1E
F-Prot	W32/Farfli.CY
Zoner	Trojan.Win32.86085
TrendMicro-HouseCall	BKDR_ZEGOST.SM37
Avast	Win32:BackdoorX-gen [Trj]
ClamAV	Win.Malware.Farfli-7101089-0
GData	Gen:Variant.Ulise.88916
Kaspersky	HEUR:Trojan.Win32.Generic
Alibaba	Backdoor:Win32/Farfli.228b62e5
NANO-Antivirus	Trojan.Win32.AD.erhebd
ViRobot	Trojan.Win32.Z.Farfli.36864.CG
AegisLab	Trojan.Win32.Generic.4!c
Tencent	Malware.Win32.Gencirc.10b0cd6d
Ad-Aware	Gen:Variant.Ulise.88916
Sophos	Mal/Behav-225
Comodo	Malware@#ssr2292hm7k1
F-Secure	Heuristic.HEUR/AGEN.1044595
Zillya	Trojan.Farfli.Win32.34268
Invincea	heuristic
McAfee-GW-Edition	GenericRXFT-ZL!4FFE209446E4
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Variant.Ulise.88916 (B)
Ikarus	Trojan.Win32.Farfli
Cyren	W32/Farfli.OIMS-2324
Jiangmin	Trojan.Generic.beksk
Webroot	W32.Malware.gen
Avira	HEUR/AGEN.1044595
MAX	malware (ai score=85)
Antiy-AVL	Trojan/Win32.AGeneric
Endgame	malicious (high confidence)
Arcabit	Trojan.Ulise.D15B54
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Backdoor:Win32/Venik!rfn
AhnLab-V3	Trojan/Win32.Generic.C2072068
VBA32	BScope.TrojanPSW.Cimuz.B
ALYac	Gen:Variant.Ulise.88916
Malwarebytes	Backdoor.Farfli
Panda	Trj/Genetic.gen
APEX	Malicious
ESET-NOD32	Win32/Farfli.BLH
Rising	Backdoor.Agent!1.BA39 (CLOUD)
SentinelOne	DFI – Malicious PE
eGambit	Unsafe.AI_Score_100%
Fortinet	W32/Farfli.CMC!tr
AVG	Win32:BackdoorX-gen [Trj]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (W)
MaxSecure	Trojan.Malware.7164915.susgen

How to remove BScope.TrojanPSW.Cimuz.B?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

BScope.TrojanPSW.Cimuz.B removal