Published Sep 23, 2008 | Updated Sep 15, 2017


Severe |Detected with Windows Defender Antivirus

Aliases: Win32/VMalum.DCPV (CA) Trojan.Win32.Midgare.hhn (Kaspersky) Trojan.Spy.Banker.AAUT (BitDefender) BackDoor-CEP.gen.a (McAfee) BACKDOOR.Trojan (Symantec)


Trojan:Win32/Midgare.A is a trojan that contains an encrypted copy of Backdoor:Win32/Bifrose. It then injects the backdoor into the Windows shell process (explorer.exe), thus allowing the backdoor to run without ever being written into the computer.
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner ( For more information, see
Follow us