Trojan.Miuref
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 20,318 |
| Threat Level: | 80 % (High) |
| Infected Computers: | 72,783 |
| First Seen: | May 16, 2014 |
| Last Seen: | January 25, 2026 |
| OS(es) Affected: | Windows |
Miuref is a threat that uses click fraud and browser hijacking to infect computer systems using the Windows operating system. Microsoft has called attention to Miuref in its latest security reports, indicating that Miuref can be responsible for the collection of data and money as well as carrying out browser hijacking tasks such as changing search results and redirecting Web browsers to certain websites. Miuref may be used to mine Bitcoin and carry out a variety of other threatening tasks on the targeted computer system. Microsoft has noted that Miuref activity has increased significantly in the 2014 and that quick measures should be put into action to prevent these types of infections.
Table of Contents
Miuref is a Very Deceptive Threat
Malware like Miuref is among the most common infections. This is because Miuref lies in wait on the infected computer, gradually generating revenue at the expense of the computer user with minimal risk or work for the threat's creator or distributor. In fact, threats like Miuref have been on the rise, with new threat families using these types of approaches constantly appearing on the Web. Miuref infections were first detected in December of 2013 and have quickly risen to become some of the most common active malware attacks.
Our PC security analysts have noted that Miuref uses several infection vectors, ranging from social engineering and spam email messages to dropper Trojans and attack websites. Once Miuref is installed, Miuref may connect to an outside server (that may be referred to as a C&C or Command and Control server) so it may transfer data pertaining the infected computer. Miuref may install Web browser plug-ins to take over the infected Web browser and control the content viewed by the victim. Miuref may also generate advertising revenue by clicking on online advertisements automatically. One of the most troubling problems involving Miuref is that Miuref may expose a computer to other, more harmful threats. Browser redirects, online advertisements and Trojan droppers linked to Miuref may expose computer users to unsafe content and other threats, quickly infecting the victim's PC with a variety of other threats.
SpyHunter Detects & Remove Trojan.Miuref
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | qtscript4.dll | de6e98a55bf357f5d46ed80083fe85ed | 681 |
| 2. | payload.exe | bd7b8d984be1fb433a33f1bb57d56d33 | 448 |
| 3. | SdlUsb8.dll | f71a8185f80a239068e18d6f83d7b3aa | 189 |
| 4. | ir50_qcx.dll | f666dca768a489ff7baa00382ca5d0ee | 139 |
| 5. | icuPlugin32.dll | 3e28144c395cbe31c3bbd2fa5771e03c | 129 |
| 6. | PtWIkit4.dll | d2a49a62666da6befbc803b94c5ea070 | 121 |
| 7. | CNBJOP9Z.DLL | d1680d62fd2c6b186af9dc859d4bf5e8 | 90 |
| 8. | Mingler_main.dll | 1518bbf6655e4689241cd09563b5c1f0 | 85 |
| 9. | ff_libfaad2.dll | 95a3e8d8a7972969c1930849f3002292 | 79 |
| 10. | AVMCOINS.DLL | 245921de13e4e84c5c4c3477cf507c5f | 78 |
| 11. | AdSubawareRes.dll | 945e76f7bbfebb82c4dd7e5575af1e5d | 75 |
| 12. | 2e42baa9dd56a6db4d8719bc0b5170ca.exe | 2e42baa9dd56a6db4d8719bc0b5170ca | 74 |
| 13. | pkrmiq.dll | 0b8dd1a51112de035f57838ab4c1b7d8 | 73 |
| 14. | CNBSR.DLL | fd7783ce4205d75b98808c0cb95ba888 | 71 |
| 15. | mndbedqwqoj.dll | 63ff20559fb0014eb4aa9a102868b064 | 70 |
| 16. | wsrhexl.dll | 1dc7e357aed360b6186df48ea8038716 | 69 |
| 17. | New.dll | 900c251ca834b8f9ca1c38a754b19a5c | 69 |
| 18. | icfgObjspi.dll | e2657cc2d4c167310a347aa85f68a2b2 | 66 |
| 19. | Cvt_x86.dll | 44afe02536ba438bb08877a6cc22187b | 65 |
| 20. | ASMshl215A.dll | fc8dfbae58418390f111d99bbafbd910 | 61 |
| 21. | Dvkit.dll | 0623fd0bfbaed7ed6a0eeafead87f2e6 | 60 |
| 22. | Windows_Activaton.exe | 4094d0e61d2a01b43a398fee20426eb8 | 58 |
| 23. | CatDBARM.dll | ab7034465b0d479b99fb5a049f4bd05d | 53 |
| 24. | loader_u.dll | 77f7fb95c5d5c20bc28ba195abcfa5cf | 14 |
| 25. | axbridge.dll | de43c3871056496b263496eafe84e740 | 2 |
| 26. | SQLBUILD.DLL | d311f3634dfd9745c221922035009da9 | 1 |
| 27. | siftDLL.dll | cbc4da27aeb103a4ca53b79495c760be | 1 |
| 28. | SYMSRV.DLL | 96dde3b7b36477f7afcfd2e09f04d347 | 1 |
| 29. | %UserProfile%\Administrator\Local Settings\Application Data\UQmedia\BluetoothUtilperf.dll | ||
| 30. | %UserProfile%\Local Settings\Application Data\UQmedia\BluetoothUtilperf.1 | ||
| 31. | %Temp%\setup.dat | ||
| 32. | %Temp%\rs.dat | ||
| 33. | %Temp%\rzkxixls.exe | ||
| 34. | file.exe | b80a2daca4b5000fae089e655f2fa4b0 | 0 |
Registry Details
Directories
Trojan.Miuref may create the following directory or directories:
| %ALLUSERSPROFILE%\microsoft\performance\theftprotection |
| %LOCALAPPDATA%\Otics |
| %LOCALAPPDATA%\YVPack |
