Trojan:MSIL/Wagex.SPQM!MTB removal

The Trojan:MSIL/Wagex.SPQM!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:MSIL/Wagex.SPQM!MTB virus can do?

Authenticode signature is invalid

How to determine Trojan:MSIL/Wagex.SPQM!MTB?


File Info:
name: D27DB34706C5E3A1786A.mlw
path: /opt/CAPEv2/storage/binaries/5c377f79a18435aeac408c1f3160adf8a8a02f0ddc3ec9d95552a9662f178573
crc32: 63B710FB
md5: d27db34706c5e3a1786a09149d6f1d23
sha1: f6c603d6ff8b03af63328d4d31e860fddf1d468a
sha256: 5c377f79a18435aeac408c1f3160adf8a8a02f0ddc3ec9d95552a9662f178573
sha512: e6f2ef221bf4bf9ded9612cf3d71ea51c793cffe54120740911a1458cb790cf56347a3eb68529bb8eb92c639a3ce92dd54cb381a3056342b596bbba171e9e779
ssdeep: 384:VbHMVEn8xtQ76aonrVkNuF2nrLVNJaV/df1R2LjA+hNV6BaOa8e76eGDegeXYmjd:1ln8xtQ76aonrVk22nrLV+V1f231hNVb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19A921A0577D49B17D87F47B649B2266043B6F62A8852DF2D4FDA90CE2CB33004A61F5B
sha3_384: 59dda080d665712f3b7fdcc3476a340d46ee4b664aec41544ccd43ff5355097ac99b5bb4448321e81c4aaef557bd1fb1
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-11-06 10:43:41

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: WinPrinter
FileVersion: 1.0.0.0
InternalName: TenayWEBSDK.exe
LegalCopyright: Copyright ©  2014
LegalTrademarks: 
OriginalFilename: TenayWEBSDK.exe
ProductName: WinPrinter
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Trojan:MSIL/Wagex.SPQM!MTB also known as:

Lionic	Trojan.Win32.Wagex.a!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.Generic.34286678
FireEye	Trojan.Generic.34286678
Skyhigh	RDN/Generic Downloader.x
ALYac	Trojan.Generic.34286678
Malwarebytes	Malware.AI.1934812880
Sangfor	Downloader.Msil.Wagex.Vfwl
Alibaba	TrojanDownloader:MSIL/Wagex.def946ca
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Kaspersky	HEUR:Trojan-Downloader.MSIL.Wagex.gen
BitDefender	Trojan.Generic.34286678
Avast	Win32:Malware-gen
Sophos	Mal/Generic-S
VIPRE	Trojan.Generic.34286678
TrendMicro	TROJ_GEN.R002C0DKD23
Emsisoft	Trojan.Generic.34286678 (B)
Ikarus	Trojan.MSIL.Wagex
Google	Detected
Avira	TR/Redcap.ydlyk
Microsoft	Trojan:MSIL/Wagex.SPQM!MTB
Arcabit	Trojan.Generic.D20B2C56
ZoneAlarm	HEUR:Trojan-Downloader.MSIL.Wagex.gen
GData	Trojan.Generic.34286678
Varist	W32/ABRisk.UGIQ-6758
AhnLab-V3	Trojan/Win.Generic.C5392047
McAfee	RDN/Generic Downloader.x
MAX	malware (ai score=89)
Cylance	unsafe
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TROJ_GEN.R002C0DKD23
Rising	Downloader.Wagex!8.15ADE (CLOUD)
MaxSecure	Trojan.Malware.171226702.susgen
Fortinet	PossibleThreat
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove Trojan:MSIL/Wagex.SPQM!MTB?

Trojan:MSIL/Wagex.SPQM!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X