Should I remove “TrojanSpy:Win32/Vwealer.IW”?

The TrojanSpy:Win32/Vwealer.IW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What TrojanSpy:Win32/Vwealer.IW virus can do?

Executable code extraction
Unconventionial language used in binary resources: Spanish (Modern)
The binary likely contains encrypted or compressed data.
Anomalous binary characteristics

How to determine TrojanSpy:Win32/Vwealer.IW?


File Info:
crc32: 5A0A4482
md5: 7bcfecfd91a843f8348091970048b9ac
name: 7BCFECFD91A843F8348091970048B9AC.mlw
sha1: eebe7d37792bf6544433c9cef5b41bd094f607e9
sha256: 52f13745ef14bb9aba691ab4d3681d61634455d82100d88c9e588f1a515c9671
sha512: 8b1fe28a67038d4c08993f2638c300c21ebe69f818fd01fcf8ddc0854a68bb25a4f90e14695836cc43e414f3f064ddf365f8724058ce613b23bf3542bc6980b4
ssdeep: 3072:dSVhlljET79E30XxCkJx+lYz631dNomWj:AVJjiEkXxCkJIKK1
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0c0a 0x04b0
InternalName: congelador msn truzone
FileVersion: 1.00
CompanyName: TYV
ProductName: Congelador MSN
ProductVersion: 1.00
OriginalFilename: congelador msn truzone.exe

TrojanSpy:Win32/Vwealer.IW also known as:

Bkav	W32.AIDetect.malware1
Cynet	Malicious (score: 90)
ALYac	Gen:Variant.Midie.71429
Cyren	W32/Risk.NPEL-6302
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/MsnBlocker.A potentially unsafe
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Variant.Midie.71429
MicroWorld-eScan	Gen:Variant.Midie.71429
Tencent	Win32.Trojan.Spy.Aljj
Ad-Aware	Gen:Variant.Midie.71429
Comodo	Malware@#288zbxsfjz5j6
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Trojan.cc
FireEye	Gen:Variant.Midie.71429
Emsisoft	Gen:Variant.Midie.71429 (B)
SentinelOne	Static AI – Suspicious PE
Webroot	TrojanSpy:Win32/Vwealer.IW
Avira	HEUR/AGEN.1129283
Microsoft	TrojanSpy:Win32/Vwealer.IW
Arcabit	Trojan.Midie.D11705
GData	Gen:Variant.Midie.71429
McAfee	Artemis!7BCFECFD91A8
MAX	malware (ai score=85)
Panda	Trj/CI.A
Rising	Trojan.Win32.Generic.13154691 (C64:YzY0Ohmc07YRVcwg)
Yandex	Trojan.GenAsa!hE9aVpfS/NI
Ikarus	Trojan.Win32.Vhorse
Fortinet	W32/PWS_y.CPR!tr
AVG	Win32:Malware-gen
Qihoo-360	Win32/TrojanSpy.Vwealer.HgAASRgA

How to remove TrojanSpy:Win32/Vwealer.IW?

TrojanSpy:Win32/Vwealer.IW removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X