Malware

About “W97m.Downloader.IYY (B)” infection

Malware Removal

The W97m.Downloader.IYY (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What W97m.Downloader.IYY (B) virus can do?

    Related domains:

    z.whorecord.xyz

    How to determine W97m.Downloader.IYY (B)?

    
    

    File Info:

    crc32: 516A8AF6
    md5: 12ac4dec3b0fc3b492173f26cb3f4010
    name: upload_file
    sha1: cb402aac43bb438224d182d7b0779a8d54e2b2a7
    sha256: 23808b0025515d4f2fa46531e217ce3925be87dd9796221a69f63a57cfe513c0
    sha512: 5d7d23c49aa62c7c5bca7fa052ff111beec86baa3d8b8432950cb6d90298488a25c46309c578615ac8394ba40cfcba8735ff328292e3c4ff18dbe7e694d4f897
    ssdeep: 3072:SBeY5kb0TUNAuBqVPlB11nBE39D+92NYG7eMRq9m:SEYOb0TUquBqt7nBU9KYN97pRq9m
    type: Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Title: Deserunt., Author: Gabriel Clement, Template: Normal.dotm, Revision Number: 1, Name of Creating Application: Microsoft Office Word, Create Time/Date: Thu Oct 15 07:09:00 2020, Last Saved Time/Date: Thu Oct 15 07:10:00 2020, Number of Pages: 1, Number of Words: 3664, Number of Characters: 20887, Security: 8

    Version Info:

    0: [No Data]

    W97m.Downloader.IYY (B) also known as:

    Elasticmalicious (high confidence)
    FireEyeW97m.Downloader.IYY
    K7AntiVirusTrojan ( 005703b31 )
    K7GWTrojan ( 005703b31 )
    InvinceaMal/DocDl-K
    CyrenW97M/Downldr.IE.gen!Eldorado
    SymantecISB.Downloader!gen411
    TrendMicro-HouseCallTrojan.W97M.EMOTET.SMBA
    CynetMalicious (score: 85)
    KasperskyHEUR:Trojan.MSOffice.SAgent.gen
    BitDefenderW97m.Downloader.IYY
    AegisLabTrojan.MSWord.Generic.4!c
    MicroWorld-eScanW97m.Downloader.IYY
    RisingMalware.ObfusVBA@ML.94 (VBA)
    Ad-AwareW97m.Downloader.IYY
    EmsisoftW97m.Downloader.IYY (B)
    F-SecureMalware.W97M/Agent.6217665
    DrWebExploit.Siggen2.49435
    TrendMicroTrojan.W97M.EMOTET.SMBA
    McAfee-GW-EditionW97M/Downloader.dgk
    SophosMal/DocDl-K
    IkarusTrojan-Downloader.VBA.Emotet
    AviraW97M/Agent.6217665
    MicrosoftTrojanDownloader:O97M/Emotet.CSK!MTB
    ArcabitW97m.Downloader.IYY
    ZoneAlarmHEUR:Trojan.MSOffice.SAgent.gen
    GDataMacro.Trojan-Downloader.Agent.AVL
    AhnLab-V3Downloader/DOC.Emotet.S1304
    ALYacTrojan.GenericKD.44081408
    ESET-NOD32VBA/TrojanDownloader.Agent.UFY
    TencentHeur.Macro.Generic.h.9e6ae75
    SentinelOneDFI – Malicious OLE
    FortinetVBA/Agent.AVL!tr
    Qihoo-360virus.office.qexvmc.1085

    How to remove W97m.Downloader.IYY (B)?

    W97m.Downloader.IYY (B) removal tool
    • Download and install GridinSoft Anti-Malware.
    • Open GridinSoft Anti-Malware and perform a “Standard scan“.
    • Move to quarantine” all items.
    • Open “Tools” tab – Press “Reset Browser Settings“.
    • Select proper browser and options – Click “Reset”.
    • Restart your computer.

    About the author

    Paul Valéry

    I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

    Leave a Comment