W97M/Bartallex Removal Guide

Do you know what W97M/Bartallex is?

W97M/Bartallex is a serious computer infection which is often classified as a Trojan dropper because it might download and install a bunch of malicious applications on your computer. You might not even know that you have threats on your PC because they usually act behind a user’s back. As the specialists working at spyware-techie.com have found out, W97M/Bartallex might be a reason why your system contains backdoors and Trojans. You have to remove W97M/Bartallex-related infections from your computer because they might really cause harm to your system. Keep in mind that it might be very difficult to do that because malicious applications tend to hide deep on the system and, in most cases, it is impossible to remove them via Control Panel.

In most cases, W97M/Bartallex enters the system when users open spam email attachments. Thus, if you have already opened invoice_723961.doc, receipt_3458934.doc or legal_complaint.doc, there is a possibility that you have allowed W97M/Bartallex to enter your system. Our security researchers have found out that Microsoft Word will show you a notification (see below) which will ask whether you want to enable macro if you open the malicious file. If you click OK, W97M/Bartallex will start running. As has been already mentioned, its main purpose is to download many malware programs on the system; thus, you should remove this threat as soon as possible.

Microsoft Visual Basic

The macros in this project are disabled. Please refer to the online help or the documentation of the host application to determine how to enable macros.

As has been already mentioned, W97M/Bartallex will download malware on your computer. It has been observed that malicious applications usually have a random name, for instance, 4444.exe and they are saved and run from the %TEMP% directory in most cases. According to our security specialists, it is very likely that W97M/Bartallex will install TrojanDownloader:Win32/Chanitor.A on your computer. This threat can install Backdoor:Win32/Vawtrak.F. On top of that, there is a possibility that TrojanSpy:Win32/Ursnif.gen!R will enter your system with a help of W97M/Bartallex. It can steal sensitive information, so it is better to remove it from the system entirely.

You have to remove W97M/Bartallex and all the infections which it has downloaded as soon as possible. If you cannot do that yourself, you should know that you can do that automatically. You have to acquire SpyHunter or a similar malware remover and then perform a full system scan. A reliable tool will definitely remove W97M/Bartallex and other existing infections.

In non-techie terms:

In order to prevent malicious software from entering your system, you should, of course, install and keep an antimalware tool enabled all the time. Our security experts also say that you should never open spam email attachments. Last but not least, you should not surf untrustworthy websites. It is especially not advisable to download software from such websites. If you listen to our advice, malware will definitely not be able to enter your system in the future.