+4 votes
229 views
How to detect Emotet malware on your Windows 10 PC

in Help by (552k points)
reopened | 229 views

1 Answer

+5 votes
Best answer

How to know if your Windows 10 computer is infected with Emotet malware.
Method 1: Use the specialized tool EmoCheck
Method 2. Locate strange services within the Windows 10 Services application.
Method 3. Check that there are no strange movements in your accounts.

You may have already heard about Emotet by now but if not, you should know that it is a Malware / banking Trojan that is installed in the operating system of your computer such as Windows 10 in order to steal your bank details when you try to access to your online accounts. Once the hackers get hold of your bank details through Emotet, they can transfer your funds to other bank accounts. This is the reason why it is advisable to check if your Windows computer is infected with Emotet and if so, delete it.

image

Related: How to erase Cerber Ransomware and decrypt affected files. (Windows)  

But this is not all since Emotet is a malicious software that can be used as a launch pad for other malware. This means that if your computer is infected with Emotet, you can end up receiving many other infections such as:

- Persistent infections designed to launch payloads aggressively at startup and at regular intervals, making repair difficult..

- Theft of credentials, including the credentials of email accounts and social networks, as well as passwords stored in web browsers.

- Account locks caused by malware attempting to spread internally over the network through brute force attacks using stolen credentials..

- Disabling security tools and programs such as Windows Defender or Avast.

- Impersonation of your email which allows the hacker to get the information from your Outlook contacts and then use these contacts to send Spam..

- Fraudulent transfers or withdrawals from your bank accounts by stealing your credentials.

Fortunately there are several ways to detect if your computer is running Windows 10 and here are the best ones:

How to know if your Windows 10 computer is infected with Emotet malware.

Method 1: Use the specialized tool EmoCheck

Currently there is a tool specialized in detecting Emotet malware and best of all, it is completely free.

EmoCheck performs a deep and fast scan of your PC as well as being really easy to use.

The first thing we will have to do is download the tool from the following link:

Download Emocheck:  https://github.com/JPCERTCC/EmoCheck/releases

Once on the page, you will have to choose the download according to the structure of your Windows 10 operating system:

  • X64 for Windows 10 32-bit
  • X86 for Windows 10 64-bit

Once the tool is downloaded, you will have to run the tool until the interface similar to that of the CMD is displayed.

Here all you have to do is press any of the keys on your computer.

image

This will run the scan and the tool's interface may even disappear.

Now you will have to go to the same folder where the EmoCheck executable is located and right next to it you will find a .txt file

When you open the file in the notepad, you will see the information about whether your Windows 10 computer is infected or not.

image

 

Method 2. Locate strange services within the Windows 10 Services application.

Emotet works by creating a service with a random name. This, in turn, tries to create another service with another random name. As such, if you see some strange service names coming up, it's worth doing a deep scan of your operating system.

For this you will have to  open the Windows 10 task manager

Once here go to the tab: Services

image

In the list of services you should look for those whose names are made up of only random numbers.

If you find them, you will have to disconnect your computer from the internet and perform a deep scan with your antivirus program.

Method 3. Check that there are no strange movements in your accounts.

Even if you have an antivirus installed and the previous methods have been negative, it is worth taking a look at your accounts in case you will find any strange movement, especially if you usually use electronic banking a lot.

It is highly recommended to maintain a weekly movement check routine. As soon as you detect any strange movement, contact your bank as soon as possible and check again that your computer is free of Emotet. If necessary, take your computer to a specialist.


by (3.5m points)
edited

Related questions

+3 votes
1 answer
asked Oct 24, 2019 in Security by backtothefuture (552k points) | 227 views
+3 votes
1 answer
asked Nov 18, 2019 in Mac by backtothefuture (552k points) | 350 views
+5 votes
1 answer
asked Oct 10, 2019 in Mac by backtothefuture (552k points) | 378 views
+5 votes
1 answer
asked Dec 3, 2020 in Help by backtothefuture (552k points) | 198 views
+4 votes
1 answer
asked Jun 24, 2019 in Security by backtothefuture (552k points) | 209 views
Sponsored articles cost $40 per post. You can contact us via Feedback

Most popular questions within the last 30 days

10,659 questions
10,791 answers
510 comments
3 users