Backdoor

How to remove “Backdoor.Win32.Emotet.cjqf”?

Malware Removal

The Backdoor.Win32.Emotet.cjqf is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Emotet.cjqf virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Mimics the system’s user agent string for its own requests
  • Expresses interest in specific running processes
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option

How to determine Backdoor.Win32.Emotet.cjqf?



File Info:

crc32: A6EBD017
md5: ecc28160fa898c653bbc14bba1e54545
name: bhmte0su000092.exe
sha1: a1c4508970d004acf41f2b75ae975e33ca98adb6
sha256: c2133593bbd7bfab8d691f80f40626658d4877634406a1439da6b5714ba4f218
sha512: bb7f90c7f2a817f8fa9877bea2c33a6a32ac9a866405691672c3f54720b4a6dd77e668e1c82a324b8e74236b3aa82bd8e84b6968baa31de4f260213d5cde71dc
ssdeep: 1536:XbqV8t0LNUY3Di91md79R5m6Aw2d2iROp:Xbq7Y1UH5At05p
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 2003-2008 Hans Dietrich
FileVersion: 1, 2, 0, 1
ProductName: XBrowseForFolderTest
E-mail: hdietrich@gmail.com
ProductVersion: 1, 2, 0, 1
FileDescription: XBrowseForFolderTest
Article: http://www.codeproject.com/KB/dialog/XBrowseForFolder.aspx
OriginalFilename: XBrowseForFolderTest.exe
Translation: 0x0409 0x04b0

Backdoor.Win32.Emotet.cjqf also known as:

BkavW32.AIDetectVM.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKDZ.69573
McAfeeEmotet-FRV!ECC28160FA89
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderTrojan.GenericKDZ.69573
K7GWRiskware ( 0040eff71 )
F-ProtW32/Emotet.AQJ.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HFPY
KasperskyBackdoor.Win32.Emotet.cjqf
APEXMalicious
Ad-AwareTrojan.GenericKDZ.69573
F-SecureTrojan.TR/Crypt.Agent.gtzch
DrWebTrojan.DownLoader34.25832
FireEyeTrojan.GenericKDZ.69573
IkarusWin32.Outbreak
CyrenW32/Emotet.AQJ.gen!Eldorado
AviraTR/Crypt.Agent.gtzch
FortinetW32/Kryptik.HFMI!tr
ArcabitTrojan.Agent.EVEQ
AhnLab-V3Trojan/Win32.Agent.R348635
ZoneAlarmBackdoor.Win32.Emotet.cjqf
MicrosoftTrojan:Win32/Emotet.ARJ!MTB
VBA32BScope.Trojan.Downloader
MAXmalware (ai score=87)
MalwarebytesTrojan.Emotet
RisingTrojan.Kryptik!8.8 (CLOUD)
eGambitUnsafe.AI_Score_94%
GDataTrojan.GenericKDZ.69573
AVGFileRepMalware
Cybereasonmalicious.970d00
Qihoo-360Win32/Backdoor.294

How to remove Backdoor.Win32.Emotet.cjqf?

Backdoor.Win32.Emotet.cjqf removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment