Troj/Emotet-CLZ removal guide

The Troj/Emotet-CLZ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Troj/Emotet-CLZ virus can do?

Executable code extraction
Creates RWX memory
Mimics the system’s user agent string for its own requests
Expresses interest in specific running processes
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Attempts to modify proxy settings
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Troj/Emotet-CLZ?


File Info:
crc32: EF87B488
md5: f0eb0aad885f53e04159ad68874e8e25
name: upload_file
sha1: 59f3afe63dc64aa22ddbee7e946550e4adf53032
sha256: 5317f597418505162db361de20fa2fa0b51840e243309c1042d688f57fb67d51
sha512: cc3ec53103808d0965c7dc2468f681ad1d2c1bea92d275c219eef2e47b432f03dc35ccf5dcb473f1ca96ab79f5d2973fb35f999a5c2fc204c49f46dc4737db39
ssdeep: 12288:r2vTqjC1nHI7KfQMbwB+wSSlbDoccv4QkNmS:r2GO1nHJQMUDnbEYQ
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Free to redistribute!
InternalName: cmdcmxcfg.exe
FileVersion: 1.0.0.1
CompanyName: Shaun Harrington
ProductName: CMDCMX
ProductVersion: 1.0.0.1
FileDescription: CMDCMX Configuration Application
OriginalFilename: cmdcmxcfg.exe
Translation: 0x0409 0x04e4

Troj/Emotet-CLZ also known as:

Bkav	W32.AIDetectVM.malware2
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.43786276
CAT-QuickHeal	Trojan.EmotetPMF.S15717669
ALYac	Trojan.Agent.Emotet
Cylance	Unsafe
Zillya	Trojan.Emotet.Win32.28390
K7AntiVirus	Trojan ( 005600f21 )
BitDefender	Trojan.GenericKD.43786276
K7GW	Trojan ( 0056de091 )
TrendMicro	Trojan.Win32.MALREP.THJOFBO
Cyren	W32/Kryptik.BWJ.gen!Eldorado
Symantec	Trojan.Emotet
APEX	Malicious
Avast	Win32:CrypterX-gen [Trj]
ClamAV	Win.Malware.Emotet-9753021-0
Kaspersky	HEUR:Trojan-Banker.Win32.Emotet.vho
Alibaba	Trojan:Win32/Emotet.c21952a5
NANO-Antivirus	Trojan.Win32.Emotet.hueocq
ViRobot	Trojan.Win32.Emotet.335360
AegisLab	Trojan.Win32.Emotet.truE
Ad-Aware	Trojan.GenericKD.43786276
Sophos	Troj/Emotet-CLZ
Comodo	.UnclassifiedMalware@0
F-Secure	Trojan.TR/Emotet.youls
DrWeb	Trojan.Emotet.1016
VIPRE	Trojan.Win32.Generic!BT
Invincea	Troj/Emotet-CLZ
McAfee-GW-Edition	BehavesLike.Win32.Emotet.dm
MaxSecure	Trojan.Malware.121218.susgen
FireEye	Generic.mg.f0eb0aad885f53e0
Emsisoft	Trojan.Emotet (A)
Ikarus	Trojan-Banker.Emotet
Jiangmin	Trojan.Banker.Emotet.oig
Avira	TR/Emotet.youls
Antiy-AVL	Trojan[Banker]/Win32.Emotet
Microsoft	Trojan:Win32/Emotet.ARJ!MTB
Arcabit	Trojan.Generic.D29C2024
ZoneAlarm	HEUR:Trojan-Banker.Win32.Emotet.vho
GData	Trojan.GenericKD.43786276
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win32.Generic.C4192704
McAfee	Emotet-FSD!F0EB0AAD885F
MAX	malware (ai score=83)
VBA32	TrojanBanker.Emotet
Malwarebytes	Trojan.MalPack.TRE
Panda	Trj/CI.A
ESET-NOD32	Win32/Emotet.CD
TrendMicro-HouseCall	Trojan.Win32.MALREP.THJOFBO
Rising	Trojan.Emotet!1.CBD1 (CLASSIC)
Yandex	Trojan.Emotet!
SentinelOne	DFI – Suspicious PE
Fortinet	W32/GenKryptik.HFZC!tr
BitDefenderTheta	Gen:NN.ZexaF.34566.9q3@auwM5Bbi
AVG	Win32:CrypterX-gen [Trj]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (W)
Qihoo-360	Win32/Trojan.bd3

How to remove Troj/Emotet-CLZ?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Troj/Emotet-CLZ removal guide