Jump to content

Self-Spreading Emotet Virus


Recommended Posts

Hello,

I'm working on removing a virus at an office location, but I've been unable to completely get rid of it.

The virus is called Emotet, and it has the ability to re-install itself across the network. I have previously disconnected all machines from the network at once, and scanned them individually with MBAM, AV Defender, and finally Windows Defender (Just to be sure), but the virus has re-appeared on several machines even after this.

All three of the AV programs were able to detect and remove Emotet when present, but they are clearly missing the files that allow re-installation. When running MBAM, I chose 'custom' and enabled 'scan for rootkits', etc. All other scans were full scans.

I have attached Farbar files for two machines. PC-1 is the machine that the virus was initially detected on, and PC-2 is a random selection from the rest of the infected machines.

It may be important to note that it appears that the virus has been unable to establish itself on the local server, as multiple scans have turned up nothing on there.

Thankyou for your time, and please let me know if I need to provide further info.

Addition-PC2.txt

FRST-PC2.txt

Addition-PC1.txt

FRST-PC1.txt

Link to post
Share on other sites

  • 3 weeks later...
  • Root Admin
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.