Published Dec 17, 2014 | Updated Feb 20, 2018

PWS:Win32/Emotet.E

Severe |Detected with Windows Defender Antivirus

Aliases: W32/S-426d6d63!Eldorado (Command) Trojan-Ransom.Win32.Fury.a (Kaspersky) winpe/Injector.HLYB (Norman) Trojan horse Inject2.BGBW (AVG) TR/Crypt.Xpack.109811 (Avira) W32/Munchies.D!tr (Fortinet) RDN/Spybot.bfr!o (McAfee) Trojan:Win32/Yakad.A!gfc (other) Cryp_Arkam-3 (Trend Micro)

Summary

Windows Defender Antivirus detects and removes this threat.

This threat can install HackTool:Win32/Mailpassview onto your PC. This malware can steal your email user names and passwords. Your account can then be used to send spam emails.

It can be installed by other malware, such as Trojan:Win32/Emotet.C.

Learn how artificial intelligence in Windows Defender AV protects you from this threat before it even reaches your computer: How artificial intelligence stopped an Emotet outbreak

For information on defending enterprise environments from this threat, read: Mitigating and eliminating info-stealing Qakbot and Emotet in corporate networks

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find hidden malware. 

Use cloud protection 

Use cloud protection to help guard against the latest malware threats. It’s turned on by default for Microsoft Security Essentials and Windows Defender Antivirus for Windows 10. 

Go to Settings > Update & security > Windows Defender > Windows Defender Security Center > Virus & threat protection and make sure that your Cloud-based Protection settings is turned On

Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Follow us