Fake Trojan

How to remove “Trojan.FakeMS.EDGen”?

Malware Removal

The Trojan.FakeMS.EDGen is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.FakeMS.EDGen virus can do?

  • Unconventionial language used in binary resources: Korean
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect

How to determine Trojan.FakeMS.EDGen?



File Info:

crc32: EF5CD107
md5: acb231882de579ead97cc8041b8568ff
name: ACB231882DE579EAD97CC8041B8568FF.mlw
sha1: b19fd26026268ebdfc9510480b339edb0d127a2a
sha256: 20a6752b7ac4f6414c780e8d194c2faddb2625c3787b5aa3ebcbaa5bba0ad13f
sha512: b8aaa6c5674b2d02cc2956f3d0c1f292ac0506d40fec7c693129bf6188bb82cb253d5dd013f2cc26b8c23c3ff3e64f733e95c0983a553634dca6f803ad0d4585
ssdeep: 49152:IYkZP6yfPNo/myoR5Urm/CR71VX0c170kNZpsL8X0pS3ZQz02hmsZVlJDsGm9VI:I3ZHd3qm/qPkYiYX0pS36mwfJD6w/
type: PE32+ executable (console) x86-64, for MS Windows


Version Info:

LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: taskhost.exe
FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
CompanyName: Microsoft Corporation
ProductName: Microsoftxae Windowsxae Operating System
ProductVersion: 6.1.7600.16385
FileDescription: Host Process for Windows Tasks
OriginalFilename: taskhost.exe.mui
Translation: 0x0409 0x04b0

Trojan.FakeMS.EDGen also known as:

K7AntiVirusTrojan ( 00503d401 )
LionicTrojan.Win32.Miner.4!c
Elasticmalicious (high confidence)
DrWebTrojan.MulDrop18.42431
MicroWorld-eScanGen:Variant.Bulz.499408
ALYacGen:Variant.Bulz.499408
CylanceUnsafe
ZillyaTrojan.GenericKD.Win32.118752
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 00503d401 )
Cybereasonmalicious.82de57
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win64/CoinMiner.BH
APEXMalicious
AvastWin64:Malware-gen
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Bulz.499408
NANO-AntivirusTrojan.Win64.Miner.falnzl
Ad-AwareGen:Variant.Bulz.499408
SophosMal/Generic-S + Mal/Miner-AM
ComodoMalware@#1domvwdo5cn8q
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win64.Generic.wc
FireEyeGeneric.mg.acb231882de579ea
EmsisoftGen:Variant.Bulz.499408 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Miner.dcr
AviraHEUR/AGEN.1114946
Antiy-AVLTrojan/Generic.ASMalwS.25B90B9
MicrosoftTrojan:Win32/Skeeyah.A!rfn
ArcabitTrojan.Bulz.D79ED0
GDataGen:Variant.Bulz.499408
AhnLab-V3Trojan/Win64.CoinMiner.R238465
McAfeeBackDoor-FDOH!ACB231882DE5
MAXmalware (ai score=95)
MalwarebytesTrojan.FakeMS.EDGen
PandaTrj/CI.A
TencentWin32.Trojan.Miner.Lqes
IkarusTrojan.Win64.CoinMiner
FortinetW64/CoinMiner.BH!tr
AVGWin64:Malware-gen
Paloaltogeneric.ml

How to remove Trojan.FakeMS.EDGen?

Trojan.FakeMS.EDGen removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment