Fake Trojan

Trojan.FakeMS.INC removal

Malware Removal

The Trojan.FakeMS.INC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.FakeMS.INC virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Executed a process and injected code into it, probably while unpacking
  • A process was set to shut the system down when terminated
  • Behavior consistent with a dropper attempting to download the next stage.
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Trojan.FakeMS.INC?



File Info:

crc32: 63F3E996
md5: 51c7d3f4106b5557f9bdfaab4267be80
name: 51C7D3F4106B5557F9BDFAAB4267BE80.mlw
sha1: b5fc281eb69f928836b87a368c75a463d0e98c32
sha256: 9e8daaef763f7ba248c473550d75ec675fa789ed61ac8796dd5357d928fcccad
sha512: c800da51283853f39c1a2498e9d6395c38afe81dedfd0fdb25e33cba8ef50b4897e084924ae7b6a2f864c4cb4456c470c372e01f2333d80336ac3fa9491a35c8
ssdeep: 768:PpOOOgbxjhv+ZddsrCnDXn2tPIlnXOREbGnFkHjbGyrIMWG5ErjS:PpOOOiGZHkCDG1SmF2jbxWGq6
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

FileDescription: HyperTerminal Applet
FileVersion: 5.1.2600.0
CompanyName: Hilgraeve, Inc.
Translation: 0x0409 0x0000

Trojan.FakeMS.INC also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
DrWebTrojan.MulDrop4.39226
ClamAVWin.Adware.Downware-247
McAfeeTrojan-FDQB!51C7D3F4106B
CylanceUnsafe
ZillyaBackdoor.Androm.Win32.1370
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaRansom:Win32/Tobfy.4bf1e6da
K7GWTrojan ( 005110401 )
K7AntiVirusTrojan ( 005110401 )
BaiduWin32.Trojan-Downloader.Zortob.a
ESET-NOD32Win32/LockScreen.AQT
ZonerTrojan.Win32.31444
APEXMalicious
AvastWin32:Crypt-QOD [Trj]
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Razy.567469
NANO-AntivirusTrojan.Win32.Drop.ecvvzj
MicroWorld-eScanGen:Variant.Razy.567469
TencentWin32.Trojan.Lockscreen.Svrj
Ad-AwareGen:Variant.Razy.567469
SophosML/PE-A + Troj/Ransom-UU
ComodoTrojWare.Win32.Kryptik.BUGZ@57ezjl
BitDefenderThetaGen:NN.ZexaF.34628.fy0@amqYh3ei
VIPRETrojan.Win32.Reveton.a (v)
TrendMicroTROJ_SPNR.16FC13
McAfee-GW-EditionTrojan-FDQB!51C7D3F4106B
FireEyeGeneric.mg.51c7d3f4106b5557
EmsisoftGen:Variant.Razy.567469 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.dwoyw
WebrootTrojan.Dropper.Gen
KingsoftWin32.Hack.Androm.q.(kcloud)
MicrosoftRansom:Win32/Tobfy.S
AegisLabTrojan.Win32.Generic.lJhJ
GDataGen:Variant.Razy.567469
AhnLab-V3Downloader/Win32.Andromeda.R66389
Acronissuspicious
VBA32TScope.Malware-Cryptor.SB
MAXmalware (ai score=100)
MalwarebytesTrojan.FakeMS.INC
PandaTrj/Hexas.HEU
TrendMicro-HouseCallTROJ_SPNR.16FC13
RisingRansom.Tobfy!8.339 (CLOUD)
IkarusTrojan.Win32.Reveton
MaxSecureTrojan.Malware.7164915.susgen
FortinetW32/Lockscreen.LOA!tr
AVGWin32:Crypt-QOD [Trj]
Qihoo-360Win32/Trojan.Generic.HgIASOcA

How to remove Trojan.FakeMS.INC?

Trojan.FakeMS.INC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment