Trojan.fakems
As a recent and sometimes surprisingly durable threat, the Trojan.fakems Trojan definitely isn't malware you can afford to underestimate! Indications are that Trojan.fakems downloads and launches malware on systems, is capable of attacking and destroying stored information and files, is able to avoid multiple deletion methods and even change its file name to prevent easy identification. Due to the complexity of its defenses, Trojan.fakems is best deleted by security software designed for the purpose, but an even better prospect is preventing this infection from getting anywhere near your computer at all.
An Unmistakably Tenacious Attacker
Trojan.fakems will infect your computer through the use of misleading advertising, drive by downloading exploits or just plain piggybacking atop another file. Its first immediate act is to add hidden entries to your registry, which lets Trojan.fakems run without so much as a sign or a murmur whenever your computer starts up.
Finding Trojan.fakems at all can be difficult, since Trojan.fakems is been reported to change file names to avoid easy detection, as well as being able to hide in a number of different locations. Even if you find Trojan.fakems, it will attempt to use permissions exploits to stop any manual deleting maneuvers you'd like to use to thwart Trojan.fakems. In these cases malware scanners may do a better job than human eyes, but even a good anti-malware product has occasionally been reported to fail at deleting Trojan.fakems fully.
What Happens If You Can't Get Rid of Trojan.fakems
Trojan.fakems follows in the well-worn path of many Trojan before Trojan.fakems by exploiting security limitations to drop more malware on any computer Trojan.fakems infects. This malware may be used to enable easier attacks by remote attackers, to spy on your saved data and computer input or just to make your life that much harder with rogue products and browser hijackers.
A Trojan.fakems infection has also been reported to engage in directly hostile actions against information and files on the host system, which makes Trojan.fakems an immediate emergency threat rather than one you should feel safe about dealing with later. Such attacks can persist to the point of requiring a complete reinstallation of your operating system if defenses aren't enacted.
This Trojan is one that likes to spread around, too; in some instances, Trojan.fakems has been reported to launch a server from a TCP port to spread itself to other computers. Deleting Trojan.fakems isn't just a matter of saving your own computer's hide, but also a matter of being compassionate towards other computers!
File System Modifications
- The following files were created in the system:
# File Name 1 %appdata%\microsoft\internet explorer\quick launch\Trojan.FakeMS.kd.lnk 2 %commonprograms%\Trojan.FakeMS.kd\about.lnk 3 %commonprograms%\Trojan.FakeMS.kd\Trojan.FakeMS.kd support.lnk 4 %commonprograms%\Trojan.FakeMS.kd\Trojan.FakeMS.kd.lnk 5 %commonprograms%\Trojan.FakeMS.kd\update.lnk 6 %desktop%\Trojan.FakeMS.kd support.lnk 7 %desktop%\Trojan.FakeMS.kd.lnk 8 %programfiles\Trojan.FakeMS.kd\about.ico 9 %programfiles\Trojan.FakeMS.kd\activate.ico 10 %programfiles\Trojan.FakeMS.kd\uninstall.exe 11 %programfiles\Trojan.FakeMS.kd\update.ico 12 %programfiles\Trojan.FakeMS.kd\virus.mp3
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}hkcu\Software\Microsoft\Windows\CurrentVersion\Run "Trojan.FakeMS.kd"hklm\SOFTWARE\Trojan.FakeMS.kdHKEY..\..\..\..{RegistryKeys}hkcr\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Trojan.FakeMS.kd
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.