In this post, I am going to explain the way the FakeIE trojan injected right into your personal computer, and how to get rid of FakeIE trojan virus.
What is FakeIE trojan?
| Name | FakeIE |
| Infection Type | Trojan |
| Symptoms |
|
| Similar behavior | Ropest, Bunitu, Slingshot, Lambert, Lambert, Infostealer |
| Fix Tool |
See If Your System Has Been Affected by FakeIE trojan |
The name of this kind of malware is a reference to a famous legend about Trojan Horse, which was put to work by Greeks to enter the city of Troy and win the war. Like a dummy horse that was left for trojans as a present, FakeIE trojan virus is distributed like something legit, or, at least, useful. Harmful apps are concealing inside of the FakeIE trojan virus, like Greeks inside of a big wooden dummy of a horse.1Trojan viruses are one of the leading malware types by its injection rate for quite a very long time. And currently, during the pandemic, when malware became extremely active, trojan viruses increased their activity, too. You can see a lot of messages on diverse resources, where users are grumbling about the FakeIE trojan virus in their computer systems, and requesting assisting with FakeIE trojan virus clearing.
Trojan FakeIE is a kind of virus that infiltrates right into your system, and afterwards performs various harmful features. These features depend on a kind of FakeIE trojan: it might act as a downloader for other malware or as a launcher for another malicious program which is downloaded together with the FakeIE trojan virus. Throughout the last 2 years, trojans are also spread through email attachments, and in the majority of instances used for phishing or ransomware injection.
FakeIE2 also known as
| Bkav | W32.AIDetect.malware1 |
| K7AntiVirus | Trojan ( 005246d51 ) |
| DrWeb | Trojan.Siggen8.28054 |
| Cynet | Malicious (score: 100) |
| ALYac | Trojan.GenericKD.30642954 |
| Cylance | Unsafe |
| Sangfor | Trojan.Win32.FakeIE.B |
| CrowdStrike | win/malicious_confidence_70% (W) |
| Alibaba | TrojanDownloader:Win32/FakeIE.f334d58b |
| K7GW | Trojan ( 005246d51 ) |
| Cybereason | malicious.c341ce |
| Symantec | ML.Attribute.HighConfidence |
| ESET-NOD32 | a variant of Win32/Packed.FlyStudio.AA potentially unwanted |
| APEX | Malicious |
| Avast | Win32:Malware-gen |
| BitDefender | Trojan.GenericKD.30642954 |
| NANO-Antivirus | Trojan.Win32.FakeIE.exhewr |
| MicroWorld-eScan | Trojan.GenericKD.30642954 |
| Tencent | Win32.Trojan.Dldr.Eew |
| Ad-Aware | Trojan.GenericKD.30642954 |
| Sophos | Mal/Generic-S |
| Comodo | Packed.Win32.MUPX.Gen@24tbus |
| BitDefenderTheta | Gen:NN.ZexaF.34628.3mKfauqpF7kb |
| VIPRE | Trojan.Win32.Generic!BT |
| McAfee-GW-Edition | BehavesLike.Win32.AdwareFiletour.cc |
| FireEye | Generic.mg.065ee0ac341ce375 |
| Emsisoft | Trojan.GenericKD.30642954 (B) |
| SentinelOne | Static AI – Malicious PE |
| Avira | TR/Dldr.Fakeie.tfrtz |
| eGambit | Unsafe.AI_Score_100% |
| Microsoft | TrojanDownloader:Win32/FakeIE.B |
| Arcabit | Trojan.Generic.D1D3930A |
| AegisLab | Trojan.Win32.Fakeie.4!c |
| GData | Trojan.GenericKD.30642954 |
| AhnLab-V3 | Malware/Win32.Generic.C2440316 |
| McAfee | Artemis!065EE0AC341C |
| MAX | malware (ai score=99) |
| VBA32 | BScope.Trojan.Downloader |
| Malwarebytes | Malware.Heuristic.1003 |
| Panda | Trj/GdSda.A |
| Fortinet | W32/Agent.65CA!tr |
| AVG | Win32:Malware-gen |
| Paloalto | generic.ml |
Domains that associated with FakeIE:
| 0 | z.whorecord.xyz |
| 1 | a.tomx.xyz |
| 2 | www.chachongba.cc |
| 3 | tj.chachongba.cc |
What are the symptoms of FakeIE trojan?
- Executable code extraction;
- Attempts to connect to a dead IP:Port (1 unique times);
- Creates RWX memory;
- Reads data out of its own binary image;
- Performs some HTTP requests;
- Unconventionial binary language: Chinese (Simplified);
- Unconventionial language used in binary resources: Chinese (Simplified);
- The binary likely contains encrypted or compressed data.;
- The executable is compressed using UPX;
- Tries to unhook or modify Windows functions monitored by Cuckoo;
- Attempts to modify proxy settings;
The typical symptom of the FakeIE trojan virus is a steady appearance of different malware – adware, browser hijackers, and so on. Due to the activity of these destructive programs, your system becomes really lagging: malware consumes big amounts of RAM and CPU capacities.
Another noticeable result of the FakeIE trojan virus existence is unknown programs displayed in task manager. In some cases, these processes might try to imitate system processes, but you can recognize that they are not legit by looking at the origin of these processes. Quasi system applications and FakeIE trojan’s processes are always listed as a user’s programs, not as a system’s.
How to remove FakeIE trojan virus?
- Download and install Loaris Trojan Remover.
- Open Loaris and perform a “Standard scan“.
- “Move to quarantine” all items.
- Open “Tools” tab – Press “Reset Browser Settings“.
- Approve the reset pressing “Yes” button in the appeared window.
- Restart your computer.
To erase FakeIE trojan and also be sure that all extra malware, downloaded with the help of this trojan, will be wiped out, too, I’d recommend you to use Loaris Trojan Remover.
FakeIE trojan virus is truly tough to delete manually. Its pathways are very tough to track, and the changes implemented by the FakeIE trojan are hidden deeply inside of the system. So, the possibility that you will make your system 100% clean of trojans is pretty low. And don't ignore malware that has been downloaded and install with the help of the FakeIE trojan virus. I feel these arguments are enough to assure that eliminating the trojan virus by hand is a bad suggestion.
FakeIE removal guide
To detect and eliminate all viruses on your PC using Loaris, it’s better to use Standard or Full scan. Removable scan, as well as Custom, will scan only specified folders, so these types of scans cannot provide the full information.
You can observe the detects till the scan process goes. Nevertheless, to execute any actions against spotted viruses, you need to wait until the process is finished, or to interrupt the scanning process.
To designate the appropriate action for each detected malware, choose the knob in front of the detection name of detected malware. By default, all malware will be sent to quarantine.
How to remove FakeIE Trojan?
Name: FakeIE
Description: Trojan FakeIE is a kind of virus that infiltrates into your computer, and after that performs different destructive functions. These features depend upon a type of FakeIE trojan: it can act as a downloader for many other malware or as a launcher for another destructive program which is downloaded in addition to the FakeIE trojan. During the last two years, trojans are also dispersed via e-mail attachments, and most of situations utilized for phishing or ransomware infiltration.
Operating System: Windows
Application Category: Trojan
User Review
( votes)- What is Trojan Horse: https://en.wikipedia.org/wiki/Trojan_horse_(computing)
- FakeIE VirusTotal Report:
