ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

FakeMS.exe - Handling A Trojan Virus Attack

Updated on August 20, 2015
Dressage Husband profile image

Stephen Parkin was a Computer Audit Manager for over 30 years with a particular interest in ethics and innovative business ideas.

This Virus Attacks Anti Virus Programs!

I had until recently never been the victim of a Computer virus. I always have an updated and active anti virus program on my computer. In my case I now use Trend Platinum as I have discovered this to be the fastest and least intrusive of the modern anti virus programs. It also offers real time protection and automatic scheduling and updating.

I should have known better than to assume this alone would be sufficient protection. I was after all an IT Audit Manager for over 30 years and have in my time handled many cyber criminals and was tasked with managing the computer security for one of the top 50 banks in the World.

In today's World unfortunately it is no longer adequate to rely on just one of the major suppliers. The FakeMS.exe Trojan Horse virus is one of the nastiest examples of what the modern day cyber villain is capable of.

This virus has been designed using artificial intelligence techniques so that it can pass undetected even when a system is being scanned for viruses on a regular basis. It will change where it is hiding at random and this can even be triggered when the virus detects the activity of an anti virus product.

The virus can even block the anti virus programs from updating themselves and from having full scanning capability. I was using my computer, and all of a sudden it told me my anti virus program was out of date and not running. This was the first hint I had that there may be a virus on my PC. I use an Asus Intel i7 quad core that is extremely fast and I noticed a considerable speed degradation too.

I checked Trend and tried to update my product, this kept failing so I used their House call product, which detected several infections, but not the FakeMS.exe. The Trojan actually encourages other viruses and malware to infect your machine once it is active!

This virus will also attack the operating system, it is not called FakeMS.exe for no good reason. It actually will infiltrate and infect many of the Windows operating system files over time it will make your computer absolutely useless.

Virus Detection And Avoidance Strategies That Can Protect Your PC

Here are some suggestions and strategies that can help you avoid an infection.

  1. Use a scanner that protects all incoming Email
  2. Use a scanner that protects vulnerable system files in real time.
  3. Search your system files periodically looking for obvious invalid file names. Such as FakeMS.exe. It was how I finally realized I had it.
  4. Do not assume your anti virus is enough. They are always a little slow in updating as they react after the new viruses become active.
  5. Do not use two anti virus products on the same computer at the same time. This can often give false positives or prevent one or both from working properly.
  6. Do use Trend's Housecall or Norton's, or McAfee's free scanning tools over the internet if you can still connect.
  7. Use Malwarebytes (free version) to remove any malware, this is the best tool for removing most malware and it is regularly updated.
  8. Use Spybot Search and Destroy (free version is adequate) to remove any unwanted bots and use its immunization feature.
  9. If you suspect a virus that has not been detected, disable your anti virus and download Avast or one of the other free trials and perform a full scan.
  10. There are some good utilities out there for those with sufficient computer knowledge to use them correctly. I found and used WinZip System Utilities by Corel. This was the only anti virus scanner that found my infection, but it failed to remove it even though it said it was quarantined. It was not and still took over my system.
  11. Keep system recovery disks and complete backups at all times. Tip a wifi hard drive and good backup utility can take care of this for all your work/home computers.
  12. Last resort reformat your hard drive and restore from system recovery disks and file backups (last known good version).

Blue Screen Of Death - Possible Result Of FakeMS.exe

Blue Screen Of Death Can Be Caused By FakeMS.exe Trojan Virus
Blue Screen Of Death Can Be Caused By FakeMS.exe Trojan Virus | Source

My Personal Rating Of Trend Titanium Anti Virus

I have used Trend Titanium Anti Virus (formerly PCCillin) for many years now (16) and it has only ever once let me down. That was with this infection of FakeMS.exe, since I knew what the infection was I have written and told them, so newer versions will probably protect against even this Trojan.

I would like to add that neither Norton nor McAfee could even detect the presence of this virus, as I said earlier it has intelligent capabilities and either blocks the anti virus or moves from a yet to be scanned file to a file that has already been scanned (it monitors what the scanner is doing!).

I have since found information that indicates that Malwarebytes can detect and destroy the virus, however in my case it was too late to try by the time I found out as I had already re-formatted and resorted to recovery disks and backups.

The rating below reflects my personal experience with Trend. It is even possible that had the virus not blocked the updates that Trend may have detected and prevented this version of the virus from damaging my system.

My Rating Of Trend Titanium Anti Virus

4 stars for Trend Titanium

Trend Micro Maximum Security (5 User - Best Value)

Trend Micro Maximum Security
Trend Micro Maximum Security | Source

Anti Viruses Compared

McAfee Total Protection 2015
3 PCs [Online Code]
Kaspersky Anti-Virus 2015
3 User, 1 Year
ESET NOD32 Antivirus 2015
3 PCs
Trend Micro Antivirus+ Security 2015
3 PCs
Norton Internet Security 2015
3 PCs

My Experiences In Using The Different Anti Viruses

I have used all of the above anti virus products and Trend is far the easiest to use and has the least affect on your computers speed. Norton used to be the best for catching all viruses, but it missed this one, and it is the program that will most slow your PC.

Kaspersky failed to detect several malware issue that Trend picked up on my PC it also failed to find the FakeMS Trojan.

ESET is much more expensive and will also slow your PC. I did not try it this time, but have not had good experiences with it in the past.

I have used McAfee in the past and used to like it, however it is really hard to remove from your computer once it is installed and it also slows your computer way more than Trend does.

Trend has utilities to speed up your computer and protects personal data as well as having parental controls. It comes with real time protection and you can easily program it to run while you are not using your PC.

WinZip System Utilities Suite Hands On

Virus Experience Poll

Have You Had A PC Virus?

See results

Trend Micro Plus Anti Virus

Trend Micro Antivirus+ Security 2015 - 3 PCs [OLD VERSION]
Trend Micro Antivirus+ Security 2015 - 3 PCs [OLD VERSION]

This is the best way to buy an anti virus for families. This pack covers 3 users, be aware that the annual subscription starts from the first install not from the date it is placed on each machine (i.e. you pay for all three from the date of first install.)


WinZip Utilities

WinZip Systems Utilities Suite (Single User) [Download]
WinZip Systems Utilities Suite (Single User) [Download]

A suite of utilities that also includes virus and malware scans. It is great value as it includes Driver updating, disk cleaning, duplicate file detector, registry updater, and optimizers etc. Just be careful that machines with system specific drivers could be updated wrongly and may need the manufacturers drivers.


Any Comments About Your Experiences With Viruses?

Submit a Comment

  • agvulpes profile image


    3 years ago from Australia

    I turn both my Computer and my WiFi 'off' every night and don't turn it on till I am ready to use it again! I mean at the Power socket on the wall as well !

  • Dressage Husband profile imageAUTHOR

    Stephen J Parkin 

    3 years ago from Pine Grove, Nova Scotia, Canada

    You are not alone I used Spybot S&D Trend and used Nortons scanner and none stopped this one. It seems some virus writers are now targeting specific scanners. I felt people need to be aware.

    Turning your computer off at night starts to be a good option if you did not do it before,

  • agvulpes profile image


    3 years ago from Australia

    Wow the fakeMSs sure seems like one of the 'nasty' viruses !

    I'm using Spybot S&D and AVG at the moment with daily updates and Virus Checks on start up. Malwares still manages to get through :(

  • Dressage Husband profile imageAUTHOR

    Stephen J Parkin 

    3 years ago from Pine Grove, Nova Scotia, Canada

    I have used Trend for a while now and generally am quite satisfied with it. Neither Norton nor Trend caught this virus though!

  • ladyguitarpicker profile image

    stella vadakin 

    3 years ago from 3460NW 50 St Bell, Fl32619

    There is a big difference in the price of Norton and the Trend. I have Norton now, but do not know if I will renew it as had trouble with it a few months ago. Thanks for the information, Stella

  • Dressage Husband profile imageAUTHOR

    Stephen J Parkin 

    3 years ago from Pine Grove, Nova Scotia, Canada

    Unfortunately it came from personal experience. I thought I had more than enough scanners, seems I was wrong. Also using two major scanners will cause false positives and systems hanging so use one really good one (I prefer Trend) then scan periodically with one of the competitions free on-line versions as well as using malwarebytes (free version is fine) and Spybot search and destroy (free version is good enough).

    If you have unexplained issues that none of them detect then AVG and Avast are worth trying too. The reason you need the multi-pronged approach is because some viruses are being developed to attack and disable specific anti virus products. So you need to find one that was updated to take care of the specific version of the virus you have.

  • Jackie Lynnley profile image

    Jackie Lynnley 

    3 years ago from The Beautiful South

    Thanks for sharing this great information!


This website uses cookies

As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

Show Details
HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
LoginThis is necessary to sign in to the HubPages Service.
Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
AkismetThis is used to detect comment spam. (Privacy Policy)
HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
MavenThis supports the Maven widget and search functionality. (Privacy Policy)
Google AdSenseThis is an ad network. (Privacy Policy)
Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
Index ExchangeThis is an ad network. (Privacy Policy)
SovrnThis is an ad network. (Privacy Policy)
Facebook AdsThis is an ad network. (Privacy Policy)
Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
AppNexusThis is an ad network. (Privacy Policy)
OpenxThis is an ad network. (Privacy Policy)
Rubicon ProjectThis is an ad network. (Privacy Policy)
TripleLiftThis is an ad network. (Privacy Policy)
Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)