Jump to content

Windows 11 installation causes a fake positive Trojan.FakeMS.ED


Recommended Posts

Ran Free Malwarebytes Anti-Malware after 6 Windows 11 installations (4 Dell Recovery/Restore and 2 new installations) and the threat scan results reports says that it found 13 Trojan.FakeMS.ED are identified.  I have attached a copy of the results below:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/24/2022
Scan Time: 9:05:22 AM
Logfile: 
Administrator: Yes

Version: 2.01.4.1018
Malware Database: v2015.03.09.05
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Don

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 370729
Time Elapsed: 9 min, 23 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 10
Trojan.FakeMS.ED, HKLM\SOFTWARE\CLASSES\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}, , [6f0a7fc4a7e35ed8ad88559bc53c08f8], 
Trojan.FakeMS.ED, HKLM\SOFTWARE\CLASSES\ATL.Registrar, , [6f0a7fc4a7e35ed8ad88559bc53c08f8], 
Trojan.FakeMS.ED, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ATL.Registrar, , [6f0a7fc4a7e35ed8ad88559bc53c08f8], 
Trojan.FakeMS.ED, HKLM\SOFTWARE\CLASSES\WOW6432NODE\ATL.Registrar, , [6f0a7fc4a7e35ed8ad88559bc53c08f8], 
Trojan.FakeMS.ED, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}, , [6f0a7fc4a7e35ed8ad88559bc53c08f8], 
Trojan.FakeMS.ED, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}, , [6f0a7fc4a7e35ed8ad88559bc53c08f8], 
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe, , [4e2b142ff09ade58b66c1a5cdd278e72], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe, , [3940ee555535ae8885b60076fe06be42], 
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe, , [92e7f54e0e7c979f35ed0076be46718f], 
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe, , [d9a02c17c3c700364af1df97877d827e], 

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 3
Trojan.FakeMS.ED, C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe, , [3940e261aedc0b2be54a376e59a71ae6], 
Trojan.FakeMS.ED, C:\Windows\System32\atl.dll, , [6f0a7fc4a7e35ed8ad88559bc53c08f8], 
Trojan.FakeMS.ED, C:\Windows\SysWOW64\msinfo32.exe, , [accdba8909816ec847e882235ca4b44c], 

Physical Sectors: 0
(No malicious items detected)


(end)

I'm not sure if this is a false positive or there needs to be an update in Malwarebytes and/or Windows 11 update to correct/prevent this error from reappearing.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.