Trojan.Hosts.5858

Trojan.Hosts.5858 Description

While most browser hijackers limit themselves to exposing you to unpleasant sites every once in a while and otherwise let you go about your business, Trojan.Hosts.5858 is noteworthy for being a browser hijacker that uses its attacks as a form of ransom. Trojan.Hosts.5858 attempts to block normal web browser usage by redirecting you to a malicious site that hosts a fraudulent warning message. In a ploy that SpywareRemove.com malware experts have found to be more typical for ransomware Trojans than browser hijackers, this message informs victims that their Internet access is being blocked due to supposed crimes that have been associated with their computers. Trojan.Hosts.5858′s warning message offers an easy credit card payment to unlock Internet access, but since this message is fraudulent, you should be content with using anti-malware software to delete Trojan.Hosts.5858 and regain web-browsing capabilities for free.

Trojan.Hosts.5858 – a Fake ‘House of Spam’ Delivery Straight to Your Web Browser

Trojan.Hosts.5858 is a Trojan that’s often installed by other types of Trojans, particularly including members of the BackDoor.Andromeda family. Backdoor Trojans like those that install Trojan.Hosts.5858 may also be reconfigured to implement different PC threats or to reduce your computer’s security; consequentially, SpywareRemove.com malware researchers always recommend an extremely thorough scan of your PC after any possible Trojan.Hosts.5858 attack. Fortunately, Trojan.Hosts.5858 attacks are fairly easy to identify, since they use very visible browser redirects via standard Hosts file exploits.

By modifying your Hosts file, Trojan.Hosts.5858 redirects your browser from popular sites (IE, Facebook, Google and so on) towards its own website. This site hosts a warning message that claims to be from Spamhaus (a spam-tracking database) and informs you that your PC has supposedly been linked to spam-related activities and, therefore, been blocked from the Internet. Naturally, this isn’t true, and SpywareRemove.com malware analysts remind potential Trojan.Hosts.5858 victims that reputable PC security companies, including Spamhaus, legally aren’t allowed to take such actions arbitrarily.

A brief sample of the warning is provided below, translated into English for your convenience (the original text is presented in German):

Your computer IP address was blocked to prevent spam activity. To be able to use many Internet sites, your consent is required to prove that you’re a real human and not a robot or spam program.

Sneaking Out of Trojan.Hosts.5858′s Trap without Spending a Thing

Trojan.Hosts.5858′s warning form insists that you should use your credit card for a fee that will unlock Internet access, but this is completely unnecessary and may cause your credit card to be targeted by multiple types of fraudulent transactions. Even though its choice of destination is exceptionally alarming, Trojan.Hosts.5858 can be removed like any other browser hijacker – with a scan from a good anti-malware application. However, SpywareRemove.com malware experts also remind that you should scan your entire PC, particularly including your Hosts file, since your browser will continue to suffer from redirects unless all of Trojan.Hosts.5858′s Hosts file changes are removed.

Because Trojan.Hosts.5858 was identified recently as of May 2012, you may also be required to update your anti-malware scanner’s threat databases before it can identify Trojan.Hosts.5858 for deletion. Whenever possible, SpywareRemove.com malware research team recommends keeping your anti-malware software completely updated, which will maximize its ability to detect recently-emerged PC threats like Trojan.Hosts.5858.

Trojan.Hosts.5858 Automatic Detection Tool (Recommended)

Technical Details

Home Malware ProgramsTrojans Trojan.Hosts.5858