While most browser hijackers limit themselves to exposing you to unpleasant sites every once in a while and otherwise let you go about your business, Trojan.Hosts.5858 is noteworthy for being a browser hijacker that uses its attacks as a form of ransom. Trojan.Hosts.5858 attempts to block normal web browser usage by redirecting you to a malicious site that hosts a fraudulent warning message. In a ploy that SpywareRemove.com malware experts have found to be more typical for ransomware Trojans than browser hijackers, this message informs victims that their Internet access is being blocked due to supposed crimes that have been associated with their computers. Trojan.Hosts.5858′s warning message offers an easy credit card payment to unlock Internet access, but since this message is fraudulent, you should be content with using anti-malware software to delete Trojan.Hosts.5858 and regain web-browsing capabilities for free.
Trojan.Hosts.5858 – a Fake ‘House of Spam’ Delivery Straight to Your Web Browser
Trojan.Hosts.5858 is a Trojan that’s often installed by other types of Trojans, particularly including members of the BackDoor.Andromeda family. Backdoor Trojans like those that install Trojan.Hosts.5858 may also be reconfigured to implement different PC threats or to reduce your computer’s security; consequentially, SpywareRemove.com malware researchers always recommend an extremely thorough scan of your PC after any possible Trojan.Hosts.5858 attack. Fortunately, Trojan.Hosts.5858 attacks are fairly easy to identify, since they use very visible browser redirects via standard Hosts file exploits.
By modifying your Hosts file, Trojan.Hosts.5858 redirects your browser from popular sites (IE, Facebook, Google and so on) towards its own website.
A brief sample of the warning is provided below, translated into English for your convenience (the original text is presented in German):
Your computer IP address was blocked to prevent spam activity. To be able to use many Internet sites, your consent is required to prove that you’re a real human and not a robot or spam program.
Sneaking Out of Trojan.Hosts.5858′s Trap without Spending a Thing
Trojan.Hosts.5858′s warning form insists that you should use your credit card for a fee that will unlock Internet access, but this is completely unnecessary and may cause your credit card to be targeted by multiple types of fraudulent transactions. Even though its choice of destination is exceptionally alarming, Trojan.Hosts.5858 can be removed like any other browser hijacker – with a scan from a good anti-malware application. However, SpywareRemove.com malware experts also remind that you should scan your entire PC, particularly including your Hosts file, since your browser will continue to suffer from redirects unless all of Trojan.Hosts.5858′s Hosts file changes are removed.
Because Trojan.Hosts.5858 was identified recently as of May 2012, you may also be required to update your anti-malware scanner’s threat databases before it can identify Trojan.Hosts.5858 for deletion. Whenever possible, SpywareRemove.com malware research team recommends keeping your anti-malware software completely updated, which will maximize its ability to detect recently-emerged PC threats like Trojan.Hosts.5858.
Trojan.Hosts.5858 Automatic Detection Tool (Recommended)
Is your PC infected with Trojan.Hosts.5858? To safely & quickly detect Trojan.Hosts.5858, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Trojan.Hosts.5858 What happens if Trojan.Hosts.5858 does not let you open SpyHunter or blocks the Internet?
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name 1 avg.exe 2 Autorun.inf 3 %AllUsersProfile%\Local Settings\Temp\d446fffd.com
Posted: May 24, 2012 | By SpywareRemove
Threat Level: 9/10
Rate this article:
Detection Count: 150