The Trojan horse Generic31.REJ is another variation of stubborn rootkit Trojan infection that comes from the generic family of the viruses. Once installed on any computer, the Trojan horse Generic31.REJ creates suspicious registry entries that allow this virus to start it automatically every time you try to run the windows. This malicious application runs annoying pop-up ads on the screen of the infected computer which makes it impossible for you to perform your daily tasks on the computer. These pop-up ads encourage you to buy some fake antivirus applications. Besides that, this malicious application also performs a number of harmful activities on the infected machine which opens the backdoor for the additional malware. Another dangerous feature of this Trojan rootkit is, it changes the settings of your default search engine due to which all of your searches directed towards unknown websites. It can infect all the major search engines including the Yahoo, Google, Bing, and MSN. Once installed, this Trojan virus starts eating the most of the computer resources due reduces which not only the speed of the system, but you will also face regular crashes, and freezes.
The Manual Removal of Trojan horse Generic31.REJ
Once this virus is detected, you have to remove it quickly as it can damage your system completely. You can get rid of this virus by taking help from any automatic removal tool that can easily fix the problem, or by using the manual removal method which is described as under:-
Start Your Computer in the Safe Mode
First of all you need to restart the system, and press F8 key to access the boot option menu. From the list of boot options you have to select the safe mode option and press the enter key to restart the system in the safe mode.
Delete the Processes through Windows Task Manager
When the system starts working in the safe mode, you become able to delete the malicious processes related to this virus . Open the windows task manager by using the Ctrl+Alt+Delete keys, and click on the processes tab. You have to end the following processes from the list:-
- %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
Delete the Associated Data
After removing the processes, you have to delete the following suspicious files from the system files folder:-
- %Desktopdir%\Trojan horse Generic31.REJ.lnk
- %Programs%\Trojan horse Generic31.REJ\Trojan horse Generic31.REJ.lnk
Reverse the Modification in the Windows Registry
Open the start menu, click on the Run option, type regedit.exe, and press ok to access the registry editor where you can modify the windows registry. You have to find as well as delete the following entries from the list:-
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan horse Generic31.REJ\DisplayIcon %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe,0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan horse Generic31.REJ
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan horse Generic31.REJ\UninstallString “%AppData%[RANDOM CHARACTERS][RANDOM CHARACTERS].exe” -u
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\[RANDOM CHARACTERS] %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan horse Generic31.REJ\ShortcutPath “%AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe” -u
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan horse Generic31.REJ\DisplayName Trojan horse Generic31.REJ
After deleting the above mentioned entries related to the Trojan:Win32/QHosts.BH you have to restart the computer in the normal mode to see the success of manual removal process. Update your existing antivirus program and run a system scan to remove the infections.