Skinnyboy Malware


Skinnyboy can be hidden in all kinds of ways, and presented to you under the guise of seemingly harmless e-mail attachment, software installer, media file of different movies and songs, and so on. Skinnyboy is an example of a dangerous computer program that is categorized as a Trojan Horse, and if you think (or know) that this piece of malware is presently inside of your computer, be sure to read this whole article, and then take a look at the guide that you will find below.


The Skinnyboy malware detected by multiple anti virus programs

The article will provide you with some key information about the characteristics, distribution methods, and abilities of threats such as Skinnyboy, and the guide below it will share with you how to liberate your computer from the insidious Trojan.

The characteristics of a Trojan Horse

Unlike viruses, Trojan Horse threats are unable to replicate their files and spread within the system. However, this doesn’t take away from their malicious nature and abilities in the slightest. Usually, a threat like that would be designed in a way that would lure the user into interacting with the file that carries it, and willingly, albeit unknowingly, provide the Trojan with an Admin’s permission to make changes in the system. As soon as this permission is given to the malware, the computer can be considered as infected. Once the Admin permission is given, the malware would be able to do all sorts of things in the computer – it would have almost unlimited access to the data stored on the machine, and it would also be able to alter various system settings. Such operational freedom can be used for the completion of all kinds of shady tasks, which is why most Trojans are versatile malware tools, and can be utilized in a variety of cyber crimes.

Some examples showcasing the ability of the Trojan Horse infections

The following are only a small number of the many things a Trojan like Skinnyboy, Great Discover, Trojan.Malware.300983.susgen may be capable of:

  • Starting new processes in the system, that force the machine to mine BitCoins, to participate in mass online attacks on different sites (DDoS attacks), to spread the Trojan (or other malware) on the Internet via automated spam e-mails, etc.
  • Inserting additional malicious programs in the infiltrated system – Ransomware, Rootkits, Worms, etc. Ransomware cryptoviruses are an especially common example of malware that spreads with the help of Trojans.
  • Conducting various forms of espionage – keylogging, taking screencaps of the user’s screen, and even hacking into the webcam, and using it for directly spying on the user.

How people usually land Trojans

Visiting sketchy sites, especially ones with adult content, or sites that distribute pirated software, greatly increases the risk of getting your system infected. Other common Trojan Horse distribution channels are the many types of spam that one can encounter (e-mails, social network messages, chat application messages, etc.). Misleading web ads, and clickbait buttons that pop-up in your browser may also potentially get you infected with a Trojan, which is why it’s a bad idea to keep any adware, or browser hijacker apps in your system. As far as Skinnyboy is concerned, you can find removal instructions for it in the guide below.


Name Skinnyboy
Type Trojan
Detection Tool

anti-malware offerOFFER *Read more details in the first ad on this page, EULA, Privacy Policy, and full terms for Free Remover.

Remove Skinnyboy Malware

If you have a Windows virus, continue with the guide below.

If you have a Mac virus, please use our How to remove Ads on Mac guide.

If you have an Android virus, please use our Android Malware Removal guide.

If you have an iPhone virus, please use our iPhone Virus Removal guide


Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).



Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous. 


Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Drag and Drop File Here To Scan
Drag and Drop File Here To Scan
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.

    After you open their folder, end the processes that are infected, then delete their folders. 

    Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections. 


    Hold together the Start Key and R. Type appwiz.cpl –> OK.


    You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:



    Type msconfig in the search field and hit enter. A window will pop-up:


    Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.

    • Remember this step – if you have reason to believe a bigger threat (like ransomware) is on your PC, check everything here.

    Hold the Start Key and R –  copy + paste the following and click OK:

    notepad %windir%/system32/Drivers/etc/hosts

    A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

    hosts_opt (1)

    If there are suspicious IPs below “Localhost” – write to us in the comments.


    Type Regedit in the windows search field and press Enter.

    Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:

    • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
      HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
      HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

    If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


    About the author


    Brandon Skies

    Brandon is a researcher and content creator in the fields of cyber-security and virtual privacy. Years of experience enable him to provide readers with important information and adequate solutions for the latest software and malware problems.

    Leave a Comment