Trojan-Downloader.Script.Generic Virus Removal

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

This page aims to help you remove Trojan-Downloader.Script.Generic. These Trojan-Downloader.Script.Generic removal instructions work for every version of Windows.

If you are reading this article then you are probably worried that your computer has been infected with Trojan-Downloader.Script.Generic. Well you should – this is a nasty computer virus that belongs to the family of Trojan Horses. These things can be incredibly dangerous, as they are very difficult to find and remove and they often can install ransomware on your computer, spy on your data or provide root access to the hacker who created them

Trojan horses rely on exploiting system vulnerabilities and Trojan-Downloader.Script.Generic is no different

What sets apart Trojan horses from other viruses is the fact that they can employ all kinds of little known system vulnerabilities to infect a computer. Most other online threats usually need to be downloaded and installed in order to infect the computer, with a Trojan clicking the wrong link can sometimes be enough. They will also use these system vulnerabilities to give some degree of remote access to the person that created them. This can be used as a means to spy on you, steal your identity and install various unwanted programs and other viruses on your computer.

Tell-tale signs of a Trojan Horse Infection

As a rule of the thumb Trojan Horses try to keep a low profile and to remain undetected for as possible. One of the ways to know that you have a Trojan Horse is because you’ve recently been infected with a ransomware agent. Trojan horses often serve as the “dropper” for ransomware viruses and they can blind your anti-virus program to the presence of the virus.

A Trojan horse like Trojan-Downloader.Script.Generic will typically masquerade as another legitimate windows process, service or program. Just looking at the name of the process is usually not enough, as this can be easily manipulated. You will have a much better shot when looking for the developer of the program process while you are in Windows Task Manager – the Trojan will have a manufacturer of unknown or another fake company. Trojan horses are usually set to start on Windows startup, so checking your MsConfig boot settings for any programs that shouldn’t be there is also a good idea.

Distribution methods used by Trojan-Downloader.Script.Generic

A Trojan, much like a worm, can be distributed offline via USB drives – exercise caution when plugging unfamiliar devices into your computer. However, it is much more likely that the Trojan-Downloader.Script.Generic was installed directly – from a corrupted installation file.

Corrupted installation files are actually .EXE files that can be distributed in many ways, but most commonly with the help of Email spam, malicious hosting sites and torrent/download platforms.

  • Do NOT underestimate spam emails. Only the least effective spam emails are written in broken English. The most successful (and dangerous) spam emails use good rhetoric’s and are usually related to work, as it is easier to explain the presence of an attached file. Usually the text of the email will subtly manipulate the user into downloading and installing the Trojan horse onto his computer. Once that happens only trouble will follow.

Torrent and online download platforms are a very convenient and easy way to obtain software, but many of these are illegal for a reason. There is virtually no control exercised over the content on what gets uploaded on these sites. A single corrupted file can infect thousands of computers before its nature is identified and it’s taken down. It gets even worse with download sites that use search engine optimization to lure unsuspecting victims. A malicious website may promise you a download containing exactly the file in need, but in reality you’ll be getting a nasty virus present.

  • Avoid clicking on random links posted by people in forums, chat boards and other social media. Very often these comments are not even made by real people, but by bots. Clicking on a malicious link can get your computer infected in no time!


Name Trojan-Downloader.Script.Generic
Type Trojan
Danger Level High (Could install ransomware, spy on you and other kinds of really nasty stuff)
Symptoms Usually none, but a sudden virus infection may indicate a trojan present.
Distribution Method Infected executable files from spam emails, torrents and online free distribution software sites.
Detection Tool Malware and Adware are notoriously difficult to track down, since they actively try to deceive you. Use this professional parasite scanner to make sure you find all files related to the infection.Sponsored

Remove Trojan-Downloader.Script.Generic

Readers are interested in:


Reboot in Safe Mode (use this guide if you don’t know how to do it).

This is the first preparation.


To remove parasite, you may have to meddle with system files and registries. Making a mistake and deleting the wrong thing may damage your system.
Avoid this by using SpyHunter - a professional Parasite removal tool.

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

The first thing you absolutely must do is Reveal All Hidden Files and Folders.

  • Do not skip this. Trojan-Downloader.Script.Generic may have hidden some of its files and you need to see them.

Hold together the Start Key and R. Type appwiz.cpl –> OK.


You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:


Type msconfig in the search field and hit enter. A window will pop-up:


Go in Startup —> Uncheck entries that have “Unknown” as Manufacturer.


Hold the Start Key and R copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

hosts_opt (1)

If there are suspicious IPs below “Localhost” – write to us in the comments.



Press CTRL + SHIFT + ESC simultaneously. Go to the Processes Tab. Try to determine which ones are a virus. Google them or ask us in the comments.


This is the most important and difficult part. If you delete the wrong file, it may damage your system irreversibly. If you can not do this,
>> Download SpyHunter - a professional parasite scanner and remover.

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

Right click on each of the virus processes separately and select Open File Location. End the process after you open the folder, then delete the directories you were sent to.


Type Regedit in the windows search field and press Enter.

Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random


If these things fail to help you find Trojan-Downloader.Script.Generic you need to resort to a professional scanner – obviously this is a malware that was created to steal your credentials and credit cards – meaning the people who created it spent a lot of resources to make it as dangerous as possible.

Remember to leave us a comment if you run into any trouble!