Trojan Horse

How to remove Big Farm Virus

The most notorious and well-known malware category in the world is that of the Trojan horse viruses. From acting as quiet little spies to wreaking havoc on the user’s system – the malicious pieces of software can pretty much do it all and that is the very reason why their popularity has always been through the roof. In fact, some 70% of all malware infections ever recorded were caused by none other than Trojan horses – that should certainly attest for something. Today we will be discussing a certain member of this particular malware category called Big Farm Virus. If you have found this specific Trojan in your system, then you might want to stick around here to find out more about what this virus may really be up to and how you can prevent it from ever infecting you again. But more importantly, you will also get the opportunity to locate and remove it from your PC with the help of the instructions in our removal guide below.

What Big Farm Virus may be capable of and how it may spread

As we already pointed out above, the usages of Trojan horses are very many and they’re very diverse, which is in part what makes them so invaluable to criminal hackers. But that’s also why we cannot exactly pinpoint what Big Farm Virus is doing on your computer in your specific case, because there are just too many possibilities for that and they all depend on the intent of the hackers exploiting it. However, we can give you a better perspective as to what kinds of violations Trojans like Big Farm Virus can do, so that you can have a better idea of what it is you’re up against.

  • A very common usage of Trojan horse viruses is to steal valuable personal or professional information from the infected computer. If your personal PC has been infected, the virus could be after your identity, data related to your social media profiles, such as login details and passwords. Trojans can often apply tactics like keystroke logging so as to keep close track of the data you type in using your keyboard. If the computer at your workplace has been infected, then likewise the virus may be after professional information, like company secrets or financial data. Again, the same tactics may apply.
  • Just as in the above case, this may be applied for both professional and personal computers. Perhaps someone’s holding a grudge against you and also just so happens to have good computing skills. Alternatively, someone may again be seeking to destroy valuable company information, for example, if it is your work that’s being targeted. Either way, a Trojan like Big Farm Virus would be capable of formatting your drives and whipping them clean of any data, without any chances of having it restored.
  • Botnets/Resource use. Programs like Big Farm Virus can also get your PC involved in botnets for various purposes. For example, one of them could be spreading spam or infecting other computers within your same network. Another possibility is the fact your computer’s resources may be targeted for the purpose of mining cryptocurrencies, such as bitcoins. These bticoins can then be sent to the hackers and you will be left to wonder why all of a sudden your laptop battery started to last a lot less.
  • One of the scariest usages of Trojan horse viruses is when they’re used to spy on their victims. They can turn on the webcam of the computer they’re on, for example, and be used to watch the user remotely. Or, they may be used to turn on the microphone and listen to them instead, or perhaps even do both simultaneously.

You may not be sure of how and when you got infected with this Trojan and we can’t really tell you either. But, again, we would like to outline the most common sources, so may avoid infections like these in the future. Try to steer clear of any online ads, such as popups and banners, as hackers often inject these with their malicious scripts. Other potential sources are spam email, especially those containing attached files. Be sure to only interacted with emails from trusted sources and invest in a reputable antimalware program that will help protect your system from any future threats.

Big Farm Virus Removal

Sidenote: Readers of this guide are advised to bookmark this page or have it opened on another device since it is possible that they will need to close the browser at a some point during the tie they are completing the following steps.

Step 1

The first thing that needs to be done prior to anything else is that you boot your PC into Safe Mode. If you are not sure how to do it, use this link to a guide on how to enter Safe Mode.

Step 2

Press Ctrl + Shift + Esc to open the Task Manager. Go to the Processes section and look for any suspicious-looking processes. Usually, malware processes use high amounts of RAM and CPU and also have shady description (or none at all). Right-click on those processes and select Open File Location. If you are sure that the process is coming from the virus, delete everything in the file location. Also, right-click on the process again and then select End Process.

Step 3

Press Winkey + R and type appwiz.cpl. Press Enter and in the newly opened window look for any shady program installs. Right-click on the suspicious programs and select uninstall. Follow the prompts to uninstall the sketchy application.

Step 4

Open the Run window again (Winkey + R), type msconfig and hit Enter. Go to the Startup section and from the list of programs, uncheck everything that seems shady or has an unknown or suspicious-looking manufacturer. Click on OK. On Windows 10, the startup programs list is in the Task Manager.

Step 5

Open the Start Menu and paste the following line in the search bar: notepad %windir%/system32/Drivers/etc/hosts. Click on the first result that gets displayed. A notepad file should open, look at the bottom of the text and see if there are any IP addresses below localhost. Write to us in the comments if you saw anything there.

Step 6

Type regedit in the Run search bar and hit Enter. When the Registry Editor opens, press Ctrl + F, type the name of the virus and select Find Next. If anything gets found, right-click on it and select Delete. Do this for all search results.

Additionally, manually navigate to the following directories and see if they have any folders/keys that look shady (with a lot of random numbers and letters):

  • HKEY_CURRENT_USER > Software > Microsoft > Windows > CurrentVersion > Run
  • HKEY_CURRENT_USER > Software > Microsoft > Internet Explorer > Main
  • HKEY_CURRENT_USER > Software > Any other random directory

Delete everything that looks suspicious. If you are not sure whether to delete something, be sure to ask us in the comments.

About the author

Adrian Bitterson


  • Also I am seeing this in the NotePad file
    # localhost name resolution is handled within DNS itself.
    # localhost
    # ::1 localhost

  • # Copyright (c) 1993-2009 Microsoft Corp.
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a ‘#’ symbol.
    # For example:
    # # source server
    # # x client host

    # localhost name resolution is handled within DNS itself.
    # localhost
    # ::1 localhost

    # unchecky_begin
    # These rules were added by the Unchecky program in order to block advertising software modules # fix for traceroute and netstat display anomaly
    # unchecky_end

    this is from host file, which should i delete?

Leave a Comment