Trojan horse Generic20.BQUO

January 11, 2011 at 09:39:48
Specs: Windows XP
I am running Windows XP with AVG Free 9.0 on my Dell laptop. Everything was fine yesterday morning. I left my computer on while I left to do afterschool tutoring. When I got home, I found that my daily scan found an infection: Trojan horse Generic20.BQUO. The file paths included: C:\WINDOWS\system\WLTRYSVC.EXE and C:\(upside down exclamation mark)386\WLTRYSVC.EXE.

I moved it to the virus vault, rebooted my computer, and ran another whole system scan. No threads found.

However, now I cannot access the Internet. I am using a hotel wireless connection which just comes up automatically as soon as I load Google Chrome or hit send/receive all in Outlook Express.

I have NOT opened any other applications as I don't want to risk losing any files or folders until I know what has happened to my laptop.

I tried searching the web and AVG for this virus but couldn't find info on this specific one. Any ideas as to what I can try please to restore my Internet access?
Many thanks!
Montana in IN

See More: Trojan horse Generic20.BQUO

Report •

January 11, 2011 at 10:35:45
Just open IE, click on tools/internet options/connections/Lan settings and uncheck use proxy server. Close IE and re-open it, you should get online...let us know

Also once online do a full updated scan with malwarebytes and remove all it finds.

Some HELP in posting on plus free progs and instructions Cheers

Report •

January 11, 2011 at 10:39:45
Thanks so much for the reply. (We're getting snow today so my work was cancelled and I'll be home and on my partner's computer all day until I get this fixed.)

Do I have to use IE? I gave up that search engine for Google Chrome, which I was told is a more secure search engine. Can I follow the steps you suggest in Google Chrome?

Report •

January 11, 2011 at 10:41:59
I did what you suggested in IE, since I didn't see the same options in Google Chrome.

However, use a proxy server was NOT checked to uncheck. Now what?

Thanks for your time!

Report •

Related Solutions

January 11, 2011 at 10:45:26
Found the settings in Google Chrome, too, (just called something different), and like in IE, the use proxy box was NOT checked.

Report •

January 11, 2011 at 11:04:47
Additional info re: unability to connect to Internet:

When I try to connect to the Internet I get this msg:
Unable to connect to the Internet.
Google Chrome can't display the webpage because your computer isn't connect to the Internet.
You can try to diagnose the problem by taking the following steps:

Click Start, click Run, type %windir%\network diagnostic\xpnetdiag.exe, and then click ok.

However, when I try that for wireless connection, I get this msg:

Windows is not currently managing your wireless network. To diagnose this wireless connection Windows needs to be managing the connection. If you are using a non-Microsoft application to manage wireless networks, please refer to that application to troubleshoot the wireless network problems.

When I view the Diagnostic Log, some of what it says is:
Wireless - Service disabled
info Redirecting user to support call

WinSock Diagnostic
WinSock status
provider chains are valid
All provider entries passed the loopback communication tests.
Connectivity is valid.

Network adapter status
info Network connection status: Media disconnected

HTTP, HTTPS, FTP Diagnostic
All six connectivities were warnings that say: The server name or address could not be resolved
And there were three errors that say Could not make an HTTP, HTTPS, FTP connection

Report •

January 11, 2011 at 13:25:33
download winsockfix & LSPfix to a thumbdrive on another PC and then execute the winsockfix on your PC and see if you can connect. If not, then try the LSPfix.

Some HELP in posting on plus free progs and instructions Cheers

Report •

January 11, 2011 at 14:48:44
I had the same problem. Here is what I did to get my wireless connection back. It worked but the computer is really slow. Anyway go to the start menu select run when the box opens type cmd and click ok, (that will take you to the command prompt) type ipconfig - that will show you the settings. (you can skip that step if you don't care to see the settings). Then type ipconfig /release. return. then type ipconfig /renew. return. Now you should be able to connect.
good luck

Report •

January 11, 2011 at 19:27:33
My cousin (from long distance) is also trying to help me as she's an IT person at a large hospital. She suggested I download (on my partner's laptop) and transfer to mine via thumbdrive: Malwarebytes' Anti Malware program and run that scan. I did and it found 54 infected items, which I deleted. Upon reboot and running a second scan, my laptop is now "clean". However, it did NOT restore my Internet access.

So, I likewise downloaded the winsockfix and LSPfix (tranferred to my computer via thumb drive) and have tried running the winsockfix but am not understanding where to do the manual fix for XP it talks about under the Info tab. I'm waiting for further explanation from my cousin and will proceed from there.

Will let you know what happens after that. Just didn't want you to think I was ungrateful or not following your recommendations. It's just taking a while on my end to complete all the system scans first.

Have a good evening!

Report •

January 12, 2011 at 04:42:03
The wltrysvc.exe, which was identified as a trojan, is part of the dell wireless driver. I cannot tell whether it is a false positive or not, but with moving or deleting the file you corrupted your wireless network driver. In order to get internet access back, you need to re-install the wireless driver.

Report •

January 12, 2011 at 05:15:14
In the last post, I forgot to mention that I do have the same problem.

A scan of this file with several virus scanners did not report any infection:

I guess it is a false positive.

Report •

January 12, 2011 at 14:03:23
I have exactly the same internet... Exactly same messages.... Help!!! tried everything!

Report •

January 12, 2011 at 14:06:30
...Forgot to say....same computer. Same trojan. Same msg... Same date it happened on. Using my phone to access internet. Run mal ware etc.....

Report •

January 12, 2011 at 17:48:01
Dear bbock,
Thanks for replying, but I don't know where to find or how to reinstall my wireless driver. Another friend set up my laptop when I was gifted it about 4yrs ago.

More help please?! :)

Report •

January 12, 2011 at 17:53:53
I still can't get the Winsockfix to "run" since I don't know where to do the manual fixes for XP.

When I tried "running" LSPfix as soon as that page opened, it says in the middle of it: No problems found. There are no files listed on the remove side. On the keep are four:
mswsock.dll Tcpip
winrnr.dll NTDS
nwprovau.dll NWLink IPX/SPX/NetBIOS...
rsvpsp.dll (Protocol handler)

Any more guidance on what to do next? Many thanks!

Report •

January 13, 2011 at 12:15:27
I have had the same problem with my Dell Inspiron 1300 and AVG. Suddenly lost internet and signal strength bar disappeared from tray. Solution which worked for me as follows. Deleted "infections" in AVG. On another computer went to Dell website and put in the tag to get the right support page, noticed the Wireless card driver had been updated since I got my computer. It is for the Dell Wireless 1370PCI card. Downloaded driver (approx 50MB) to pen drive, and plugged into laptop. Go to my computer and then find program on pen drive. Double click, and follow instructions and hey presto I am back in business.

Report •

January 17, 2011 at 12:36:17
@cavrbab: You need to re-install the driver either from the CD that was delivered with your computer or you can download the driver from -> support.

On the Dell support website, you can enter your "service tag" code, which is printed on your computer to go directly to the appropriate page for your computer. Look for wireless driver, download, start the setup program and follow the instructions.

Report •

January 17, 2011 at 13:06:04
I wanted to thank everyone who took the time to write and help me esp. bbock, ChemicalDave, and XPUser4Real. For someone who is "self-taught" at computers you guys are a lifesaver.

I am back up with Internet access restored. Since connecting on my laptop, I was able to update the Malwarebytes my cousin had my download via my partner's laptop and run an updtd version of the scan. It found over 34 infected objects again, most of which were from Gamevance (beware!). (I'm not even sure where Gamevance came from but I'll be more wary of the source of things I click on.) I again deleted, rebooted, rescanned and am clean again. Then I downloaded ALL of the updates from Dell for my service tag and my laptop model, again rebooted, and seem to be okay now.

Again, thank you sincerely for your kind assistance!

Report •

Ask Question