April 22, 2009 at 05:50:19
Specs: Windows XP
I really really need your help regarding my problem with my laptop.

Yesterday, I was running AVG.
I had 7viruses.
unfortunately, when i tried to heal and remove the viruses, a trojan could not be removed.

it is a Trojan horse Generic_r.BO
it is located in C:\WINDOWS\SYSTEM32\7D7C15\F0CDF9.EXE (3312)

then when i ran AVG again and again, four similar trojans would appear.
i can remove the three but the one above is impossible.
after that, the other three would show up again..

I sent an email to AVG with the infos my antivirus had.
and the my antivirus' email scanner kept on scanning it.

My flash disk has been infected also.
when i try to open folders in it, it would open in a separate window.

and then my internet explorer keep on showing up even though i did not open it.
it would got to some sort of
the language that the website uses is like chinese or something.

can anybody please help me with my problem?
how can i remove that trojan?
i also found a win32 heur...

Please please help me.

i would really appreciate your answers.


Report •

May 1, 2009 at 22:06:24
I had the same problem too with that virus. What I did is I scanned my computer with AVG while its in Safe Mode.
Try it.

But you have to also scan your Thumb Drives as well. This sort of virus passes on through external drives.

When you plug in your Thumb Drive, don't open it yet. Go to My Computer and right click on the Thumb Drive. If you see weird looking texts on top of the menu that means your TD is infected. To open your TD right click than explore so the virus won't activate.

Here is away to get rid of the virus on your TD:
1) Go to Control Panels and Click on Folder Options. On View
select "Show hidden files and folders" and unselect "Hide extensions fpr known file types" and "Hide protected operating system files". But be sure to set it again to defult after you've done taking out the virus.

2) Right click your TD and click explore. You will be surprised at what you will see. Some of your folders became hidden and the virus made .exe copies of them. Delete the .exe folders and un-hide your other folders by right clicking them then go to Properties, un-select Hidden. Then you will see autorun.ini and a RECYCLER folder. Delete those as well.

3) After deleting safe remove your TD than plug it in again. Right click it to make sure that those weird text don't show up. If it doesn't then your TD is now safe.

Re-scan your computer again with an anti-virus like AVG just to be sure that none of the viruses leeked out to your computer.

Report •
Related Solutions

Ask Question