Trojan Horse Generic.r_EXT Virus Removal Guide

I’ve also just discovered this Trojan Horse Generic.r_EXT on my computer. Is this virus dangerous? Can it steal my back account and other personal information if I don’t remove it? How does it come to my system? AVG 2015 doesn’t seem to delete it. It comes back again and again. How do I get it removed without reinstalling Windows?

Infected With Trojan Horse Generic.r_EXT Virus – How to Remove?

Trojan Horse Generic.r_EXT is categorized as terrible Trojan parasite and it usually can be detected by AVG. This virus can be bundled with free downloads or it can penetrate into the computer by visiting harmful websites, clicking suspicious links and pop-ups or downloading attachment from a spam Email. Once access, this virus can create system security flaws in order to bring more viruses and malware to damage your computer and steal more money from your pocket. Besides, random files and folders may be created in your computer to occupy your system resource, making your PC run like a snail. Although AVG is able to detect this virus but it always fails to remove it since such tricky Trojan does not have an interface, and its infected files are located in C:\Windows\System32\services.exe that can escape from elimination by all kinds of Antivirus programs.

Trojan Horse Generic.r_EXT virus can destroy your computer by performing many evil tasks. It can open a backdoor to malicious cyber criminals and allow them to access the infected computer and gather personal data such as credit card info, log in numbers of users without any permission. Besides, it can modify data and settings on your computer without any permission, therefore you may find your computer doesn’t run properly like usual. It may take a long time for you to start up the computer and you may receive fatal error like “Windows Explorer has stopped working” from time to time that blocks you from doing anything on the PC. When you open Task Manager, you can see CPU usage is high even if you only open few programs. The virus also has the ability to change your browser settings so you will suffer from browser redirection and annoying unwanted popups randomly. As mentioned above, it is recommended infected users get rid of Trojan Horse Generic.r_EXT virus manually without any hesitation in order to secure the stability and normal operation of the computer.

The following instructions require certain levels of computer skills. If you’re not sure how to delete this nasty Trojan, please live chat with YooCare experts now.

Dangerous Actions Performed by This Virus:

1. It can compromise your system and may introduce additional infections like rogue software.
2. It forces you to visit websites and advertisements which are not trusted and may lead you to pay money wrongly for worthless products.
3. It takes up high resources and strikingly slows down your computer speed and even causes your computer stuck frequently.
4. It may allow cyber criminals to track your computer and steal your personal information.

How Does This Virus Get On Your Computer?

From malicious drive-by-download scripts from corrupted porn and shareware / freeware websites.
Through spam email attachments, media downloads and social networks.
When clicking suspicious pop-ups or malicious links.
Open unknown email or download media files that contain the activation code of the virus.

About Trojan Virus Removal:

Currently many computer users had the same experience that this virus couldn’t be removed by any anti-virus applications. So the manual approach is always required to combat this virus. And here is the step-by-step removal guide for all computer users.

1. End the malicious process from Task Manager.

Once Trojan Horse Generic.r_EXT virus is installed, computer user may notice that CPU usage randomly jumps to 100 percent. At any time Windows always has many running processes. A process is an individual task that the computer runs. In general, the more processes, the more work the computer has to do and the slower it will run. If your system’s CPU spike is constant and remain at a constant 90-95%, users should check from Task Manager and see if there is a suspicious process occupying system resources and then end it immediately.

(The name of the virus process can be random.)

Press Ctrl+Shift+Esc to quickly bring up Task Manager Window:

task manager

2. Show hidden files and folders.

Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.

Click the View tab.

Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.

Folder Options

3. Open Registry entries. Find out the malicious files and entries and then delete all.

Attention: Always be sure to back up your PC before making any changes.

a. Press Windows key + R to open Run box. In the “Open” field, type “regedit” and click the “OK” button.


Then a Registry Editor window will pop up as the following picture shows:

registry editor

b. Search malicious files and registry entries and then remove all of them:

%AllUsersProfile%\Application Data\.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\[random]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Temp

Video Shows You How to Safely Modify Windows Registry Editor:

Trojan Horse Generic.r_EXT virus is a malicious and risky Trojan horse which usually attacks your computer without being noticed. This type of Trojan threat is created by cyber hackers with evil purposes. Like most of Trojan horses, it is able to conceal itself for a long time and gradually harm the infected PC. Generally speaking, this virus may come to your computer though many ways such as opening the unknown email and then clicking the strange link attached in it or opening the unknown website as well as downloading free applications and movies from the Internet. Once it is installed, it gives the hackers a great way to put additional viruses or software onto your computer. Besides, it may create a backdoor and connect to a remote server, allowing a remote attacker to gain control on the compromised computer. Your personal information may be leaked out and your computer system must undergo a drastic reduction in storage or hard drive space. Therefore, you are strongly recommended to remove this Trojan from the computer quickly.

Note: If you are not knowledgeable enough to be able to distinguish the location of this virus, or you are afraid of making mistake during the manual removal, please contact experts from Yoocare Online Tech Support for further help.

Published by on August 28, 2015 12:05 am, last updated on August 28, 2015 12:05 am

Leave a Reply

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On