Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Anyone have experience with Adware Generic_r.KF (or close variant)?


  • Please log in to reply
6 replies to this topic

#1 Vincident

Vincident

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 03 July 2015 - 06:08 PM

Hello -

 

A friend was complaining that a Verizon pop-up ad appeared very often while surfing the 'net.
I installed and ran the free AVG version, which found three instances of Adware Generic_r.KF.

 

AVG secured these easily enough and I was able to delete the folders from which the viruses were found.

 

What concerns me is the paragraph from the AVG Threatlabs page:
"Adware Generic_r is a software that installs an additional program to display and/or download to your device unwanted advertisements, toolbars and may be considered privacy-invasive. These kinds of threats, called Adware, track your computer's web usage to feed you undesired ad pop-ups and some might even hijack your browser start or search pages, redirecting you to a different site or search engine than the one you had originally configured.Adware Generic_r is currently ranked 2 in the world of online malware."

AVG does not appear to have made any mention of finding and securing any "additional program".

 

I was wondering if anyone had experience finding and thoroughly removing this virus?

THANKS!

Vincent



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:56 PM

Posted 03 July 2015 - 06:20 PM

Lets run a couple of anti adware tools...

 

9-Lab Scan
 
Download 9-Lab Removal Tool. from one of the links below.

CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
 

http://9-lab.com/download/

Install the program onto your computer, then right click the icon RRXH2ZG.jpg run as administrator.

Go to the Update tab and update the program.

 

 

7RdkPsQ.png

Now go to the scanner tab and select Full Scan.



Upon Scan Completion Click Show Results.

FihDIFx.png

Now click the Clean button.

eCCJKcA.png

Once done cleaning you can go to the logs tab double click it and copy paste in your next reply.

 

Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

Source: http://www.techsupportall.com/adware-removal-tool/

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.

 

 ZHP Cleaner.

 

Download and save ZHP Cleaner to your desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/

Right Click and run as administrator.

Click on the Repair button.

At the end of the process you will be asked to reboot your machine.

After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 

 Zemana

 

Run a full scan with Zemana antimalware.

https://www.zemana.com/AntiMalware

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.

Note: Reboot after you remove infections.

 

 

Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

Source

http://thisisudax.org/

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


#3 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:03:56 PM

Posted 03 July 2015 - 06:40 PM

Hello Vincident, and welcome! :thumbsup:

AVG is an antiVIRUS program...and not an anti-ADWARE, or anti-MALWARE program (like MalwareBytes Antimalware for instance), so it may not secure any "additional programs" the threatlabs page mentions. Your best next step is to run an antimalware program. InadequateInfirmity mentioned a few above, but you may not need to run all of those. I'm not a big fan of running too many unnecessary programs in an attempt to remove some simple adware, but some of those may help if a MalwareBytes log is of major concern.

Personally, I'd run a scan with MalwareBytes and post that log to begin with, but that's up to you. In case you'd like to begin with that instead, instructions for running MalwareBytes is below:

Please download Malwarebytes Anti-Malware photo.jpg?sz=48 and save it to your desktop.
  • Double-click on the setup file (mbam-setup.exe), then click on Run to install.
  • Malwarebytes will automatically open to it's Dashboard. If you have never run this version, you should see a red note at the top indicating "A scan has never been run on your system"

    malwarebytes-anti-malware-fix-now.jpg
    .
  • Click on Update Now to download the current database definitions, then click the Scan Now >> button.
    .
  • If you have run this version before, you should see a green note at the top indicating "Your system is fully protected".
  • You will be prompted to update Malwarebytes...click on the Update Now button.

    malwarebytes-anti-malware-2-0-update-now
    .
  • The THREAT SCAN will automatically begin.

    malwarebytes-anti-malware-scan.jpg
    .
  • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.

    malwarebytes-anti-malware-potential-thre
    .
  • To complete any actions taken you will be prompted to restart your computer...click on Yes. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

    mbam4_zps490948cc.png
    .
  • After rebooting the computer, copy and paste the mbam.log in your next reply.
.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)
  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)
  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd


==========

In any case, please let us know how it goes! :)

bloopie

#4 Vincident

Vincident
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 03 July 2015 - 06:50 PM

Hey thanks a lot to both responders!

I do have som eexperience with Malwarebytes so I'll try that first and post the results.

 

Thanks again!

Vincent



#5 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:03:56 PM

Posted 03 July 2015 - 08:06 PM

Not a problem, we're here to help! :)

Let us know if you have any problems.

bloopie

#6 Vincident

Vincident
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 04 July 2015 - 01:13 PM

Well!

 

Malwarebytes found over 2700 issues! That's a record for me anyway.

 

Continuing to work on various other things (unused programs, toolbars, etc.). Overall things seem to be running better.

 

Thanks very much for the help!

 

Vincent



#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:56 PM

Posted 04 July 2015 - 01:21 PM

Post the logs please.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users