Solved

Adcash malware

  • 2 April 2015
  • 3 replies
  • 46 views

Hi, please who can help with Adcash attack. We have a licenced WR Antivirus on a PC (infected) a laptop and phone, Avast mobile on another PC and phone (both infected) .Why does the antivirus not catch it? We are desperate, need PC for work. Who can help?
thanks!!!
 
icon

Best answer by Attila 6 April 2015, 17:37

View original

3 replies

Userlevel 7
Badge +62
Hello @
 
Welcome to the Community Forum,
 
When adcash.com pop-ups and redirects show up on legitimate web sites such as Google, Facebook, Yahoo, and many others, it only denotes that it is cause by adware installed locally. Recently installed programs could be the reason why you are seeing adcash.com pop-up recently. It may come bundled with the free program that you have acquired. Many computer users do not intend to install adware, but since it is packed to free program, it is loaded without user’s idea.
 
What you are seeing and describing is what we on the Community refer to as a PUA. (Potentially Unwanted Application)These are very annoying at best in that they cause pop-us, redirect your browser home page, and other behavior that may slow down the computer and direct ads your way, but they are not actually doing anything bad like damaging files or stealing information. Often they are installed intentionally by you the user as browser add-ons for various tasks such as quick search tools.. but they also come with the result of added annoying pop-ups and ads. Other times they 'piggy back' with other software that you installed, or try to 'sneak' onto your system entirely.
 
WSA does detect and remove many PUA's, and more are being added, but WSA does not detect all of them. A simple browser add-on with PUA behavior that is easy to identify and easy to remove is not likely to be detected and removed by WSA. Those that are intentionally difficult to locate and remove are. Please see THIS LINK for more information regarding Webroot's stance on these annoying programs.
 
The best thing to do is to submit a Trouble Ticket and ask Webroot Support to take a look and remove these for you.  There is NO CHARGE for this for valid WSA license holder. I'd advise a Support Ticket because there is alot of registry cleaning to do to get rid of this aweful PUA!

 
EDIT: Please try cleaning your internet browser from clutter and unwanted add-on/extension is a must when dealing with adcash.com.

 
Also, we have had a lot of discussion regarding these recently, and I have posted an Idea for Webroot to consider asking them to increase PUA detection.  The more  users that need help removing a particular PUA the more likely and faster that PUA will be added to detection.
 
I hope this helps!
 
KInd Regards,
 
Hi Ssherjj, 
thanks so much for your reply!!! In our desperation we worked out that the culprit is the router which is provided by the local telephone company. dont ask my how and why, but if you switch internet source, all the spouke was gone... Now we have to see what to do with that router. Must contact the telephone provider and see what they say
 
Userlevel 7
Badge +62
Hi Attila,

Oh you are welcome! Glad you have it worked out. If you need anything just give us a shout!

Have a great day!

Kind Regards,

Reply