Jul 5, 2016

Trojan Generic_R.KGN Virus Removal Instruction

I installed AVG Free version 3 days ago and since yesterday it started reporting a virus called Trojan Generic_R.KGN naming ‘svchost.exe’ as the infected file. I have tried to both Remove & Ignore the threat, but a few minutes later it came back again. I can’t seem to delete the file. Not sure what to do now. Is there any other way I can get rid of the threat without reformatting my PC?

Trojan Generic_R.KGN Virus Description:

Trojan Generic_R.KGN belongs to Trojan parasite which is a malicious computer program that infects target computer system by exploiting system security leaks and can cause many malicious activities on the infected PC. There are several ways you can get infected with this kind of Trojan virus. Generally speaking, it may come to your computer after clicking on malicious links or after visiting a hacked website. You may also get the virus by opening attachment from spam emails or clicking on suspicious pop-up ads. Once the virus is downloaded and installed, it can be used for monitoring victim’s web searches and browsing habits. Meanwhile, it modifies system settings, creates malicious files and a certain registry entry in order to run every time you start your machine. You will keep receiving same warning from AVG or other security programs:

Threat : Trojan horse Generic_r.KGN
Object name : c:\Windows\System32\drivers\36cef29449e34d954b31afba27a30fea.sys
Process name : C:\Windows\System32\svchost.exe
Process Id : 1032
Created : 01/07/2016, 15:47:21
Username : System
Session Id : 0

The warning keeps recurring no matter you select “Remove” or “Ignore” the threat. It is not only annoying, but also dangerous for personal information. The virus can open backdoor and install additional adware, browser hijackers and other viruses which significantly slow down the system’s performance, causing a variety of errors and malfunctions. It gathers sensitive information like your log-in details, user names, credit card information and monitors your Internet browsing activities. Sometimes, it can even redirect your browser to harmful websites and harass you with annoying ads. Hence, if you want to keep using your computer safely and uninterruptedly, you have to get rid of Trojan horse Generic_r.KGN from your PC as soon as possible.

The following instructions require certain levels of computer skills. If you’re not sure how to delete this nasty Trojan, please live chat with YooCare experts now.

Dangerous Actions Performed by This Virus:

1. It can compromise your system and may introduce additional infections like rogue software.
2. It forces you to visit websites and advertisements which are not trusted and may lead you to pay money wrongly for worthless products.
3. It takes up high resources and strikingly slows down your computer speed and even causes your computer stuck frequently.
4. It may allow cyber criminals to track your computer and steal your personal information.

How Does This Virus Get On Your Computer?

From malicious drive-by-download scripts from corrupted porn and shareware / freeware websites.
Through spam email attachments, media downloads and social networks.
When clicking suspicious pop-ups or malicious links.
Open unknown email or download media files that contain the activation code of the virus.

About Trojan Virus Removal:

Currently many computer users had the same experience that this virus couldn’t be removed by any anti-virus applications. So the manual approach is always required to combat this virus. And here is the step-by-step removal guide for all computer users.

1. End the malicious process from Task Manager.

Once Trojan Generic_R.KGN virus is installed, computer user may notice that CPU usage randomly jumps to 100 percent. At any time Windows always has many running processes. A process is an individual task that the computer runs. In general, the more processes, the more work the computer has to do and the slower it will run. If your system’s CPU spike is constant and remain at a constant 90-95%, users should check from Task Manager and see if there is a suspicious process occupying system resources and then end it immediately.

(The name of the virus process can be random.)

Press Ctrl+Shift+Esc to quickly bring up Task Manager Window:

task manager

2. Show hidden files and folders.

Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.

Click the View tab.

Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.

Folder Options

3. Open Registry entries. Find out the malicious files and entries and then delete all.

Attention: Always be sure to back up your PC before making any changes.

a. Press Windows key + R to open Run box. In the “Open” field, type “regedit” and click the “OK” button.


Then a Registry Editor window will pop up as the following picture shows:

registry editor

b. Search malicious files and registry entries and then remove all of them:

%AllUsersProfile%\Application Data\.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\[random]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Temp

Video Shows You How to Safely Modify Windows Registry Editor:

Trojan Generic_R.KGN virus is a trojan horse that is mostly used by hackers to open the backdoors of the system and allow them to get an unauthorized access on the infected PC. Besides, it has also been found to have keylogger capabilities or may simply be used to download malicious programs on victim’s computer. A computer can get infected with a Trojan generic in a variety of ways. This type of virus can be sent through email attachments or unknowingly downloaded from infected websites. Installation of new applications, such as online games, may also contain this virus. Upon execution, the computer performance must have been degraded greatly because the virus can create tons of junk files in the background to take up a plenty of computer resources and CPU memories. Users may also experience browser crash, Internet disconnection, blue screen of death or other PC issues. In summary, Trojan Generic_R.KGN is a nasty virus that can violate your privacy and compromise your security, you should get rid of it as quickly as possible.

Note: If you are not knowledgeable enough to be able to distinguish the location of this virus, or you are afraid of making mistake during the manual removal, please contact experts from Yoocare Online Tech Support for further help.

Published by & last updated on July 5, 2016 7:43 am

Leave a Reply

Your email address will not be published. Required fields are marked *

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On