Trojan-Clicker.AA
Trojan-Clicker.AA is a damaging Trojan that creates security vulnerabilities to enable cyber-criminals control your machine and make it almost unusable by propagating itself. Trojan-Clicker.AA opens up firewalls and gathers confidential data. Trojan-Clicker.AA is able to redirect the targeted Internet users to malicious websites while they are normally browsing the web. You need to remove Trojan-Clicker.AA instantly upon detection.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%AppData%\domain.txt
File name: %AppData%\domain.txtMime Type: unknown/txt
%Windir%\11market.ico
File name: %Windir%\11market.icoMime Type: unknown/ico
%Windir%\gmarket.ico
File name: %Windir%\gmarket.icoMime Type: unknown/ico
%Windir%\auction.ico
File name: %Windir%\auction.icoMime Type: unknown/ico
Registry Modifications
The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C6CA493-9BEB-483a-B8DF-527C8AD37CE4}\shell\GmarketIcon\CommandHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C6CA493-9BEB-483a-B8DF-527C8AD37CE4}\shell\GmarketIconHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C6CA493-9BEB-483a-B8DF-527C8AD37CE4}\shellHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C6CA493-9BEB-483a-B8DF-527C8AD37CE4}\DefaultIconHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C6CA493-9BEB-483a-B8DF-527C8AD37CE4}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6CD05C0-7E18-4c8d-BEC5-1DBCA0B259C5}\shellHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6CD05C0-7E18-4c8d-BEC5-1DBCA0B259C5}\DefaultIconHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6CD05C0-7E18-4c8d-BEC5-1DBCA0B259C5}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C6CA493-9BEB-483a-B8DF-527C8AD37CE4}\ShellFolder
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C6CA493-9BEB-483a-B8DF-527C8AD37CE4}\shell\GmarketIcon\CommandHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C6CA493-9BEB-483a-B8DF-527C8AD37CE4}\shell\GmarketIconHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C6CA493-9BEB-483a-B8DF-527C8AD37CE4}\shellHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C6CA493-9BEB-483a-B8DF-527C8AD37CE4}\DefaultIconHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C6CA493-9BEB-483a-B8DF-527C8AD37CE4}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6CD05C0-7E18-4c8d-BEC5-1DBCA0B259C5}\shellHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6CD05C0-7E18-4c8d-BEC5-1DBCA0B259C5}\DefaultIconHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6CD05C0-7E18-4c8d-BEC5-1DBCA0B259C5}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C6CA493-9BEB-483a-B8DF-527C8AD37CE4}\ShellFolder
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.