TROJ_ZCLICK.A
Posted: March 28, 2014
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 2 |
| First Seen: | March 31, 2014 |
|---|---|
| OS(es) Affected: | Windows |
TROJ_ZCLICK.A is a Trojan clicker, or a Trojan that's specialized in generating pay-per-click profits for its creators. TROJ_ZCLICK.A accomplishes this by hijacking your Web browser and forcing it to load pop-ups for specific websites. As a branch-off from ZeuS, the notorious banking Trojan, TROJ_ZCLICK.A should be considered nothing less than a high-level threat to your PC, regardless of the nature of any sites promoted by TROJ_ZCLICK.A. Whenever you identify the blatant signs of its pop-up attacks, anti-malware scans for removing TROJ_ZCLICK.A infections are the suggested solution. These indicators should be distinguished from the still undesirable pop-ups of adware and other add-ons.
When a Deity isn't Afraid to Stoop Low to Profit
ZeuS is a family that has seen more than a few updates of major significance lately and still been one of the most sophisticated evolving Trojans to date. However, it was with some surprise that malware researchers saw the ZeuS branch off into the direction of pay-per-click crimes. Such behavior is a marked difference from that Trojan's normal behavior of compromising online bank accounts. TROJ_ZCLICK.A is the result of this creative update and has found a new way to profit that, in terms of its basic functionality, doesn't differ much from the Ukash Virus or other ransom-based Trojans.
After TROJ_ZCLICK.A has infected the computer, TROJ_ZCLICK.A launches screen-wide pop-ups for arbitrary websites in an attempt to create artificial traffic. This traffic pays revenue to the tune of pennies per click that, presumably, finds its way to TROJ_ZCLICK.A's developers. TROJ_ZCLICK.A's pop-up tries to block itself from being closed and even may take over mouse input from the user, allowing it to imitate clicks when the user fails to interact with the website.
TROJ_ZCLICK.A pop-ups may appear at any time, but malware experts see them most often accompanying specific triggers, such as attempts to open another program or a file. Even if you find a way to avoid this initial pop-up, TROJ_ZCLICK.A is capable of displaying more than one pop-up at once, and may continue to create new ones as long as TROJ_ZCLICK.A is open.
Making Sure All of Your Website Clicks Really are Yours
The most obvious security problem from TROJ_ZCLICK.A is the fact that its pop-ups may prevent you from opening other programs or files. Keyboard shortcuts may be used to shift focus from a TROJ_ZCLICK.A pop-up to a separate window, but doing so will not disable TROJ_ZCLICK.A or prevent TROJ_ZCLICK.A from launching new pop-ups regularly. Malware researchers recommend taking steps to disable TROJ_ZCLICK.A and any other installed threats, such as booting from a safe removable device or booting into Safe Mode.
Anti-malware applications should be able to run without any interference once you've taken appropriate procedures to prevent TROJ_ZCLICK.A and other threats from being launched. Sadly, the investigation into the distribution methods in use by TROJ_ZCLICK.A is ongoing, and it is as of yet unknown whether TROJ_ZCLICK.A is installed by itself, or with other threats. For now, TROJ_ZCLICK.A is a warning that cybercrooks are continuing to find creative ways to use the Internet to rob people – even if that robbery is not targeted at the infected computer's user.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.