Home / malware TrojanClicker:Win32/Clikug.C
First posted on 05 June 2014.
Source: MicrosoftAliases :
There are no other names known for TrojanClicker:Win32/Clikug.C.
Explanation :
Threat behavior
Installation
This threat is usually bundled with other software.
When run, it installs the following files:
- %APPDATA% \IdleCrawler\IdleCrawler.exe - TrojanClicker:Win32/Clikug.C
- %APPDATA% \IdleCrawler\IdleProfile.exe - component file
We have seen this threat create the Chrome browser extension Pointer on inner viewed links coordinates version 2.4 in %TEMP%\GCC\Profile\Default\Extensions\\2.4_0.
Payload
Uses your PC for click fraud
This threat creates Chrome browser extensions that can use your PC for click fraud.
It can also monitor your browsing activities, such as tracking the websites you visit, and counting clicks and log responses for each website.
This malicious activity can severely impact the speed of your Internet connection as well as lead to excessive data usage charges from your Internet service provider.
Analysis by James Dee
Symptoms
The following could indicate that you have this threat on your PC:
- Your PC is running slower than usual
- You have these files:
%APPDATA%\IdleCrawler\IdleCrawler.exe - TrojanClicker:Win32/Clikug.C
%APPDATA%\IdleCrawler\IdleProfile.exe - component file that creates malicious Chrome profiles and extensions
%TEMP%\GCC\Profile
%TEMP%\GCC\Profile\Default\ExtensionsLast update 05 June 2014
