Trojan-Hacktool.GCM
What is Trojan-Hacktool.GCM?
Trojan-Hacktool.GCM is a hacktool rootkit trojan that belongs to a Rookit group that still pose as high threat on computers with its ability to hide iteself from antivirus applications. Common payloads of Trojan-Hacktool.GCM are disabled antivirus application, block of internet access on security-related websites and Windows update download center.
| Type | Trojan |
| Sub-Type | Rootkit |
| Aliases | |
| OS Affected | Windows |
| Detected By | AVG |
What Trojan-Hacktool.GCM Does?
It will modify Windows Registry and add the following entry/entries:
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ = ADVOCR.dll
The threat will drop the following malicious files:
- C:\Windows\System32\TCPCON.dll
- C:\Windows\System32\ADVOCR.dll
How to Remove Trojan-Hacktool.GCM Manually
1. Restart your computer in SafeMode
- After Power-On the computer, just before Windows start, press F8
- From the selections, Select SafeMode
2. Remove Registry entry that the threat added. You MUST BACKUP YOUR REGISTRY FIRST.
- Click Start > Run
- Type in the field, regedit
- Navigate and look for the registry entry mentioned above and delete if necessary
3. Delete malicious files that the threat added:
- Base on the given location above, browse and delete the file
- If no location is given, click Start>Search> and search for the file.
- If cannot be deleted, press Ctrl+Alt+Del to access Task Manager, see if the file is running in the process. If it is, select the file and click End Process. Perform file delete again.
Got infected with this trojan dont know how. Cannot fix it either because I am not a tech guy. I just brought it to a repair shop. They fix and install Norton Antvirus.
Translate