TrojanDownloader.ConHook.l
ConHook.I is a Trojan downloader for Windows platform. Once it is installed, Conhook.I will launch automatically as a Browser Helper Object each time the user starts Internet Explorer. ConHook.I will regularly download and install other nasty parasites, including Trojans, Keyloggers and fake antispyware software.
File System Modifications
- The following files were created in the system:
# File Name File Size (bytes) File Hash 1 %SYSTEMROOT%\system32\ovgypg.dll N/A N/A 2 %SYSTEMROOT%\system32\sldgtk.dll N/A N/A 3 %SYSTEMROOT%\system32\uucvtt.dll N/A N/A 4 faiafgge.dll 137,728 981d2156732b2bce0a5b037cb5bc246a 5 ixsall.dll 18,523 5c439a934d8e773a4d7ffc4ed183faf1 6 ovgypg.dll 129,024 12a80189b3e8bdac371304b5b52e629f 7 sldgtk.dll 129,024 37b3bdbefe302b0fe91be8b4a9726963 8 tuvvu.dll 266,336 d734569694d3bdc150318ab43bce789d 9 uucvtt.dll 129,024 1d3162c291ba65f28030288394c6c664
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ixsallMICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\tuvvuMicrosoft\Windows NT\CurrentVersion\Winlogon\Notify\faiafgge - The following CLSID's were detected:
HKEY..\..\{CLSID Path}592c5400-e9ef-4ac2-b2f1-fe7449de5f069f8edfc4-7a11-4f2d-95bf-9c7d57ab25cf7148cbb8-ba49-41d9-a2cd-79d6b5fc25c51799bf3b-0f5a-41e6-bed2-939773bf5fbd016F8D91-0562-41F9-BE72-AD4AD01F01554E86A50B-A7FF-4cae-B8B7-28A13B6D46F077181ABF-C9ED-4D9A-B3CE-19256A287788
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.