TrojanDownloader.ConHook.l

TrojanDownloader.ConHook.l Description

ConHook is a Windows Trojan downloader. Once installed on your PC, this parasite will load automatically as a Browser Helper Object each time you start Internet Explorer. ConHook will continuously download and install additional security risks, including Trojans, keyloggers, and rogue antispyware applications.

Technical Information

File System Details

TrojanDownloader.ConHook.l creates the following file(s):
# File Name MD5 Detection Count
1 %SYSTEMROOT%\system32\sldgtk.dll N/A
2 ixsall.dll N/A
3 %SYSTEMROOT%\system32\ovgypg.dll N/A
4 tuvvu.dll N/A
5 %SYSTEMROOT%\system32\uucvtt.dll N/A
6 ixsall.dll 5c439a934d8e773a4d7ffc4ed183faf1 N/A
7 tuvvu.dll d734569694d3bdc150318ab43bce789d N/A
8 faiafgge.dll 981d2156732b2bce0a5b037cb5bc246a N/A
9 tuvvu.dll f1bbba0a6c304eee81e796f656ac64e4 N/A
10 sldgtk.dll 37b3bdbefe302b0fe91be8b4a9726963 N/A
11 uucvtt.dll 1d3162c291ba65f28030288394c6c664 N/A
12 ovgypg.dll 12a80189b3e8bdac371304b5b52e629f N/A

Registry Details

TrojanDownloader.ConHook.l creates the following registry entry or registry entries:
Registry key
4E86A50B-A7FF-4cae-B8B7-28A13B6D46F0
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\faiafgge
9f8edfc4-7a11-4f2d-95bf-9c7d57ab25cf
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\tuvvu
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ixsall
7148cbb8-ba49-41d9-a2cd-79d6b5fc25c5
77181ABF-C9ED-4D9A-B3CE-19256A287788
016F8D91-0562-41F9-BE72-AD4AD01F0155
1799bf3b-0f5a-41e6-bed2-939773bf5fbd
592c5400-e9ef-4ac2-b2f1-fe7449de5f06