Trojan:Win32/ConHook

Detected by Microsoft Defender Antivirus

Aliases: Win32/Darksma!generic (CA) Trojan-Downloader.Win32.ConHook (Kaspersky) Downloader-AWX (McAfee) W32/ConHook (Norman) Troj/ConHook (Sophos) Downloader (Symantec) TROJ_CONHOOK (Trend Micro)

Summary

Trojan:Win32/Conhook is a family of Trojans that installs themselves as Browser Helper Objects (BHOs), and connects to the Internet without user consent. They also terminate specific security services, and download additional malware to the computer.

To recover from an infection by Trojan:Win32/Conhook, follow these steps:

Scan with antivirus software.
Restart your computer.
Take steps to prevent re-infection.

Scan with antivirus software

Trojan:Win32/Conhook.B may install or download other malicious software to your computer. To recover from this additional malicious software, you must run a full-system scan with an up-to-date antivirus product. Several companies provide antivirus software for this purpose. For more information, see http://www.microsoft.com/athome/security/downloads/default.mspx.

Restart your computer

To restart your computer

On the Start menu, click Shut Down.
Select Restart from the drop-down list and click OK.

Take steps to prevent re-infection

Do not reconnect your computer to the Internet until the computer is protected from re-infection. See the "Preventing Infection" section for more information.

Trojan:Win32/ConHook

Summary

What to do now

Scan with antivirus software

Restart your computer

Take steps to prevent re-infection

Technical information

Threat behavior

Installation

Payload

Downloads and Executes Arbitrary Files

Prevention

Symptoms