We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
TrojanDownloader:Win32/Conhook.E
Detected by Microsoft Defender Antivirus
Aliases: Trojan-Downloader.Win32.Small.eyw (Kaspersky) Generic Downloader (McAfee) W32/DLoader.CWBY (Norman) Mal/Generic-A (Sophos) SecurityRisk.Downldr (Symantec) TROJ_DLOADER.EWF (Trend Micro)
Summary
TrojanDownloader:Win32/Conhook.E is a Trojan that attempts to download content from a remote Web site. TrojanDownloader:Win32/Conhook is from a family of Trojans that injects its code into running processes which could, depending on configuration, allow the Trojan to bypass permission-based firewalls in order to gain Internet access.
To recover from an infection by Trojan:Win32/Conhook, follow these steps:
- Scan with antivirus software.
- Restart your computer.
- Take steps to prevent re-infection.
Scan with antivirus software
Trojan:Win32/Conhook.E may install or download other malicious software to your computer. To recover from this additional malicious software, you must run a full-system scan with an up-to-date antivirus product. Several companies provide antivirus software for this purpose. For more information, see http://www.microsoft.com/athome/security/downloads/default.mspx.
Restart your computer
To restart your computer
- On the Start menu, click Shut Down.
- Select Restart from the drop-down list and click OK.
Take steps to prevent re-infection
Do not reconnect your computer to the Internet until the computer is protected from re-infection. See the "Preventing Infection" section for more information.
Follow us
