Home > General > Troj/downloader.conhook.aa


Proxy servers may be used by attackers to hide the origin of malicious activity. Choose the Restore Defaults button now. Buck\Cookies\willis r. it is installed to system without any permission. 2. weblink

Is your PC infected with Win32/TrojanDownloader.ConHook.AA? C:\Documents and Settings\Willis R. The Ewido scan shows "No action taken". Should you wish to benefit from the real-time protection, you will need to upgrade the program. http://www.free-remove-spyware.com/post/Easy-Steps-to-Remove-Win32TrojanDownloader.ConHook.AA-From-PC_21_111144.html

Below is my HijackThis log, I would appreciate any help you can offer. C:\Documents and Settings\MikeP\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). Step 1: Click on the below button to download SpyHunter on your computer Step 2: Double click the icon of SpyHunter to run the program. To target your computer aggressively, the Trojan virus has been designed to attack your normal programs, particularly the security programs.

Buck\Cookies\willis r. C:\RECYCLER\NPROTECT\00135183.TXT -> TrackingCookie.Serving-sys : Cleaned. Buck\Cookies\willis r. You can find out more about it at the website link below.

Be caution to what you agree to install.

We highly recommend SpyHunter... First of all, you may need to change the Folder Options settings to show the hidden and protected files because the Trojan may create its files in hidden folders. C:\Documents and Settings\Willis R. Clean:- (if you use them) Firefox/Mozilla (optional - leave the cookies - see note) Opera Sun Java ZoneAlarm ...

It creates new harmful files with random names in your computer and changes your system files and registry entries without any permission. I hope you do not have to go through what I went through.

Summary Win32/TrojanDownloader.ConHook.AA is a risky Trojan virus that can invade into the computer without your knowledge. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq46.tmp -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). Before posting a HJT, read and follow all the directions here: http://www.help2go.com/component/opt...wtopic/t,9709/ My first guess would be that you have a Vundo infection.

B: Safe Mode on Other Windows 7, Windows XP and Windows Vista. C:\RECYCLER\NPROTECT\00135531.TXT -> TrackingCookie.Advertising : Cleaned. Posts 14,022 Points 2335 Hi 1. Choose 'troubleshoot' (4).

You should not underestimate the power of it for it even can inject malicious codes into the system and seriously mess up your system. have a peek at these guys Restart your computer and the system will be clean again. (Note: If you can't download any software due to the Trojan, you can download A professional malware removal tool by using Please suggest what I can do next, below is the ewido log. --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 2:46:06 PM 7/23/2006 + Scan result: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0098707.dll C:\Program Files\backups\backup-20060719-222236-676.dll -> Downloader.ConHook.aa : Cleaned with backup (quarantined).

For Windows 7/Vista, click Start button, go to Control Panel, go to Appearance and Personalization and click Folder Options. Do read terms and agreements before download and install free applications; 3. Site Message (Message will auto close in 2 seconds) Welcome Guest ( Log In | Register ) Kaspersky Lab Forum>English User Forum>Virus-related issues Virus Trojan-Downloader.Win32.ConHook.aa Options Khabarov View Member Profile http://mseedsoft.com/general/trj-downloader-mdw.html If you are prompted to insert your Windows XP disc, do so.

Click OK. It is suggested that those who are not familiar with computer use the former to erase the threat safely and fully. Shut down the infectious machine.

Since it disables your antivirus program and blocks you from detecting and removing it, you can consider manually removing it manually.

More Remove MSIL/Injector.HCF - How To Remove MSIL/Injector.HCF In Minutes

Remove Win32/Injector.ARLT - Get Rid Of Win32/Injector.ARLT The Easy Way

Remove Win32/TrojanDownloader.VB.BAW - Get Rid Of Win32/TrojanDownloader.VB.BAW The Easy Way

Remove Worm.Win32.Undef.kx - How C:\Documents and Settings\Willis R. C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0098702.dll -> Downloader.ConHook.aa : No action taken. Right click on anyway where around the applications. 2.

C:\Documents and Settings\Willis R. C:\Documents and Settings\Willis R. Buck\Cookies\willis r. this content And then search control panel from the search box.

Repeatedly hit press F8 key before Windows Advanced Option Menu loads. 3. Download ewido security suite install, update and run it. C:\Documents and Settings\MikeP\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined). The key is gone.

C:\RECYCLER\NPROTECT\00135184.TXT -> TrackingCookie.Serving-sys : Cleaned. [email protected][1].txt -> TrackingCookie.Doubleclick : Cleaned. C:\RECYCLER\NPROTECT\00135532.TXT -> TrackingCookie.Advertising : Cleaned. Windows Firewall then will be restored to the default values.

it may hijack, redirect and modify your web browsers. 4. C:\RECYCLER\NPROTECT\00135533.TXT -> TrackingCookie.Advertising : Cleaned. Under the "View" tab, check "Show hidden files, folders and drives" and uncheck "Hide protected operating system files. Click Startup Settings and then click Restart.

Delete the registry entries created by the Trojan. Press Win+R key together to get the Run box, type in 'regedit' then click OK, Registry Editor window will pop up (2). It is supported by other malicious Trojans and drops some potential threats like adware, rootkits and worms etc. Shut down the infectious machine.

C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP1364\A1478898.dll -> Downloader.ConHook.aa : Cleaned with backup (quarantined). Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SetIcon] C:\Program Files\Icons\SetIcon.exe O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 -