 | | Welcome to Windows 7 Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows 7. The Windows 7 forum also covers news and updates and has an extensive Windows 7 tutorial section that covers a wide range of tips and tricks. | Windows 7 - W32.Sober in conhost.exe?
|
12-16-2008
|
#1 | |
|
W32.Sober in conhost.exe?
SpyBot discovered W32.Sober in file Windows\System32\conhost.exe (build 6956). Can somebody confirm it? Or it's fake alert?
| My System Specs | | |
12-16-2008
|
#2 | |
Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM) |
can you do a sfc /scannow???
or if you dont want to go thorough that process can you give us the MD5 hash
go here http://www.whitsoftdev.com/md5/
download the unicode and open it point to the file itself and post the hash here.. | | My System Specs | | System Manufacturer/Model Number Tx2500z Tablet Pc/Homemade Server
OS Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM)
CPU Turion X2 ultra (oh well came with laptop)/P4 @3.2 (yes P4)
Motherboard IDK HP Motherboard / Intel DG965SS
Memory OCZ Dual Channel 4GB kit/ 1gb Dual Channel
Graphics Card HD 3200 graphics /GMA x3100 (yay for intergrated!!)
Sound Card Realtek HD Audio(mic working, well sort of)/Siig IC-70012
Monitor(s) Displays built-in Hp 12" laptop screen/ Acer 19"
Screen Resolution 1280x800 /1440x900
Mouse Logi MX Rev. /MS Wheel Optical 1.1A /Logitech Optical Mouse
Cooling All Air Cooled
Internet Speed College baby but its still routed through vpn to 1536k...
Other Info love my wacom pen and pressure sensitivity...
wished it worked in 7, SUSE for that matter though
|
12-16-2008
|
#3 | |
Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM) |
i got this
05f88bf36b0cdd276cc0b6ad9554b397 md5 hash
whats yours??? | | My System Specs | | System Manufacturer/Model Number Tx2500z Tablet Pc/Homemade Server
OS Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM)
CPU Turion X2 ultra (oh well came with laptop)/P4 @3.2 (yes P4)
Motherboard IDK HP Motherboard / Intel DG965SS
Memory OCZ Dual Channel 4GB kit/ 1gb Dual Channel
Graphics Card HD 3200 graphics /GMA x3100 (yay for intergrated!!)
Sound Card Realtek HD Audio(mic working, well sort of)/Siig IC-70012
Monitor(s) Displays built-in Hp 12" laptop screen/ Acer 19"
Screen Resolution 1280x800 /1440x900
Mouse Logi MX Rev. /MS Wheel Optical 1.1A /Logitech Optical Mouse
Cooling All Air Cooled
Internet Speed College baby but its still routed through vpn to 1536k...
Other Info love my wacom pen and pressure sensitivity...
wished it worked in 7, SUSE for that matter though
|
12-16-2008
|
#4 | |
|
Quote: Originally Posted by darkassain  i got this
05f88bf36b0cdd276cc0b6ad9554b397 md5 hash
whats yours??? It's same as I have, there are 2 options now:
1) Worm is in instalation files
2) SpyBot doing false alarm | | My System Specs | | |
12-16-2008
|
#5 | |
Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM) |
yes this is a false alarm...
have 6956 in vm...
clean install
there are no connections bypassing the firewall (got ms network monitor to check for that)
and frankly avast would have picked it up (on my real machine have 6956...) | | My System Specs | | System Manufacturer/Model Number Tx2500z Tablet Pc/Homemade Server
OS Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM)
CPU Turion X2 ultra (oh well came with laptop)/P4 @3.2 (yes P4)
Motherboard IDK HP Motherboard / Intel DG965SS
Memory OCZ Dual Channel 4GB kit/ 1gb Dual Channel
Graphics Card HD 3200 graphics /GMA x3100 (yay for intergrated!!)
Sound Card Realtek HD Audio(mic working, well sort of)/Siig IC-70012
Monitor(s) Displays built-in Hp 12" laptop screen/ Acer 19"
Screen Resolution 1280x800 /1440x900
Mouse Logi MX Rev. /MS Wheel Optical 1.1A /Logitech Optical Mouse
Cooling All Air Cooled
Internet Speed College baby but its still routed through vpn to 1536k...
Other Info love my wacom pen and pressure sensitivity...
wished it worked in 7, SUSE for that matter though
|
12-16-2008
|
#6 | |
Windows 7 Ultimate x64 SP1 |
Hello Shawn,
Yes, I can confirm the same thing. 
Shawn  | | My System Specs | | System Manufacturer/Model Number Self built custom
OS Windows 7 Ultimate x64 SP1
CPU Intel i7-980X 3.3 Ghz (3.48 Ghz OC'd)
Motherboard ASUS P6X58D Premium
Memory 12 GB (2GBx6) DDR3 PC3-16000 2000 MHz Kingston HyperX
Graphics Card Sapphire HD5870 Eyefinity 6 2GB
Sound Card Realtek HD Audio ALC889 Integrated Chip
Monitor(s) Displays 3x 27" Asus VE278Q
Screen Resolution 1920x1080
Keyboard Logitech Cordless Desktop MX 5500 Revolution
Mouse Logitech Cordless Desktop MX 5500 Revolution
PSU OCZ Series Gold OCZZ1000M 1000W
Case Corsair Obsidian 800D
Cooling Thermalright Ultra 120 Extreme Copper CPU heat sink w/120 MM
Hard Drives 160GB OCZ RevoDrive X2
** 2 x 1TB Samsung HDD HD154UI SATA
Internet Speed 50 Mb/s Download and 2 Mb/s Upload
Other Info Microsoft LifeCam Cinema
** Lite-On iHBS212 12x BD Writer
** Samsung CLX-3175FW Printer
** Netgear WNDR3800 Router
** Motorola SBG6580 Cable Modem
** 2x APC Back-UPS XS 1500
|
12-16-2008
|
#7 | |
Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM) |
you can also check in processxp
its strings
if you know how...
here is conhost.exe strings...
i see nothing out of the ordinary in the strings....
edit: two shawns  ...lol | | My System Specs | | System Manufacturer/Model Number Tx2500z Tablet Pc/Homemade Server
OS Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM)
CPU Turion X2 ultra (oh well came with laptop)/P4 @3.2 (yes P4)
Motherboard IDK HP Motherboard / Intel DG965SS
Memory OCZ Dual Channel 4GB kit/ 1gb Dual Channel
Graphics Card HD 3200 graphics /GMA x3100 (yay for intergrated!!)
Sound Card Realtek HD Audio(mic working, well sort of)/Siig IC-70012
Monitor(s) Displays built-in Hp 12" laptop screen/ Acer 19"
Screen Resolution 1280x800 /1440x900
Mouse Logi MX Rev. /MS Wheel Optical 1.1A /Logitech Optical Mouse
Cooling All Air Cooled
Internet Speed College baby but its still routed through vpn to 1536k...
Other Info love my wacom pen and pressure sensitivity...
wished it worked in 7, SUSE for that matter though
|
12-16-2008
|
#8 | |
Windows 7 Ultimate x64 SP1 |
I agree, but I just do not feel comfortable with it considering the source of the OS. | | My System Specs | | System Manufacturer/Model Number Self built custom
OS Windows 7 Ultimate x64 SP1
CPU Intel i7-980X 3.3 Ghz (3.48 Ghz OC'd)
Motherboard ASUS P6X58D Premium
Memory 12 GB (2GBx6) DDR3 PC3-16000 2000 MHz Kingston HyperX
Graphics Card Sapphire HD5870 Eyefinity 6 2GB
Sound Card Realtek HD Audio ALC889 Integrated Chip
Monitor(s) Displays 3x 27" Asus VE278Q
Screen Resolution 1920x1080
Keyboard Logitech Cordless Desktop MX 5500 Revolution
Mouse Logitech Cordless Desktop MX 5500 Revolution
PSU OCZ Series Gold OCZZ1000M 1000W
Case Corsair Obsidian 800D
Cooling Thermalright Ultra 120 Extreme Copper CPU heat sink w/120 MM
Hard Drives 160GB OCZ RevoDrive X2
** 2 x 1TB Samsung HDD HD154UI SATA
Internet Speed 50 Mb/s Download and 2 Mb/s Upload
Other Info Microsoft LifeCam Cinema
** Lite-On iHBS212 12x BD Writer
** Samsung CLX-3175FW Printer
** Netgear WNDR3800 Router
** Motorola SBG6580 Cable Modem
** 2x APC Back-UPS XS 1500
|
12-16-2008
|
#9 | |
Windows 7 Build 7057 x64/7068 x86 |
this file was running when i was playing GTA IV.
but then after a few runs, it's gone. | | My System Specs | | OS Windows 7 Build 7057 x64/7068 x86
CPU AMD Athlon X2 64 4200+ @ 2.6GHz
Motherboard Gigabyte GA-M55SLI-S4
Memory 4*1GB Kingston DDR2-667
Graphics Card Point of View 8800GT 512MB DDR3
Sound Card Integrated Realtek ALC850
Monitor(s) Displays ViewSonic VA712
PSU CoolerMaster 430W PSU
|
12-16-2008
|
#10 | |
Windows 7 Ultimate x64 + x86 + Windows 8 x64 |
Thanks for the info Shawn,
Was thinking of replacing my 6801 x86 with 6956 but think I'll wait till the public beta  | | My System Specs | | System Manufacturer/Model Number Real World Computing (Me + a little help from Acer)
OS Windows 7 Ultimate x64 + x86 + Windows 8 x64
CPU AMD Phenom II X6 1035T 2.6 GHz
Motherboard Aspire M3400
Memory 4Gb PC10600 DDR3 1333 MHz
Graphics Card NVIDIA GeForce 315 512MB
Sound Card OnBoard - Realtek High Definition Audio
Monitor(s) Displays Philips 32" HDTV, (HDMI) + 26" TV (VGA)
Screen Resolution 1920 x 1080 @60Hz + 1360 x 768 @60Hz
Keyboard Microsoft Wireless 800 or Stock Acer, (depends where I sit)
Mouse Microsoft Wireless 800 or Stock Acer, (depends where I sit)
PSU Stock (400W)
Case Acer M3400
Cooling Stock
Hard Drives 500 GB Seagate ST3500418AS SATA II
1 TB Hitachi HDS5C1010CLA382 SATAII
1 TB Samsung Spinpoint F1 HD103SI SATA II (external)
Plus various other (client ) HDDs as needed
Internet Speed Temporaray 3G Dongle
Other Info USB Capture + Webcam(s)
Also run Acer AspireOne 530h Netbook, Dual Core Atom + 1GB (Win7 Ult x86)
W32.Sober in conhost.exe? problems?
All times are GMT -5. The time now is 09:07 PM. |  |
