New
#1
W32.Sober in conhost.exe?
SpyBot discovered W32.Sober in file Windows\System32\conhost.exe (build 6956). Can somebody confirm it? Or it's fake alert?
SpyBot discovered W32.Sober in file Windows\System32\conhost.exe (build 6956). Can somebody confirm it? Or it's fake alert?
can you do a sfc /scannow???
or if you dont want to go thorough that process can you give us the MD5 hash
go here
http://www.whitsoftdev.com/md5/
download the unicode and open it point to the file itself and post the hash here..
yes this is a false alarm...
have 6956 in vm...
clean install
there are no connections bypassing the firewall (got ms network monitor to check for that)
and frankly avast would have picked it up (on my real machine have 6956...)
you can also check in processxp
its strings
if you know how...
here is conhost.exe strings...
i see nothing out of the ordinary in the strings....
edit: two shawns...lol
this file was running when i was playing GTA IV.
but then after a few runs, it's gone.
Thanks for the info Shawn,
Was thinking of replacing my 6801 x86 with 6956 but think I'll wait till the public beta![]()
![]()