Go Back   TechArena Community > Software > Operating Systems
Become a Member!
Forgot your username/password?
Register Tags Active Topics RSS Search Mark Forums Read

Sponsored Links



Win32.sober in Windows 7 RC (windows\system32\conhost exe

Operating Systems


Reply
 
Thread Tools Search this Thread
  #1  
Old 13-08-2010
Member
 
Join Date: Apr 2010
Posts: 276
Win32.sober in Windows 7 RC (windows\system32\conhost exe
  

Subsequent to working with Spybot a file called win32.sober is become aware of as an executable file (conhost exe). It's labeled as a "dialer". Is this a virus. I do not get eliminated by Spybot. If it is not a virus what is its intention. I have an troubles relating to conhost.exe as extreme as I be able to establish from forums etc conhost.exe is a valid procedure by means of Windows 7. I am working with AVG and it does not identify this as a virus (even though I have comprise and seen that convinced AV programs might detect conhost.exe as an contaminated executable).

Reply With Quote
  #2  
Old 13-08-2010
Member
 
Join Date: Apr 2009
Posts: 966
Re: Win32.sober in Windows 7 RC (windows\system32\conhost exe

The Microsoft is conscious of the Sober mass mailer worm alternative named Win32/Sober.Z@mm. The worm tries to attract users from side to side social engineering endeavor into opening an attached file or executable in e-mail. If the beneficiary opens the file or executable, the worm sends itself to the entire the contacts that are restricted in the systemís address book. Customers who are using the majority current and updated antivirus software are at a concentrated risk from infection by the Win32/Sober.Z@mm worm.
Reply With Quote
  #3  
Old 13-08-2010
Member
 
Join Date: Jun 2009
Posts: 311
Re: Win32.sober in Windows 7 RC (windows\system32\conhost exe

If the system which are infected by Win32/Sober.Z@mm, the malware is programmed to download and run malevolent files from convinced Web domains beginning on January 6, 2006. Beginning immediately regarding each two weeks subsequently, the worm is set to begin downloading and working with malevolent files from additional sites on the similar Web domains. Give pleasure to visit the site malevolent Software Removal Tool and the LiveOneCare site to observe if capable to eliminate it from your system.
Reply With Quote
  #4  
Old 13-08-2010
Member
 
Join Date: Apr 2009
Posts: 1,106
Re: Win32.sober in Windows 7 RC (windows\system32\conhost exe

The consumers who consider that they are infected by means of Sober or are not certain whether they are contaminated be supposed to visit Safety.live.com and prefer "Protection Scan" or run the most recent version or description of the Malicious Software Removal Tool from moreover Microsoft Update or Windows Update to create certain that their systems are free of charge of infection. In addition, Windows OneCare from Microsoft makes available detection for and fortification against Sober and its recognized variants. I have comprise been in correspondence by means of the publishers of Xara and as far as the engineer was anxious they do not utilize conhost.exe as part of their program and cannot give explanation why it's being invoked.
Reply With Quote
  #5  
Old 13-08-2010
Member
 
Join Date: Nov 2009
Posts: 785
Re: Win32.sober in Windows 7 RC (windows\system32\conhost exe

I encompass one appliance (Xara Xtreme Pro) that intermittently invokes conhost.exe. On one occasion the procedure is started it does not clear from Task Manager when Xara is shut down. Additionally, additional instances of conhost.exe come into view in Task Manager whilst Xara is working, frequently when an innovative document is started or opened. Not several of these instances clear from Task Manager when Xara is shut down. I have in addition checkered on an additional PC that's working Windows 7 and conhost.exe is on that apparatus as well. Be capable of somebody give pleasure to substantiate that conhost.exe is essentially a Microsoft file and optimistically give some indication as to why it fails to kill when the initiating program is shut down.
Reply With Quote
  #6  
Old 14-08-2010
Member
 
Join Date: May 2009
Posts: 970
Re: Win32.sober in Windows 7 RC (windows\system32\conhost exe

A includes itís have possession of SMTP routine for sending the e-mails. The beneficiary addresses are harvested from dissimilar files on the local apparatus. The worm installs itself into the system directory on the contaminated apparatus beneath the name SIMILARE.EXE. Two additional copies of the worm are accumulated on the local disk as well. This worm has a extraordinary mechanism which is accountable for the maintaining the worm active in the memory: it has two procedure working with and when one of them is terminated, the additional one determine to restart it extremely quickly.
Reply With Quote
  #7  
Old 05-09-2010
Member
 
Join Date: May 2009
Posts: 998
Re: Win32.sober in Windows 7 RC (windows\system32\conhost exe

That is the eliminate from the Avast definitions. I utilize Avast on 7 and Vista and it did not become aware of it. A additional scrupulous make sure in addition showed nix so I do not imagine it is a natural occurrence from the entire the current downloads. I imagine itís there is extremely superior chance that itís a false positive as consider the worm would be requesting have right of entry to the net which (even if it was dns packets) MS monitor would observe those. I encompass not seen no matter which dissimilar in the conhost from additional builds apart from the fact that at present it determine to close when I close cmd. is this a false positive. I be familiar with its been at the same time as in view of the fact that this thread has had no matter which added to the topic, additional than I immediately got home and when my computer came back up from idling for regarding 3 hours I had regarding 20-25 conhost.exe's working the back ground. And then one by one they departed. I am working with build 7048 64-bit. Immediately was unclear if it was or not.
Reply With Quote
Reply

  TechArena Community > Software > Operating Systems
Tags: , , , ,



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "Win32.sober in Windows 7 RC (windows\system32\conhost exe"
Thread Thread Starter Forum Replies Last Post
windows could not start because the following file is missing or corrupt: \windows\system32\config\system unnaturalsavage Windows Software 2 21-06-2011 12:50 AM
Net Framework in windows 7 startup error: Could not find file 'C:\Windows\system32\links2.txt'.__File name: 'C:\Windows\system32\links2.txt' Orrin Operating Systems 4 23-12-2010 03:08 PM
Deleting Win32.Sober.T@mm Bearer Networking & Security 5 15-03-2010 08:44 PM
Need to know about conhost.exe running in Windows 7! Zhankana_n Operating Systems 7 04-02-2010 11:09 AM


All times are GMT +5.5. The time now is 06:26 AM.