Bonjours ,
C est un faux positif , le fichier est légitime , mettez vos antivirus à jour :
Rapport Virus Total ::
Fichier conhost.exe reçu le 2009.11.17 15:39:50 (UTC)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/41 (0%)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.41 2009.11.17 -
AhnLab-V3 5.0.0.2 2009.11.17 -
AntiVir 7.9.1.70 2009.11.17 -
Antiy-AVL 2.0.3.7 2009.11.17 -
Authentium 5.2.0.5 2009.11.17 -
Avast 4.8.1351.0 2009.11.17 -
AVG 8.5.0.425 2009.11.17 -
BitDefender 7.2 2009.11.17 -
CAT-QuickHeal 10.00 2009.11.17 -
ClamAV 0.94.1 2009.11.17 -
Comodo 2969 2009.11.17 -
DrWeb 5.0.0.12182 2009.11.17 -
eSafe 7.0.17.0 2009.11.17 -
eTrust-Vet 35.1.7124 2009.11.17 -
F-Prot 4.5.1.85 2009.11.17 -
F-Secure 9.0.15370.0 2009.11.17 -
Fortinet 3.120.0.0 2009.11.16 -
GData 19 2009.11.17 -
Ikarus T3.1.1.74.0 2009.11.17 -
Jiangmin 11.0.800 2009.11.17 -
K7AntiVirus 7.10.898 2009.11.17 -
Kaspersky 7.0.0.125 2009.11.17 -
McAfee 5804 2009.11.16 -
McAfee+Artemis 5804 2009.11.16 -
McAfee-GW-Edition 6.8.5 2009.11.17 -
Microsoft 1.5202 2009.11.17 -
NOD32 4614 2009.11.17 -
Norman 6.03.02 2009.11.17 -
nProtect 2009.1.8.0 2009.11.17 -
Panda 10.0.2.2 2009.11.16 -
PCTools 7.0.3.5 2009.11.17 -
Prevx 3.0 2009.11.17 -
Rising 22.22.01.08 2009.11.17 -
Sophos 4.47.0 2009.11.17 -
Sunbelt 3.2.1858.2 2009.11.12 -
Symantec 1.4.4.12 2009.11.17 -
TheHacker 6.5.0.2.071 2009.11.16 -
TrendMicro 9.0.0.1003 2009.11.17 -
VBA32 3.12.10.11 2009.11.15 -
ViRobot 2009.11.17.2041 2009.11.17 -
VirusBuster 5.0.21.0 2009.11.17 -
Information additionnelle
File size: 271360 bytes
MD5...: 29d9fcdf65b7c823688a035937bb6697
SHA1..: 177e139755d2efe2ff447bf3b93b9b035e9be8ca
SHA256: 91722232861e35712b4c515247b23a942b908909118f1708dd97fd6cf37cc2fa
ssdeep: 6144:egpoUV1sLP2DyJsTpOqFK0IsmI8sGXzhTrmeR0gdm:egeom2DyAFKfsmrRA
o
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x7b27
timedatestamp.....: 0x4a5bc271 (Mon Jul 13 23:25:37 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x30cc8 0x30e00 6.64 72d7a979a99c0c393552bfcd6cbed6c2
FE_TEXT 0x32000 0x5322 0x5400 6.48 4efc3c5e7802ac598bb7f25021d55e02
.data 0x38000 0xf30 0x1000 0.55 58ace29510f35d68df7fd037bed78ffe
.rsrc 0x39000 0x86a8 0x8800 4.39 f238b59ba92fe628f404d90eba049230
.reloc 0x42000 0x2518 0x2600 6.73 c60d2df9ce12e7b614c3e6e8226ea892
( 9 imports )
> GDI32.dll: DeleteDC, GetDIBits, BitBlt, GetObjectW, SelectObject, CreateCompatibleDC, CreateDIBitmap, PatBlt, InvertRgn, CombineRgn, CreateRectRgn, StretchDIBits, SelectPalette, CreateCompatibleBitmap, GdiFullscreenControl, GdiFlush, PolyPatBlt, GetStockObject, SetBkColor, SetTextColor, SetDCBrushColor, GetNearestColor, DeleteObject, GetTextExtentPoint32W, GetTextMetricsW, EnumFontFamiliesExW, CreateDCW, GetTextFaceW, SetFontEnumeration, GetDeviceCaps, GetRegionData, GetRgnBox, PolyTextOutW, GetCurrentObject, SetBkMode, RealizePalette, SetSystemPaletteUse, GetStringBitmapW, CreateSolidBrush, TranslateCharsetInfo, GetCharWidth32W, CreateBitmap, SetBitmapBits, GetBitmapBits, StretchBlt, CreateFontIndirectW, SetDIBitsToDevice
> USER32.dll: RegisterClassExW, SetProcessDPIAware, GetForegroundWindow, SetCursor, SendMessageTimeoutW, TrackPopupMenuEx, UnpackDDElParam, CreateIconFromResourceEx, ReuseDDElParam, CreateWindowExW, GetDC, GetSystemMenu, SetActiveWindow, LoadCursorW, KillTimer, ReleaseDC, DestroyWindow, GetKeyboardLayout, SetTimer, ScrollDC, SetScrollInfo, GetWindowRect, MonitorFromRect, MapWindowPoints, GetMonitorInfoW, GetClientRect, ClientToScreen, AdjustWindowRectEx, GetCaretBlinkTime, GetWindowTextW, SetWindowTextW, SetWindowPos, NotifyWinEvent, MapVirtualKeyW, VkKeyScanW, CloseClipboard, InvalidateRect, GetClipboardData, OpenClipboard, ReleaseCapture, LoadIconW, LoadImageW, EnumDisplaySettingsW, BeginPaint, DrawIcon, EndPaint, DefWindowProcW, IsIconic, EnableMenuItem, LoadMenuW, AppendMenuW, SetMenuItemInfoW, ShowWindow, MessageBoxW, GetKeyboardState, ToUnicodeEx, GetMessageW, DispatchMessageW, UnhookWindowsHookEx, RegisterWindowMessageW, SetWindowsHookExW, GetWindowLongW, SetCapture, SetClipboardData, EmptyClipboard, GetKeyState, PrivateExtractIconExW, EnterReaderModeHelper, TranslateMessageEx, ConsoleControl, GetWindowPlacement, SetWindowPlacement, SystemParametersInfoW, ActivateKeyboardLayout, GetKeyboardLayoutNameA, GetKeyboardLayoutNameW, CopyIcon, DestroyIcon, DialogBoxParamW, EndDialog, GetDlgItemTextW, IsDlgButtonChecked, SendNotifyMessageW, SetWindowLongW, SendDlgItemMessageW, CheckRadioButton, GetSystemMetrics, SendMessageW, PtInRect, ScreenToClient, PostMessageW, LoadStringW, GetCursorPos, WindowFromPoint
> msvcrt.dll: malloc, free, __set_app_type, _controlfp, _except_handler4_common, __p__fmode, __p__commode, __setusermatherr, _amsg_exit, _initterm, _acmdln, exit, _ismbblead, _XcptFilter, _exit, _cexit, __getmainargs, memcpy, _local_unwind4, _vsnwprintf, wcschr, wcsncmp, wcsrchr, memset, atoi, _itoa, memmove, _terminate@@YAXXZ
> ntdll.dll: RtlPrefixUnicodeString, RtlIntegerToUnicodeString, RtlUnicodeToMultiByteSize, RtlInitializeCriticalSectionAndSpinCount, RtlConsoleMultiByteToUnicodeN, RtlDosSearchPath_U, ShipAssert, RtlExitUserProcess, NtReplyWaitReceivePort, NtOpenDirectoryObject, NtCreatePort, RtlOpenCurrentUser, NtEnumerateValueKey, NtQueryValueKey, RtlCreateTagHeap, NtOpenKey, NtAcceptConnectPort, NtWaitForMultipleObjects, NtSetInformationProcess, RtlReAllocateHeap, RtlInitCodePageTable, RtlUnicodeToMultiByteN, RtlMultiByteToUnicodeN, RtlCustomCPToUnicodeN, RtlOemToUnicodeN, RtlUnicodeToOemN, RtlExitUserThread, RtlInitUnicodeString, RtlUnicodeStringToInteger, NtSetEvent, NtCreateEvent, NtDuplicateObject, NtClearEvent, RtlDeleteCriticalSection, RtlInitializeCriticalSection, NtOpenProcess, NtQueryInformationProcess, NtVdmControl, NtReleaseMutant, NtWaitForSingleObject, NtCreateMutant, NtUnmapViewOfSection, NtReadVirtualMemory, RtlEnterCriticalSection, RtlLeaveCriticalSection, NtReplyPort, RtlCompareUnicodeString, RtlSizeHeap, DbgPrintEx, RtlAllocateHeap, NtCreateSection, RtlFreeHeap, NtMapViewOfSection, NtClose, RtlGetCriticalSectionRecursionCount
> API_MS_Win_Core_LocalRegistry_L1_1_0.dll: RegGetValueW
> KERNEL32.dll: GetOEMCP, GlobalSize, GlobalUnlock, GetStringTypeW, CreateFileA, GetSystemDirectoryA, GetModuleHandleW, GetACP, CreateThread, InterlockedExchange, Sleep, InterlockedCompareExchange, GetStartupInfoA, SetUnhandledExceptionFilter, GetModuleHandleA, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, GlobalFree, GlobalAlloc, InterlockedIncrement, InterlockedDecrement, GetVersionExW, VirtualProtect, lstrlenA, VirtualAlloc, GetSystemInfo, VirtualQuery, LocalAlloc, LocalFree, LocalReAlloc, LockResource, LoadResource, FindResourceExW, IsValidCodePage, GetCurrentProcessId, GetCurrentThreadId, GetLastError, CreateActCtxW, GetModuleFileNameW, SetEnvironmentVariableW, GetEnvironmentVariableW, CloseHandle, SetFilePointer, ReadFile, MultiByteToWideChar, FreeLibrary, LoadLibraryExW, ExpandEnvironmentStringsW, GetPrivateProfileStringW, CreateFileW, SetProcessShutdownParameters, GetProcAddress, LoadLibraryW, GetSystemDirectoryW, WideCharToMultiByte, GetCPInfo, lstrlenW, Beep, GetCurrentThread, GlobalLock
> IMM32.dll: ImmGetCompositionStringW, ImmGetGuideLineW, ImmGetContext, ImmGetOpenStatus, ImmGetConversionStatus, ImmReleaseContext, ImmAssociateContextEx, ImmAssociateContext, ImmTranslateMessage, ImmNotifyIME, ImmGetProperty, ImmGetCandidateListW
> ole32.dll: CoUninitialize, CoCreateInstance, CoInitializeEx
> OLEAUT32.dll: -, -, -, -, -, -, -
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Console Window Host
original name: CONHOST.EXE
internal name: ConHost
file version.: 6.1.7600.16385 (win7_rtm.090713-1255)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
trid..: Win 9x/ME Control Panel applet (31.8%)
Windows Screen Saver (26.8%)
Win32 Executable Generic (17.4%)
Win32 Dynamic Link Library (generic) (15.5%)
Generic Win/DOS Executable (4.1%)