U just ran a sacn today it found
Exploit.Drop.GS
I never heard of it before I hear it makes your PC go slow but my PC has been running fine. False positive maybe it was removed so I guess it doesn't really matter just a little paranoid I hate viruses
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.02.06.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Charres :: CHARRES-PC [administrator]
2/6/2013 2:53:30 PM
mbam-log-2013-02-06 (14-53-30).txt
Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 476866
Time elapsed: 1 hour(s), 22 minute(s), 46 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Charres\AppData\Local\Temp\conhost.dll (Exploit.Drop.GS) -> Quarantined and deleted successfully.
(end)
Please help what was this virus?
Started by Vortex322, Feb 06 2013 05:20 PM
4 replies to this topic
#2
Vortex322
-
- Members
-
- 4 posts
New Member
Posted 06 February 2013 - 05:21 PM
Sorry for any spelling erros english is not my first lanugague
#3
David H. Lipman
-
- Experts
-
- 2,591 posts
Forum Deity
- Gender:Male
- Location:Jersey Shore USA
- Interests:Malware Research, dSLR Photography, Numismatics & Surf Fishing
Posted 06 February 2013 - 05:36 PM
It is NOT a virus.
It exploit code related.
That means conhost.dll is associated with code that can be used to exploit a vulnerability in the computer OS or in a application or software installed within that OS.
Usually the word "drop" in the name would be indicative of a dropped exploit and the GS is either a version such as GS vs GT or GR but it could also be an acronym associated with the type of exploitation performed by the DLL file (Dynamic Link Loader).
All viruses are malware but not all malware are viruses and viruses actually make up a small fraction of the malware seen in the wild. It is a common, public, misperception that all bad software are viruses. All bad software are malware where mal is short for MALicious as in Malicious Software.
HTH
It exploit code related.
That means conhost.dll is associated with code that can be used to exploit a vulnerability in the computer OS or in a application or software installed within that OS.
Usually the word "drop" in the name would be indicative of a dropped exploit and the GS is either a version such as GS vs GT or GR but it could also be an acronym associated with the type of exploitation performed by the DLL file (Dynamic Link Loader).
All viruses are malware but not all malware are viruses and viruses actually make up a small fraction of the malware seen in the wild. It is a common, public, misperception that all bad software are viruses. All bad software are malware where mal is short for MALicious as in Malicious Software.
HTH
David H. Lipman
DLipman@Verizon.Net
DLipman@Verizon.Net
#4
Vortex322
-
- Members
-
- 4 posts
New Member
Posted 06 February 2013 - 05:51 PM
So I basically have nothing to worry about once it was remvoed correct?
#5
David H. Lipman
-
- Experts
-
- 2,591 posts
Forum Deity
- Gender:Male
- Location:Jersey Shore USA
- Interests:Malware Research, dSLR Photography, Numismatics & Surf Fishing
Posted 06 February 2013 - 05:56 PM
For the most part - yes.
Since it is associated with code that can be used to exploit a vulnerability, is it incumbent upon you to make sure that ALL software is up-to-date.
Prevention is always better than cure.
Since it is associated with code that can be used to exploit a vulnerability, is it incumbent upon you to make sure that ALL software is up-to-date.
Prevention is always better than cure.
David H. Lipman
DLipman@Verizon.Net
DLipman@Verizon.Net
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
