Vortex322

Please help what was this virus?

5 posts in this topic

U just ran a sacn today it found

Exploit.Drop.GS

I never heard of it before I hear it makes your PC go slow but my PC has been running fine. False positive maybe it was removed so I guess it doesn't really matter just a little paranoid I hate viruses

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.02.06.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Charres :: CHARRES-PC [administrator]

2/6/2013 2:53:30 PM

mbam-log-2013-02-06 (14-53-30).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|Q:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 476866

Time elapsed: 1 hour(s), 22 minute(s), 46 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Users\Charres\AppData\Local\Temp\conhost.dll (Exploit.Drop.GS) -> Quarantined and deleted successfully.

(end)

Share this post


Link to post
Share on other sites

It is NOT a virus.

It exploit code related.

That means conhost.dll is associated with code that can be used to exploit a vulnerability in the computer OS or in a application or software installed within that OS.

Usually the word "drop" in the name would be indicative of a dropped exploit and the GS is either a version such as GS vs GT or GR but it could also be an acronym associated with the type of exploitation performed by the DLL file (Dynamic Link Loader).

All viruses are malware but not all malware are viruses and viruses actually make up a small fraction of the malware seen in the wild. It is a common, public, misperception that all bad software are viruses. All bad software are malware where mal is short for MALicious as in Malicious Software.

HTH

Share this post


Link to post
Share on other sites

So I basically have nothing to worry about once it was remvoed correct?

Share this post


Link to post
Share on other sites

For the most part - yes.

Since it is associated with code that can be used to exploit a vulnerability, is it incumbent upon you to make sure that ALL software is up-to-date.

Prevention is always better than cure.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.