Jump to content

snakethesniper

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Same thing today for me. It detects some hosts setted by Spybot Search & Destroy. Entries like: 127.0.0.1 "malicious url". So yes, it's a false positive.
  2. You're right, it could be added yesterday, even if it's weird since as you said, it's a known behaviour, searching online the conduit end file is from a couple of years ago.
  3. I'm the other user that today too has found the end file in his C:\ folder. As stated before, the file was completely empty, nothing written in it. As you said, usually contains some value like "OK", "true" etc, but that was not the case. Other weird thing is that this popped up the same day for other users, and for everybody it was MBAM that found it (I'm running Kaspersky Internet Security for live protection). Since some adwares (like conduit from what I've heard) leave this C:\end file, it's not properly a false positive. But the point is, there is the possibility that the end empty file was generated by some other software/update and that MBAM flags it as possible malware, since the behaviour is the same (it is found during the heuristic analysis). Am i wrong? Also there are no traces about some misbehaviour, or some weird browser extensions, no warnings from KIS, nothing wrong, so that leads me to the idea that the file was generated by something else and MBAM flagged it because that's a behaviour some malware has.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.