Jump to content

Recommended Posts

Had an update tonight to version  2.0.1.1004. While the update (download and installation) was taking place, ESET' NOD32 blocked the following 2 elements. I had nothing else running and wasn't browsing the Web either.

 

2014-04-05 00:03:10    Real-time file system protection    file    D:\System Volume Information\_restore{612D3D17-1360-41CC-AEF6-BB18E6A7D1F6}\RP1934\A0443731.exe    a variant of Win32/Toolbar.Conduit.I potentially unwanted application    deleted - quarantined    AUTORITE NT\SYSTEM    Event occurred on a file modified by the application: C:\WINDOWS\system32\svchost.exe.

 

2014-04-05 00:03:02    Real-time file system protection    file    D:\System Volume Information\_restore{612D3D17-1360-41CC-AEF6-BB18E6A7D1F6}\RP1934\A0443730.exe    probably a variant of Win32/Complitly.A potentially unwanted application    cleaned by deleting - quarantined    AUTORITE NT\SYSTEM    Event occurred on a file modified by the application: C:\WINDOWS\system32\svchost.exe.

 

Coincidence?

Link to post
Share on other sites

It's odd though. While installing, MBAM might have triggered something with svchost.exe detected by ESET. Actually, the way it happened is at the end of MBAM's installation, as soon as I hit the "Finish" button, the computer just froze. I decided to leave it alone for a while. Came back later and that's when I saw the warnings from ESET, and the computer was working again. However, MBAM wasn't fully enabled.

Link to post
Share on other sites

I run ESET, MBAM, AdwCleaner scans on a regular basis. I believe they all look inside System Restore files. AdwCleaner did delete a couple of traces of the incredibly annoying Conduit crapware in the registry before, but it's odd it did not delete those... Can you be 100% sure MBAM or whatever download process it may be using didn't pick up anything nasty on the way? I cannot believe MBAM would intentionally include spyware or adware with its software though...

Link to post
Share on other sites

I run ESET, MBAM, AdwCleaner scans on a regular basis. I believe they all look inside System Restore files. AdwCleaner did delete a couple of traces of the incredibly annoying Conduit crapware in the registry before, but it's odd it did not delete those... Can you be 100% sure MBAM or whatever download process it may be using didn't pick up anything nasty on the way? I cannot believe MBAM would intentionally include spyware or adware with its software though...

 

Too bad we cannot edit posts on this forum...

 

As a clarification, I meant to say "a long time ago" instead of "before".

Link to post
Share on other sites
  • Staff

Its definately not us.

 

You answered your own question i am pretty sure:

AdwCleaner did delete a couple of traces of the incredibly annoying Conduit crapware

So they were sitting in system restore because of the deletion and basically eset saw them there.

 

As long as you downloaded from us or an official site it would never have Conduit stuff with our downloads.

Link to post
Share on other sites

You answered your own question i am pretty sure:

AdwCleaner did delete a couple of traces of the incredibly annoying Conduit crapware

So they were sitting in system restore because of the deletion and basically eset saw them there.

 

 

I do not believe MBAM would include Conduit, that's for sure.

 

But as I was saying, why would these entries in System Restore show up only yesterday, when I had deleted traces of Conduit a long time ago? Why didn't AdwCleaner, MBAM or ESET see anything before the MBAM update, as I run scans regularly (even the day before)?

 

I guess we'll never know. :(

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.