MBAMproblem

Update - 2.0.1.1004

11 posts in this topic

Had an update tonight to version  2.0.1.1004. While the update (download and installation) was taking place, ESET' NOD32 blocked the following 2 elements. I had nothing else running and wasn't browsing the Web either.

 

2014-04-05 00:03:10    Real-time file system protection    file    D:\System Volume Information\_restore{612D3D17-1360-41CC-AEF6-BB18E6A7D1F6}\RP1934\A0443731.exe    a variant of Win32/Toolbar.Conduit.I potentially unwanted application    deleted - quarantined    AUTORITE NT\SYSTEM    Event occurred on a file modified by the application: C:\WINDOWS\system32\svchost.exe.

 

2014-04-05 00:03:02    Real-time file system protection    file    D:\System Volume Information\_restore{612D3D17-1360-41CC-AEF6-BB18E6A7D1F6}\RP1934\A0443730.exe    probably a variant of Win32/Complitly.A potentially unwanted application    cleaned by deleting - quarantined    AUTORITE NT\SYSTEM    Event occurred on a file modified by the application: C:\WINDOWS\system32\svchost.exe.

 

Coincidence?

Share this post


Link to post
Share on other sites

Hello MBAMproblem:

 

It is very likely a coincidence like you theorized.

 

HTH :)

Share this post


Link to post
Share on other sites

Had the automatic update this morning - running NOD32 V7 with signature database 9637. Nothing at all flagged.

Share this post


Link to post
Share on other sites

It's odd though. While installing, MBAM might have triggered something with svchost.exe detected by ESET. Actually, the way it happened is at the end of MBAM's installation, as soon as I hit the "Finish" button, the computer just froze. I decided to leave it alone for a while. Came back later and that's when I saw the warnings from ESET, and the computer was working again. However, MBAM wasn't fully enabled.

Share this post


Link to post
Share on other sites

Being these are sitting in system restore the installer probably set a restore point and that triggered eset to look there.

 

These werent active on your system.

Share this post


Link to post
Share on other sites

I run ESET, MBAM, AdwCleaner scans on a regular basis. I believe they all look inside System Restore files. AdwCleaner did delete a couple of traces of the incredibly annoying Conduit crapware in the registry before, but it's odd it did not delete those... Can you be 100% sure MBAM or whatever download process it may be using didn't pick up anything nasty on the way? I cannot believe MBAM would intentionally include spyware or adware with its software though...

Share this post


Link to post
Share on other sites

I run ESET, MBAM, AdwCleaner scans on a regular basis. I believe they all look inside System Restore files. AdwCleaner did delete a couple of traces of the incredibly annoying Conduit crapware in the registry before, but it's odd it did not delete those... Can you be 100% sure MBAM or whatever download process it may be using didn't pick up anything nasty on the way? I cannot believe MBAM would intentionally include spyware or adware with its software though...

 

Too bad we cannot edit posts on this forum...

 

As a clarification, I meant to say "a long time ago" instead of "before".

Share this post


Link to post
Share on other sites

Its definately not us.

 

You answered your own question i am pretty sure:

AdwCleaner did delete a couple of traces of the incredibly annoying Conduit crapware

So they were sitting in system restore because of the deletion and basically eset saw them there.

 

As long as you downloaded from us or an official site it would never have Conduit stuff with our downloads.

Share this post


Link to post
Share on other sites

You answered your own question i am pretty sure:

AdwCleaner did delete a couple of traces of the incredibly annoying Conduit crapware

So they were sitting in system restore because of the deletion and basically eset saw them there.

 

 

I do not believe MBAM would include Conduit, that's for sure.

 

But as I was saying, why would these entries in System Restore show up only yesterday, when I had deleted traces of Conduit a long time ago? Why didn't AdwCleaner, MBAM or ESET see anything before the MBAM update, as I run scans regularly (even the day before)?

 

I guess we'll never know. :(

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.