Jump to content

Problem - win32/toolbar.conduit.B


Recommended Posts

Hello, today ESET noticed to me varian of infiltration win32/toolbar.conduit.B. I cant remove it, I cant send it to you. What I have to do? It apears now in two folders .. 

Link to comment
Share on other sites

Conduit is actually a conduit for other spyware , malware etc, however most versions do not have a destructive payload.

I am not sure if ESET is designed to clean that, you may have to check all the options in the following pic using Advanced Setup :
 

If after that ESET does not remove, please submit the files for analysis to ESET and download Malwarebytes as an on-demand scanner, and perform a scan with that.

 

Quick scan should remove it, but i would encourage a full scan.

post-1101-0-00865800-1383951195_thumb.gif

Link to comment
Share on other sites

Yea, I tried remove them by the malwarebytes and now started apear Win32/Injector.AAKO (4 times) in same directory. You know why it may be? Or..? I started deep control with Eset and HitmanPro(malware and other stuff detecting/deleting soft) and also Malwarebytes and AdwCleaner too. Hope thats help.

Link to comment
Share on other sites

  • ESET Insiders

Xaress,

 

(+) Start SysInternals Autoruns

(+) search for Conduit in its results

(+) note the locations

(+) disable all instances (it could autostart from several places)

(+) delete all folders noted above

(+) (if any of folder says it cannot be deleted because the file is in use - kill EXPLORER.EXE and delete folders from DOS prompt; restart EXPLORER afterwards)

 

Also check for software that brought the Conduit (toolbars, games, ...).

Recently, popular are:

   Absolutist_Games

   Magentic toolbar

   MyAshampoo Toolbar (not to be mixed with legitimate Ashampoo software!)

   Flipora search engine

   Incredimail (?)

 

Tomo

Link to comment
Share on other sites

  • 1 month later...

Hi,

 

Conduit is actually nor malware. It's a company that makes a number of products.

 

One of these proficts is a tiilbar platform which is used by many different companies (and distributed under their names).

 

You probably downloaded a toolbar that was built on the conduit platform,

 

To remove conduit you can use the following guide - hxxp://www.uninstallconduit.net

I wrote this guide with the intent of allowing you to remove the toolbar by yourself without needing to install an additional program on your computer.

 

I hope you find it useful. 

Link to comment
Share on other sites

For more then a year i have been seeing conduit on peoples machines.

With every conduit software i see, it has been a 100% malware infected machine.

The ratio is 1/1

If Conduit is not malware.....

Then it is a conduit " for " malware.

Sorry

Edited by Arakasi
Link to comment
Share on other sites

  • 4 months later...
  • ESET Moderators

Hello,

Perhaps it is more of an issue where people who install PUAs like this toolbar are more likely to make other mistakes which allow the introduction of malware into their computing environment? In this case, the presence of the toolbar may serve more as a "warning canary" or precursor to an actual infection.

Regards,

Aryeh Goretsky

For more then a year i have been seeing conduit on peoples machines.

With every conduit software i see, it has been a 100% malware infected machine.

The ratio is 1/1

If Conduit is not malware.....

Then it is a conduit " for " malware.

Sorry

Link to comment
Share on other sites

Hello,

Perhaps it is more of an issue where people who install PUAs like this toolbar are more likely to make other mistakes which allow the introduction of malware into their computing environment? In this case, the presence of the toolbar may serve more as a "warning canary" or precursor to an actual infection.

Regards,

Aryeh Goretsky

 

For more then a year i have been seeing conduit on peoples machines.

With every conduit software i see, it has been a 100% malware infected machine.

The ratio is 1/1

If Conduit is not malware.....

Then it is a conduit " for " malware.

Sorry

 

 

True, also since this post, i have learned that conduit is actually a legit company who has no control over their source code.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...