WHO, WHAT, WHAT NEXT
I became aware of Conduit when my neighbor’s browser was hijacked and their system became unusable. At almost the exact same time our CEO Rob Cheng asked that I do an article on Conduit. He described how a family member was inundated with Conduit. He was clearly surprised at the effort it took to restore the system and remove this menace. He’s convinced that it’s not completely gone. That was in March of this year.
Fast forward 8 months and I am still dealing with Conduit. The only difference is now it is PC Pitstop customers that are being devastated by Conduit. Once installed, the average user has a very hard time removing it. In addition, it’s difficult to remove the infections caused by the Conduit redirects to dangerous places.
Let me be clear. Conduit is not a virus. It is installed by the user, usually inadvertently, while installing other software. Its most prevalent form is as a toolbar and search provider residing in your browser and programs list. It goes by more than one name and can come in many forms
The average user infected by Conduit, is also infected with real viruses, Win32 for instance. SweetPacks and Conduit are often found on the same system. This could be due as much to user inattentiveness as to a liaison of 2 nasties. Very seldom do I find a computer with Conduit being the only uwanted program or PUP. That’s not what they are about.
Conduit is a huge company and is based out of Israel. They are 1.4 billion dollars strong, give or take a few million. I find it interesting and get that Deja Vu thing going on because now, after infecting 100s of thousands of computers, Conduit has decided to get away from the “Toolbars” and Search products, clean up their image, so to speak. Now where have I heard this before? Oh yes, now I remember. <fontsize= +1>Gator(2005), as in the company Rob C. mentions 8 years later in his “The History of AdWare” article this month.
Just today we received this solicitation from Conduit. Pretty slick and business like.
I also just found this. As I veiw all 400 Conduit employees doing the Harlem Shake I’m convinced my first mental picture may have been correct. I could be wrong but I’m thinking this is not one of the tools I want in my shed. Obviously 260 thousand publishers were thinking only with their wallets and 260+ million unsuspecting installees were fooled into ruining they computers.
http://www.youtube.com/watch?v=QRsZVHUftUQ
I guess if you are a 1.4 billion dollar company raking money off of millions of unsuspecting infectees you’ve got something to dance about.
PC Matic can identify and remove the installed program as a Potentially Unwanted Program, but that’s not even half the problem. Until you follow the instructions for removing it from your browsers, and then do a full in-depth malware scan with PC Matic or other effective antivirus to remove the real viruses that have entered your system because of the redirects, you don’t stand a chance.
For sure we won’t run out of threats to warn you about. These are the types of potentially unwanted programs that led us to create some of the best protection software available. In this picture you can see the number of computers with Conduit, identified by PC Matic. At the time these figures were gathered 12% of the people who used PC Matic to clean their system were showing a Conduit Installation. This is a staggering infection rate. PC Matic has identified and cleaned thousand of computers containing Conduit. You can see that the rate of growth has increased each year starting with the first installation in 2010.
2.) The first thing to do is download the free version of REVO UNINSTALLER and uninstall any and all Browser Toolbars. Conduit uses many different names so there is no single name to look for. When it comes to protecting my banking information, nothing is worth the risk. I never install a toolbar or a new search engine other than Bing or Google and even then I don’t use their toolbar or search bar.
3.) If you are using Chrome, FireFox, or any browser, other than Internet Explorer, go to your Add/Remove Programs section in the Windows Control Panel and Uninstall them. Do not save anything. Do not save: Favorites, Settings, or Files.
4.) Next Open Internet Explorer, click on Tools or the Tools Cog, Internet Options, Advanced, Reset IE Settings To Default. Be sure that you put a check mark in the box for Delete Personal Settings while you are there. This will remove any previous tool bar settings or add-ons. You must now reboot your computer
5.) Boot into Safe-mode With Networking. Run PC Matic with the Full Malware Scan. In addition to PC Matic you can download the free Adware Removal Tool while in SafeMode With Networking and increase your chances of finding additional threats. if you don’t have PC Matic, use the FREE PC Matic Home Security.
Be aware that Conduit is not a trojan or a virus. It is only a means to redirect you to sites you don’t want to visit and that can infect you. If you are not using SuperShield that comes with PC Matic and stops malicious executables, then your odds of infection are greater. Be sure the protection level is set to SuperShield Protection.
There is no single program that catches all viruses, all the time.
Viruses change minute by minute. Before a virus can be removed from your system, it must be found, identified, and added to each virus definitions list. Only then can your antivirus detect infections while scanning. Increase your odds by scanning with multiple programs.
The HiJackers, Trojans, and infections you find will be varied and not necessarily identified as Conduit. Remove them.
6.) You can now reboot and re-install your browsers.
** If you’re using Chrome, check to see how many tabs are opening when you open Chrome. If there is an extra tab opening with the search symbol, remove it by clicking the Chrome Control Button on the top right corner of the opening window, click Settings, and under On StartUp , Open a Specific Page or Pages, you can remove the exta tab.
.
PC Matic can identify and remove Conduit in several of it’s forms. SuperShield can stop unwanted .exe files from firing off and further performing functions you are not aware of, but being vigilant is up to you. Be aware of what you are installing. READ before clicking OK.
In an attempt to create some levity, let me know if you are a user that likes your Conduit installation…or not.
_______________________________________________________
