Solved

Virus

Posted on 2013-11-05
4
396 Views
Last Modified: 2013-11-07
Hi Experts,

I'm new to e-exchange and could use some help. I seem to have something infecting my pc. I am running XP Pro and a program called "conduit search" has made itself my default browser and homepage. I can no longer change my homepage with internet options or change my default browser. It's infected IE and Firefox. My Bit Defender and all other scans have found nothing. The "conduit search" claims that it's searches are done on behalf of Bing (doubt that). It has also deleted and altered some of my files. Has anyone heard of this, and does anyone know how to get rid of it?
Thanks,
Blak81
0
Comment
Question by:blak81
  • 2
4 Comments
 
LVL 24

Accepted Solution

by:
aadih earned 500 total points
Comment Utility
Try:

(1) Disable or remove it from the browser add-ons.

(2) Remove from the browser search engine (choose another as default).

(3) Uninstall it from installed programs (using Revo Uninstaller).

(4) Scan with Malwarebytes Antimalware (free).

(5) Scan with Adwcleaner:

< http://www.bleepingcomputer.com/download/adwcleaner/ >

[First: Try, however, to restore your PC before the problem occurred (if recent) by booting up in safe mode with command prompt and typing rstrui.exe to restore.]
0
 

Author Comment

by:blak81
Comment Utility
Thank you for the quick response, very impressive. It's on my home PC and I will try your recommendations tonight and let you know. Thanks again.
0
 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
Comment Utility
Aadih made some good suggestions.  Try them, if they work  (especially System Restore) then you are set.  If you need more try SpyBHORemover and Chameleon (by makers of Malwarebytes).  See this for instructions on using:

https://forums.malwarebytes.org/index.php?showtopic=125373

It is for another problem, but is generally applicable.
0
 

Author Closing Comment

by:blak81
Comment Utility
I removed it with Malwarebytes. Did a full system scan (took a while), but it found 13 objects. Before I removed it, I could not remove "conduit" from the browser search engine or select another default, or disable it. It was in there pretty good. Thanks for the help aadih.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
A brand new malware strain was recently discovered by security researchers at Palo Alto Networks dubbed “AceDeceiver.” This new strain of iOS malware can successfully infect non-jailbroken devices and jailbroken devices alike.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now