Good Sam Community

I've seen some complaints about their site bundling additional stuff with downloads. If this is true, it is not going to be good for their reputation.

However, this seems to becoming a common thing. When you update Java, you have to deselect stuff, or you get an ask.com toolbar. This for a security fix.

After doing most of the above I reset the PC. Removed everything and reinstalled Windows. I think I got Conduit again from a download from Cnet. They had some sneaky options for something I downloaded and although I was very careful to avoid it, somehow Conduit ended up on the PC. I think I have successfully removed it. So far so good, we will see.

karylkoch wrote:

shakyjay wrote:
Sounds like you have been hijacked by nationzoom. If that is the case then simply changing home page settings won't fix it. Try reading through this short thread on bleepingcomputer and it should help you take care of it Remove Nationzoom

Thanks I will go to this site. I know the going to the tools and changing my homepage did not work, that was the first thing I did. Thanks again, and it this works thanks a million. LOL

I do not know if you got this fixed but even with the tools to remove it you will still need to manually fix any shortcut icons.

az99 wrote:

1492 wrote:
Did you reboot Windows before running Malwarebytes(MB)? Otherwise, MB can flag the same issues as changes to the registry won't take effect until you do so.

Yes

What program did you install that Malwarebytes detected entries after running AdwCleaner and using the Clean function? I'd like to test it on my system.

I've encountered Conduit attached with shareware programs. Sometimes the author of the program is surprised that this was done. After I used a utility to extract data from a Mac disk image, and had Conduit splattere itself over a sandbox... a quick virtual machine snapshot rollback got rid of it. I'd hate to have encountered it on my desktop's machine OS though (as I'd probably have to restore the whole box just so I'm assured that it isn't infected.)

1492 wrote:
Did you reboot Windows before running Malwarebytes(MB)? Otherwise, MB can flag the same issues as changes to the registry won't take effect until you do so.

Yes

Did you reboot Windows before running Malwarebytes(MB)? Otherwise, MB can flag the same issues as changes to the registry won't take effect until you do so.

1492 wrote:
OK, that makes sense. I've tried a couple of NCH free apps, and have uninstalled them all. And here's why. Look what the free VideoPad Editor appears to include after monitoring its setup file:



Registry entries for Conduit. What many consider a browser hijack. Some even going as far to call it a virus? And appearing to attach itself to browser search requests, or for tracking browser behavior.

This is what AdwCleaner flagged "after" installing VideoPad:

Notice that you are given the option of unchecking these entries if you do not want them removed. But Conduit may be attached to the program itself, so removing the entries could have broken its functionality.

Alas, few freeware apps come without some type of strings attached. If anything, it appears AdwCleaner worked as it was designed? And likely doing you a favor in the process even though you may not have been aware, or even told of Conduit included in the software?

After you run AdwCleaner, run Malwarebytes and see if it detects things from AdwCleaner. It did on mine.

The first thing I do after downloading installable programs on the web is to go to Control Panel and arrange all programs by date installed. Anything that has installed on that date, that I didn't intend to install, I immediately uninstall.

I try, carefully, to avoid those programs but some have slipped through. After the uninstall I run Malwarebytes and sometimes do a virus scan with Norton. I bought the $20/life version of Malwarebytes and run it at least once a day. I am not necessarily endorsing the purchased version and rarely buy anything when I can get a free version.

I used W8 for a short period but can't say I know,for sure, how to boot to safe mode. Of course, in W7 you can reboot and press F8 key every second or so as it starts up. You can do a forced shut down by holding the power button down. When you start back up you get the opportunity to opt for safe mode. This is not recommended.

mikestock wrote:
Have you tried running Malwarebytes, Spybot and CCCleaner in the safe mode?

I have run all three as well as several others but not in safe mode. I haven't figured out how to get Win 8 into safe mode. I'll work on that. Thanks.

Have you tried running Malwarebytes, Spybot and CCCleaner in the safe mode?

I just got thru an episode with Conduit and have eliminated it but whenever I turn the computer on I get a message to the effect that it had a problem starting Conduit. Apparently something I can't find is trying to start Conduit, which is no longer there.

1492 wrote:
OK, that makes sense. I've tried a couple of NCH free apps, and have uninstalled them all. And here's why. Look what the free VideoPad Editor appears to include after monitoring its setup file:



Registry entries for Conduit. What many consider a browser hijack. Some even going as far to call it a virus? And appearing to attach itself to browser search requests, or for tracking browser behavior.

This is what AdwCleaner flagged "after" installing VideoPad:

Notice that you are given the option of unchecking these entries if you do not want them removed. But Conduit may be attached to the program itself, so removing the entries could have broken its functionality.

Alas, few freeware apps come without some type of strings attached. If anything, it appears AdwCleaner worked as it was designed? And likely doing you a favor in the process even though you may not have been aware, or even told of Conduit included in the software?

Thanx for the in depth investigation.
I was not mad about it and putting it back on is no problem. I just said to use caution (like read and understand what it is removing) which I did not.
I just ran it and let it remove what it found.
Then after it restarted I ran it again. It then showed something NCH so I looked further. I then also noticed that the desktop Icon for the video editor had changed and the program was no longer useable.

I always run Malware Bytes along with Avast and Defender and never had an issue with that program showing any problem.

It is good to see AdwCleaner goes further. But it is probably for smarter users than me. 🙂 I had no idea what the 50 files were it was telling me it was removing.