Windows Security Tutorials - Herong's Tutorial Examples - v3.01, by Dr. Herong Yang
Diagnosis Results of Malware "Conduit Search"
This section provides some diagnosis result on a Windows 7 system infected by malware 'Conduit Search'.
Here is what I gather as diagnosis result on a Windows 7 system infected by malware "Conduit Search".
HijackThis Report entries:
O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe O20 - AppInit_DLLs: c:\progra~2\searchprotect\Main\bin\spvc32loader.dll C:\Program Files (x86)\SearchProtect\Main\bin
Task Manager entries:
cltmng.exe cltmngui.exe cltmngsvc.exe
System Services entries:
Search Protect by Conduit
Uninstalled Program entries:
Search Protect by Conduit
Firefox settings:
Home page: search.conduit.com Search provider: search.conduit.com
IE (Internet Explorer) settings:
Home page: search.conduit.com Search provider: search.conduit.com
Malware Producer Websites:
www.conduit.com search.conduit.com
The picture below shows Conduit changed IE search providers:
Table of Contents
About This Windows Security Book
Windows 8: System Security Review
Windows 8: System Security Protection
Windows 8 Defender for Real-Time Protection
Windows 7: System Security Review
Windows 7: System Security Protection
Windows 7 Forefront Client Security
Norton Power Eraser - Anti-Virus Scan Tool
McAfee Virus and Malware Protection Tools
Spybot - Spyware Blocker, Detection and Removal
Keeping IE (Internet Explorer) Secure
Malware (Adware, Spyware, Trojan, Worm, and Virus)
HijackThis - Browser Hijacker Diagnosis Tool
IE Add-on Program Listing and Removal
►"Conduit Search" - Malware Detection and Removal
What Is Malware "Conduit Search"?
"Conduit Search" Ad after Reinstalling Firefox
►Diagnosis Results of Malware "Conduit Search"
Removing Malware "Conduit Search"
"Tube Dimmer", "Scorpion Saver" or "Adpeak" Malware
Malware Manual Removal Experience
Vundo (VirtuMonde/VirtuMundo) - vtsts.dll Removal
Trojan and Malware "Puper" Description and Removal
VSToolbar (VSAdd-in.dll) - Description and Removal
PWS (Password Stealer) Trojan Infection Removal