Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Browser Redirect nightmare

20 Mar 2015   #1
mohavepc

Windows 7 Professional x64
 
 
Browser Redirect nightmare

Hello my friends.

I am having a bit of an issue with a new infection that is kicking by butt. I have an Acer laptop with an i3 and 4gb ram. I have run the following tools. ADW, Malwarebytes, SuperAntiSpyware, Adaware, Eset Scan, MS essentials scan, TDSS Killer, MBAR Rootkit beta, TFC, JRT, CCleaner portable. all clean all run with admin priv. in safe mode with networking where applicable.

When you open "Any" Browser after 30seconds the cursor loses focus and if you click to gain it back you get a new page that redirects twice (address changes) and ends up on a "fake" Norton page saying your infected with a persistent pop up that requires you to CAD and kill IExplore.

For those of you who know me know I am very thorough and I have look through the registry at Run keys, IE Keys, Chrome keys, FF Keys, and Safari keys. Each browser shows clean of all add ons and all have been reset including the remove personal where applicable.

please help I have no hair left to pull out.
its nearing a reinstall but I hate to do that over a stupid browser hitchhiker.


My System SpecsSystem Spec
.
20 Mar 2015   #2
mohavepc

Windows 7 Professional x64
 
 

Never mind. there was a renamed piece of free "Conduit" software called skycaddie. Once remove the redirects stopped. found it through perusing a hijackthis log. it showed ok but had conduit extensions. It had 3 conduit processes loaded with windows.
My System SpecsSystem Spec
20 Mar 2015   #3
Gator

Dual Boot: Windows 8.1 & Server 2012r2 VMs: Kali Linux, Backbox, Matriux, Windows 8.1
 
 

When in doubt, its usually a program thats still on the system. I've been finding some nasty stuff lately.

Also, consider running Autoruns because sometimes there can be lingering problems when malwares startup files are still present.
My System SpecsSystem Spec
.

21 Mar 2015   #4
mohavepc

Windows 7 Professional x64
 
 

Quote   Quote: Originally Posted by Gator View Post
When in doubt, its usually a program thats still on the system. I've been finding some nasty stuff lately.

Also, consider running Autoruns because sometimes there can be lingering problems when malwares startup files are still present.
Indeed I did run Autoruns, always do as the next to last step along with clearing restore points and creating new ones. The only way I found this one was using Hijackthis log and saw 3 references to Conduit.sys and 2 conduit.dll tied to the sky caddie program. It passed all the scans and tests I could toss at it including AVG and Kasperski rescue cd's which are usually pretty good at catching hidden browser add-on's. There was nothing about the program that even bespoke of conduit accept the links to the sys and dll files (which are aslo manually removed).
My System SpecsSystem Spec
Reply

 Browser Redirect nightmare




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
WLM nightmare
Every time I go to set someone up with a live mail account and use their in existing email address the wretched program will not accept the address they already have and keeps requesting that it has to be set up as a hotmail one. If I ask it to use their own address it comes with some rubbish...
Browsers & Mail
ICS Nightmare! (pls help!!)
HELP!! (please) :shock: I don't know what else to do.:rolleyes: I have tried many different options and searched the net for similar issues but I haven't yet found the way out (or any hint to pintpoint the source of the problem) The problem: I have a desktop connected to Internet through a...
Network & Sharing
Redirect virus
Hi there, I keep getting redirected from google results to numerous shopping pages and things. AVG and Malwarebytes' Anti-Malware aren't bringing up anything. Here is my HijackThis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:13:10, on 16/06/2010 Platform: Windows 7 ...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:47.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App