Crystal Disc Info: beware

[trents]

Many of us use this valuable tool to check hard disc health. Beware, it comes bundled with a nasty piece of malware called "Conduit Search", even when Crystal Disc Info is downloaded from the author's website. Conduit Search will hijack your browser homepage and your search engine. I also suspect it is a portal for more serious threats like trojans. It is very difficult to get rid of. Just removing it from Add/Remove programs will not do it.

Make sure during the installation of Crystal Disc Info that you uncheck the option to install Conduit Search and realize that choice may be presented to you more than once and in more than one way. Pay close attention to each successive screen during the install process.

 

[EarthDog]

I use the smart program for the SSD or the MFG drive utility, but this is good to know for those that choose to use 3rd party utilities over the MFG's tools.

There are several instances on google on how to get rid of it as well, note.

Thanks again! Valuable!

 

[Mandrake4565]

Interesting you posted this Mr. T I downloaded it the other day to check the speed of the SSD's I just received, put in raid. I noticed the same thing with that "conduit search" I made sure I unchecked the box but even after I installed it, there seemed to be something weird happening with the OS. Luckily it was just for benching so I did a clean re-install of win 7.

 

[EarthDog]

Use ATTO, AS SSD, Crystal Disk Mark, Iometer, etc to check speeds on your SSD. And since you have an OCZ drive, use the toolbox to read the SMART data.

 

[kyij]

It depends on my day on which program(s) I use.

Please know, just about every program out there come with this "malware."
These free programs have to make money some way, and this is a way they can. Conduit Search I am sure pays CD Mark some b/c it forces people to use their search engine, and this see their adds, etc.

You are usually not forced to install this software.. When you download the program, you DON'T just click Next, Next, Yes, Next, Accept, Next, Next, Yes.. Places were you have an option to click No, Decline, Advanced install, etc is where you can opt out of this extra "malware." As one of the options will have you accept it - sometimes you even have to goto advance install instead of recommended..

 

[EarthDog]

Please know, just about every program out there come with this "malware."

None of the programs I listed do.

 

[trents]

I'm surprised that Crystal Disk Info's author would bundle that kind of stuff with his own tool. Conduit Search is something I would (and have) encountered when visiting sleezy web sites like Pirate Bay.

Please know, just about every program out there come with this "malware."

Not so. Adware maybe, but not malware of the sort I'm talking about with Conduit Search. Conduit is not your average adware or spyware.

 

[freakdiablo]

Woah, I got scared for a second. Thought you were talking about Crystal Disk Mark, which I have installed on my desktop, laptop and HTPC. I was sitting here thinking I didn't remember coming across it during installation.

 

[bob4933]

Not much difference from the "bing search bar" imo. If you are unfortunate enough to accidently install the bing programs.....

Good heads up though.

 

[trents]

The Bing search bar and MSN homepage are easy to disable and change. Try that with Conduit once you get it.

 

[Silver_Pharaoh]

Any idea's on removal short of re-installing the OS?

My neighbour has it, and I "removed" it from the add/remove programs....
Might have to MBAM the machine....

 

[EarthDog]

Seems this thing is common... I'd link you directly, but I'm mobile... Google this one as it's all over how to get rid of it.

 

[Silver_Pharaoh]

Seems this thing is common... I'd link you directly, but I'm mobile... Google this one as it's all over how to get rid of it.

I'm not gonna lie here ED, I didn't even think of googling it.
FAIL on my part.

(Thanks?)

 

[trents]

To get rid of it:

1. Download Malwarebytes free, ADWcleaner free and Hitman Pro free. Don't run them yet.
2. Go into each of the browsers you use and reset the default homepage and search provider through settings/ad-ons. Then before you close each browser remove Conduit from the list of search providers/ad-ons. Until you make something else the default you cannot remove Conduit from the list. Even then, it's not really "gone" per se, just gone form the list. Sorry for the caps type but DO NOT REOPEN ANY OF THE BROWSERS YET once you have changed the defaults and removed Conduit from the lists. Until you root it out with the ant-imalware programs you have downloaded above, it will quickly reassert itself in your browser.
3. Go into add/remove programs and remove any reference to Conduit Search in the program list as well as any other suspicious looking or unwanted programs. Conduit may be disguised by another name.
4. Disable real time scan on your resident antivirus program and don't re-enable it until the following scans are complete:
5. Install and run Malwarebytes (full scan) and be sure to uncheck the "trial" offer box during the install. If you don't uncheck the box it will only become your resident scanner and only be good for 30 days before you have to pay money. Reboot.
6. Install and run ADWcleaner.
7. Install and run Hitman Pro. Choose the "one time only" option during the install.
8. Re-enable real time scanning of resident AV program

 

[Silver_Pharaoh]

I'll have to do that for him ^_^

Thanks trents!

 

[trents]

Forgot to mention to re-enable real-time scanning of the resident AV program once the cleaning is done. I added that in as an edit.

Malware like Conduit typically escapes most 24/7 virus scanners because it falls between the cracks of what they consider viruses or malware.

 

[Silver_Pharaoh]

Forgot to mention to re-enable real-time scanning of the resident AV program once the cleaning is done. I added that in as an edit.

Malware like Conduit typically escapes most 24/7 virus scanners because it falls between the cracks of what they consider viruses or malware.

Wouldn't matter to me anyway. Windows Defender is his AV

I know I know shame on me for setting it up like that, but he uses it no more than 2 hours a week anyway

Besides, he's using Vista. I can imagine him screaming every time it's asks for permission if an AV asks if it's okay to scan or something lol.

 

[trents]

Defender should be temporarily disabled before using those other AV programs I spoke of or they may fight each other.

 

[RGone]

There was a 'burning' freeware application that I have used for years. In the latest freeware download version there was included 'open candy' and then the name calling begins. You can g00gle open candy and see how much the original users made from open candy. Google is your buddy.

The fun began when a friend of mine that had just moved to a new ISP and within 24 days received a message from new ISP stating that he was now approachinig his 30Gig download limit. Do what?

Went to checking for who is using your wireless signal to what the heck have I got on my hard drive. Took a couple of days to determine it was open candy calling home. Or whatever such ad ware does. Finally got it removed and no more messages from his ISP and a faster net experience.

The sad thing is that we have all heard there are NO FREE LUNCHES and it is getting to be even clearer in the net age.

By the way now open candy has its' own website explaining how good they are. Do your own reading and make your own decisions and nothing is actually really free in business.

 

[trents]

How true, RGone. I remember the days when you could find older drivers everywhere for free. Now just about all the drivers have been gobbled up by outfits who make you install "download managers" before you can get the drivers. And guess what other kinds of things come with the download managers.