Browser Hijacker

...and that should have been search.conduit

Sorry, I disagree with your solution.  not that you are wrong, but that its not that simple.  Conduit is a hijacker and once you get it, you may spend weeks getting rid of it.  Once its on your system if you have multiple browsers like Internet Explorer, FireFox, Opera, etc. it will infest all of them and you need to clean eachone seperatly, and then clean your system, uninstall it and it comes right back.  I dont know why we cant have webroot do a cleaner for it or a filter to prevent it. its a real pain.  check out the internet, everyone if fighting this nasty unwanted hijacker.

It's not an infection it's a PUA have a look at this KB Article: https://community.webroot.com/t5/Tips-and-Tricks-KB/How-to-Remove-Potentially-Unwanted-Applications/ta-p/40744# also have a look at this thread: https://community.webroot.com/t5/Webroot-SecureAnywhere-Antivirus/How-to-Get-Rid-of-TopArcadeHits-Infection/td-p/56423#.UjOn1j-c44I
 
TH

I'm upset that the techs for webroot haven't classified this conduit.search as a PUP (potentiallially unwanted program) or PUA (application). I ended up with this extremely annoying toolbar that I NEVER agreed or consented to, and all my attempts to remove it have failed. Evidently, this add-on,  tool bar, or browser hijacker (which is what i prefer to call it, because you NEVER get your REAL browser back....EVER) what ever you want to call it, comes secretly bundled to whatever program you download. I ALWAYS do the CUSTOM install, whenever I download anything, so I can UNCHECK all the programs and extensions and add ons I DON'T want. But this CONDUIT never EVER appeared in any of my custom installs. It changed the layout, color and font size of my google chrome page, added the mixidj search bar, added the delta search bar, allowed for constant pop ups and unwanted ads, and changed the layout and font size of my face book page. Now, it may not TECHNICALLY be a VIRUS, but is SURE is an UNWANTED program, that I didn't CONSENT to. When you spend at least three weeks trying to remove this UNWANTED software, believe me, you've tried going to programs and looking for conduit to remove it or going to the settings option and resetting your page as whatever, or resetting your default page as whatever or resetting your browser as what ever in addition to REMOVING this PUA, PUP...whatever, MULTIPLE times, ONLY to have it RETURN, EVERY TIME. I've gone into the REGISTRY to tried to delete the specific files, but they ALWAYS come back. Now, if THAT'S not the very DEFINITION of a VIRUS, I don't know what is. Your software developers need to study this PUP and find out how to develop a FILTER for it, because believe me, it is HIGHLY UNWANTED. To suggest the very basic program removing techniques is an INSULT after how much time and energy so MANY ppl have spent trying to get RID of this PUP. 

There are plenty of paid for products that are extremely difficult to remove! A programs difficulty to remove doesnt indicate that its malware. I regularly test these toolbars and from time to time we do reclassify I only recently tested Conduit and it does require a number of checkboxes to be ticked in order to be installed.
 
Using Google as a reference to determine if a piece of software/file is malware isnt a good idea. As a test Google any legimate Windows process and I guarantee that a number of results will come back saying its malware. Its one of the reasons why I see people blocking Windows processes.
 
I have said on many of an occasion that I hate 99% of all toolbars (I dont use any) and I would love to block them all but a large number of people do use them. Just because a number of people dont like them doesnt mean that its malware. It is worth noting that we do block tens of thousands of PUA every day.
 

No the process in this case wont change as the files have to marked as PUA in order for them to be detected/removed. But the PUA detection in 2014 is something that we really looking forward to using over the coming months. 

I was not referring to the toolbar -- that is not a hijacker -- it's a tool bar
 
In my case I got my home page and home page search engine changed to the Conduit homepage with the Conduit Search engine,or searching results are constantly redirected to search.conduit.com, which I described in my original post as a useless scam. There was never a visible install process and I never agreed for it to be downloaded. That's a hijack much worse than some toolbar, because it seizes control of your browser.
 
Here:
 
https://www.google.com/#q=conduit+search+removal

I disagree,  as stated earlier, several people I know suddenly have conduit and dont know how they got it.  you have to remember the vast majority of computer users now a days dont really know what they are doing other than buying things from amazon, doing facebook or sending emails.  These are the people we need to protect, not the professionals.  Once you have conduit it infects every browser you have installed on your system and then comes back again if you dont malewarebye it.

@ wrote:
Conduit has now been changed to PUA so we are blocking the installers. I still stand by my original point that a large number of these toolbars do require a user to click yes to install. We cant block every single installer of programs that people dont like, if we did that I`d guess that about 95% of software programs would be blocked!

Hi Roy I believe they all should be Blocked all As a PUA inside the software then if the user wants to install they can bypass the Block then it's out of Webroots Hands as they have been warned. Also if Conduit is on someone's system I hope WSA can remove this unrelenting (Adware, Crapware, Malware) in any case as I seen on so many security forums they are treating it as Malware. Just my opinion.
 
Daniel

This is great news as far as I am concerned.  We are baraged by toolbar bloat and accelerators that eventually corrupt out machines and steal resources.  the old webroot had a toobar blocker, that I always liked, but now even C-Net is bundeling crap ware with normal download, so if you are not vigelent with every click, you load things without knowing it.  this is a step in the right direction.  Thank you for you input for both sides of the argument.

My sympathies!! My husband's PC gets his browser constantly hijacked. He stopped using IE and is using FireFox but still gets them. I've helped him go through the Control Panel to delete per FireFox Mozilla's suggestions but they keep coming back. (Luckily for me, I have a MAC and have never had this problem!!)

You're right, it's nothing you sign up for but often there's lots of confusing windows which keep popping up, maybe telling him he needs an update for a legitimate program he has like Adobe Flash Player but if you look at the address it's not an Adobe one.

Hello Charlotte_Sterling and Welcome to the Webroot Community Forums!

 
Yes that is possible and so many sites add PUA's to software but most of the time if it's a Fake Adobe update it would be mostly a true infection also Adobe adds Crapware to there installers and users have to watch when installing and make sure to uncheck any unwanted add-ons.
 
Cheers,
 
TH ;)

This sounds remarkably like the same problem I'm having.  Is this Conduit you speak of the Conduit SDK for mobile applications by any chance?