ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel
  • »
  • Technology»
  • Internet & the Web»
  • Viruses, Spyware & Internet Security

How to Remove the Conduit Virus (Step 3)

Updated on June 30, 2013

If steps one and two were not sufficient to remove the Conduit virus, move on to step 3, where you manually remove the virus. If you have not completed the first two steps, you can do that here:

  1. How to Remove the Conduit Virus (Step 1)
  2. How to Remove the Conduit Virus (Step 2)

Processes

First, you need to kill all processes relating to the Conduit Virus. To do this, open the task manager by pressing CTRL+SHIFT+ESC. Go to the processes tab. Then look for the process search.conduit.com, and related processes. Right click them and click end process.

Files

Next, you need to get rid of files created by the Conduit virus. Delete the following files:

  1. C:\WINDOWS\assembly\KYH_64\Desktop.ini
  2. C:\Windows\assembly\KYH_32\Desktop.ini
  3. C:\WINDOWS\system32\giner.exe

Registry

Finally, you need to remove all registry entries made by the Conduit virus. Open the registry editor. To do this press the Windows Key+R. Then type "regedit" and hit enter. The registr editor will open. Browser to and delete the following registry entries.

  1. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\random
  2. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run\random
  3. HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5ATIUYW62OUOMNBX256 “(Default)”=”1?
  4. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\“UninstallString” = “‘%AppData%\[RANDOM]\[RANDOM].exe” -u
  5. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\“ShortcutPath” = “‘C:\Documents and Settings\All Users\Application Data\5ATIUYW62OUOMNBX256.exe” -u’”
  6. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “5ATIUYW62OUOMNBX256” = “‘C:\Documents and Settings\All Users\Application Data\5ATIUYW62OUOMNBX256.exe’

If That Did Not Work

If that did not work, you need to decide how much it bothers you. If you decide it is worth it, you may need to to a wipe and reload. I would be very surprised if after following steps 1 through 3, the virus remained, but it is possible.

Comments

    0 of 8192 characters used
    Post Comment

    • profile image

      Johnd651 3 years ago

      with people like one to grant visibly all of that numerous populaces would am inflicted with sold for electronic ebook to create selected jumps in favor of their unique terminate, mainly right away eefeeeebdkdb

    Click to Rate This Article