Reading mode: Light Dark

Is cltmnge.exe malware / odd PC behaviour: any advice please?

Go to last post
P

Phil1

Senior Member
Messages
2,579
Solutions
2
Reaction score
699
Location
UK
I’d be very grateful for some advice on a pressing PC problem.

My PC has started to behave oddly: one of the HDs, some memory and the DVD drives vanish intermittently, only to return sometimes on switching back on. Now on start-up I get a DOS-like message, saying something like ‘startup repair, try system restore’. The PC then works for a while until I next turn it on when the same message appears.

On powering down, the screen goes black and a message requiring ‘cltmnge.exe’ to be closed and also ‘explore’ (not windows explorer but just ‘explore’. I use Firefox and not Windows Explorer which is not in my start-up group.

I use, and keep up-to-date, Kaspersky Internet Security Suite but I know that it won’t catch every bit of malware, so I assume my PC is infected, possibly by ‘cltmnge.exe’ and/or by ‘explorer’ or possibly by something else.

Looking on the Internet it seems that most folk regard ‘cltmnge.exe’ as malware but I’m reluctant to open any of the suggested ‘remedies’ for fear of letting in more malware.

Can anyone tell me please if ‘cltmnge.exe’ and ‘explorer’ (assuming it is not Windows Explorer of course) are malware or, if not, what they do and if it is necessary to have them on my PC (Win 7 64).

If they are malware, are there any safe ways of eliminating them?

Many thanks

Phil
 
Phil1 said:
I’d be very grateful for some advice on a pressing PC problem.

My PC has started to behave oddly: one of the HDs, some memory and the DVD drives vanish intermittently, only to return sometimes on switching back on. Now on start-up I get a DOS-like message, saying something like ‘startup repair, try system restore’. The PC then works for a while until I next turn it on when the same message appears.

On powering down, the screen goes black and a message requiring ‘cltmnge.exe’ to be closed and also ‘explore’ (not windows explorer but just ‘explore’. I use Firefox and not Windows Explorer which is not in my start-up group.

I use, and keep up-to-date, Kaspersky Internet Security Suite but I know that it won’t catch every bit of malware, so I assume my PC is infected, possibly by ‘cltmnge.exe’ and/or by ‘explorer’ or possibly by something else.

Looking on the Internet it seems that most folk regard ‘cltmnge.exe’ as malware but I’m reluctant to open any of the suggested ‘remedies’ for fear of letting in more malware.

Can anyone tell me please if ‘cltmnge.exe’ and ‘explorer’ (assuming it is not Windows Explorer of course) are malware or, if not, what they do and if it is necessary to have them on my PC (Win 7 64).

If they are malware, are there any safe ways of eliminating them?

Many thanks

Phil
Click to expand...
Hi Phil,

To answer your question about cltmnge.exe, I don't know it. But you can try spybot, it is a free program. Use it to check your system for malware, registry and other problems.

I don't want to be a pessimist, but it sounds like your PC is dying. There could be various reasons: HDD failing, or PSU or something else. If I were you I would run a full physical checkdisk on the OS drive first.

rio
 
Look if you have "conduit toolbar" on your Firefox.

Also look if you see it on the Control Panel under Programs & Futurs

That could be the problem.

If you have it, google how to remove it, there is plenty of help.
 
It's part of Conduit (adware). Basically, some Antivirus products don't flag it as malware, because it's something you would have given permission to install.

When you download software from popular download sites (for example, CNET's download.com) it's very common for them to include browser search toolbars with additional adware (including products like Conduit) by default.

So, if you're not *very* careful to "opt out" of any toolbars and extras when downloading a legit program that you want to use, you'll end up with that type of adware on your PC.

It's commonly referred to as "Potentially Unwanted Software".

Anyway, see the instructions on this page for removing it:

http://www.pcinfected.com/remove-conduit-search/

But, I'm not familiar with that site. So, I'd probably get the software mentioned from sources I am familiar with.

For example, I'd get adwcleaner (the first program that page mentions) from here:

http://www.bleepingcomputer.com/download/adwcleaner/

adwcleaner is very good at removing unwanted browser toolbars and the adware installed with them.

So, chances are, adwcleaner will get rid of it all by itself.

But, it wouldn't hurt to run a few more [legit} scanners, just to make sure you got everything. For example, Malwarebytes Free is good for that purpose. I'd use the download link from this page to get it:

https://www.malwarebytes.org/free/

--
JimC
------
 
Last edited:
You're right Jim, many people don't take the time to read when they install or click on something. It happen with the Ask toolbar etc.... I see that all the time at the computer classes I'm teaching. I see some people with so many Add-on on their browser you could not believe.
 
Jim Cockfield said:
For example, I'd get adwcleaner (the first program that page mentions) from here:

http://www.bleepingcomputer.com/download/adwcleaner/
Click to expand...
they added detection for conduit in August, according to their changelog.

http://general-changelog-team.fr/~xplode/Changelogs/CG_AdwCleaner_EN.txt

So, I'd download it from the link I just posted and let it scan your PC. By default, all adware it finds will be flagged by default after you use it's Scan choice. So, you can then select the Clean option to remove it.
Member said:
adwcleaner is very good at removing unwanted browser toolbars and the adware installed with them.

So, chances are, adwcleaner will get rid of it all by itself.
Click to expand...
But, again, I'd probably run Malwarebytes Free, too; after removing adware like conduit using adwcleaner (as you may have more than one issue and it's pretty good about removing a lot of threats that some other products may miss), as mentioned in my last post.

Neither of those products (adwcleaner, free version of Malwarebytes) remain running in memory after using them to disinfect your PC (as they're simply "on demand" scanners, not something that's going to be running and potentially interfering with your primary Antivirus protection).

I'd highly recommend both of them.
Member said:
But, it wouldn't hurt to run a few more [legit} scanners, just to make sure you got everything. For example, Malwarebytes Free is good for that purpose. I'd use the download link from this page to get it:

https://www.malwarebytes.org/free/

--
JimC
------
Click to expand...
--
JimC
------
 
Last edited:
GegeNY said:
You're right Jim, many people don't take the time to read when they install or click on something. It happen with the Ask toolbar etc.... I see that all the time at the computer classes I'm teaching. I see some people with so many Add-on on their browser you could not believe.
Click to expand...
Yep... he's only seeing errors related to Conduit right now (apparently, it's having problems loading at startup).

But, they're no telling how much other adware is installed, and he may be seeing a conflict between them.

Anyway, adwcleaner is pretty good about removing most unwanted search toolbars, browser hijackers and adware. So, as suggested, I'd run it's Scan option, and then use it's Clean option to get rid of everything it detected.

Then, I'd run the free version of Malwarebytes to make sure it got all of those types of programs (as there may be other issues the OP is not aware of yet).

The OP is already using Bitdefender, which should be pretty good about keeping other threats away.

But, sometimes adware that users give permission to install can be a royal pain in the rear to get rid of.

--
JimC
------
 
Last edited:
Jim Cockfield said:
The OP is already using Bitdefender, which should be pretty good about keeping other threats away.
Click to expand...
That should have read Kaspersky versus Bitdefender. Anyway, both are very good products and Kaspersky should handle most threats.

But, sometimes, other scanners are needed to detect and clean some of the adware that users give permission to install when downloading programs from popular download sites (as many download sites include unwanted search toolbars and adware by default unless you're *very careful* to "opt out" of those default options).

That way (by including search toolbars and adware), the download sites get revenue from the search toolbar vendors and adware vendors to help them cover the costs of hosting the software being downloaded and make a profit on the downloads of legit software.
Member said:
But, sometimes adware that users give permission to install can be a royal pain in the rear to get rid of.
Click to expand...
So, I'd use adwcleaner and Malwarebytes free and see if they solve the issues.

--
JimC
------
 
Last edited:
I bought a 2 PC license for Malwarebytes last week primarily on their promise that they "played nice" with most Security Suites (I'm using the Comcast version of the Norton Security Suite - so far, no problems).

It has caught several things that Norton let through, and doesn't seem to have slowed down my i7-2600S equipped Desktop PC or my wife's laptop any. These are pretty much mid - level computers anymore, so having a 2 tiered anti malware configuration is do-able with reasonably modern technology.

--
I still like soup. . .
Fine Art Flyover Country:
http://www.flickr.com/groups/2505841@N22
 
Last edited:
Firstly thank you all for your very helpful advice!

I realise that this is a noddy question so many apologies - sorry to try your patience!.

Malware bytes came up with 128 items and I deleted everything with a conduit or searchprotect in the title. As far as I can see (not very far I'm afraid!) the remaining dozen or so items sound as if they might be genuine.

However, with ADWCleaner which I ran next there are 7 categories (Services, Folders, Files, Shortcuts, Registry, Internet Explorer and Firefox).

Could you tell me which of these I should delete items from please?

Presumably any entry containing 'conduit'?

The Firefox page was a nightmare of confusing complexity and I feel like leaving that well alone unless advised otherwise.

So many thanks again!

Phil
 
Jim Cockfield said:
It's part of Conduit (adware). Basically, some Antivirus products don't flag it as malware, because it's something you would have given permission to install.

When you download software from popular download sites (for example, CNET's download.com) it's very common for them to include browser search toolbars with additional adware (including products like Conduit) by default.

So, if you're not *very* careful to "opt out" of any toolbars and extras when downloading a legit program that you want to use, you'll end up with that type of adware on your PC.

It's commonly referred to as "Potentially Unwanted Software".

Anyway, see the instructions on this page for removing it:

http://www.pcinfected.com/remove-conduit-search/

But, I'm not familiar with that site. So, I'd probably get the software mentioned from sources I am familiar with.

For example, I'd get adwcleaner (the first program that page mentions) from here:

http://www.bleepingcomputer.com/download/adwcleaner/

adwcleaner is very good at removing unwanted browser toolbars and the adware installed with them.

So, chances are, adwcleaner will get rid of it all by itself.

But, it wouldn't hurt to run a few more [legit} scanners, just to make sure you got everything. For example, Malwarebytes Free is good for that purpose. I'd use the download link from this page to get it:

https://www.malwarebytes.org/free/
Click to expand...
 
"Genuine", huh?

Look..if it were my PC, I'd delete *all* items found by using the Scan choice in adwcleaner (use the scan choice first, then when you click on Clean, let it remove *all* items identified (versus unchecking anything you think might be "Genuine").

Unless you have a specific need for toolbars, adware, etc, ; just get rid of everything it finds, and you'll be much better off IMO.

Of course, unwanted programs like adware (as well as and malware) will try to make sure they're using legitimate looking names, too (that way, users may hesitate to remove them, as you're doing now). ;-)

Ditto for Malwarebytes Free. I'd suggest letting it remove *all* items it flagged.

Those two products are both *very* good. I wouldn't try to "second guess" them; and just let them remove all items they flagged as problems.

--
JimC
------
 
Last edited:
Malwarebytes or any other scanner recommended. Many times the large number is related to cookies and temp files. Let it do the work for you.

When in doubt, you should have a backup!
 
And as discussed earlier in this thread, please make darn sure to "Opt Out" of any extras that most download sites are going to include by default (Toolbars like Bing, Ask, etc.; as those download sites will often install a lot of adware, browser hijackers, etc. along with those toolbars).

IOW, that's the problem you have now (and there's no telling how many other adware related programs you have starting and running, especially if you didn't let adwcleaner get rid of everything it found).

Again, those programs will often use very legit looking names (masquerading as legitimate Microsoft programs, etc.). My advise, let those programs (adwcleaner, malwarebytes) do their job, and don't try to "second guess" them.

Unfortunately, that's a common practice anymore with popular download sites (including a lot of adware with downloads of legit programs), and you'll end up with a lot of crap on your PC that can be very hard to get rid of.

My advise (again), run adwcleaner and after you let it Scan, use the Clean choice and let it remove *everything* it identified. Then, run Malwarebytes Free and let it remove *everything* it identified.

Sorry to sound like a "broken record", but they're both extremely good programs and are not going to try and remove anything you really need. adwcleaner does have some optional switches that allow you to keep the Ask toolbar installed by some AV software (as some AV products include enhanced filters via the Ask Search toolbar).

But, that's not the case with your Kaspersky AV software. Let adwcleaner get rid of *all* of the browser toolbars you've installed, as they often have a lot of adware installed along with them. IOW, it's a really bad idea *not* to let adwcleaner remove *all* items identified during a scan. I would not "Second Guess" it. Ditto for Malwarebytes Free. Let it get rid of *everything* it finds, including something that looks minor like cookies (that are probably being used to target adverts to you).

Then, be very careful going forward (and *always* opt out of any extras like toolbars, etc. when using download sites like CNET's download.com and many other download sites, unless you want your PC to have a ton of adware installed on it).

--
JimC
------
 
Last edited:
I am really very grateful to you all for your practical advice and encouragement.

I have now used AdwCleaner and Malwarebytes and removed everything they found - and there was a lot!

I thought I'd been careful about not downloading the usual rubbish when installing free SW but clearly over the years I had slipped up badly. From now on its an AdwC/MB double scan every time I download new SW and again periodically when I tidy up the HDs. What great SW!

I've also done a checkdisk, but sadly the troublesome HD and DVDs are still playing up. I guess its time for a visit to the local computer engineer.

So a big thank you to you all!

Phil
 
Jim I'd like to thank you especially for all the help you've given me over this. Your emails have been very useful, practical, helpful and encouraging - all of which I needed badly. This forum (and I) are lucky to have such a knowledgeable and incredibly helpful member who is prepared to give so freely of his time.

THANK YOU!

Phil
 
Last edited:
Selecting and allowing Adobe products' to 'auto update', i.e. "Allow Adobe to install updates (recommended)" is probably the option that is least likely to result in the installation of any unwanted add-ons/programs etc.

Do you or anyone have any solid evidence that selecting/allowing any Adobe 'auto update' actually results in the unexpected installation of unwanted/extraneous extras...?

I know that their "Notify me to install updates" option (which I use), more recently takes the user via the web-page based updating route, where it is actually necessary to be careful to 'un-tick' the offer to install browsers/add-ons etc - but I would be amazed if the 'auto update' didn't just respect the users previous refusal of such, and/or simply update only what was already installed.
 
Last edited:
Mark H said:
Selecting and allowing Adobe products' to 'auto update', i.e. "Allow Adobe to install updates (recommended)" is probably the option that is least likely to result in the installation of any unwanted add-ons/programs etc.
Click to expand...
For example: To quote from an Adobe blog Q&A response ...

Q: Can I be sure that my uncheck of Google toolbar install will remain. I do not want anything other than the update itself installed.

A: Thank you for your question. Yes, the Background Updater (the update mechanism without notifications) will not install anything other than updates to Flash Player, since there isn’t an opportunity to get consent from you to install a third-party product in the first place. As mentioned in the blog post, the Background Updater cannot be turned on for all updates.

Note that if you were to go to adobe.com again and install Flash Player from the website, you may be presented with a third-party offer again. This is unrelated to the Background Updater however. Adobe Flash Player will not install a third-party product without getting your explicit consent first.
Mark H said:
Do you or anyone have any solid evidence that selecting/allowing any Adobe 'auto update' actually results in the unexpected installation of unwanted/extraneous extras...?
Click to expand...
....a telling silence falls - well, except perhaps for your misguided dig via this earlier message .

I will venture to answer for you - no, of course you don't have any evidence.

Perhaps, to quote your very own words i.e."...I can thnk of one though that needs to go away (nt)", perhaps that 'one' should be you, and/or those like you who have a tendency to spread this sort of bad advice/ill-founded misinformation like advising people to "...turn off auto update on Adobe (nt)" .

N.B. For maximum convenience and safety, people should keep Adobe 'auto/allow updates' ticked/enable.
 
Last edited:
You must log in or register to reply here.

Keyboard shortcuts

f
Forum
m
My threads
Mobile site
About
Editorial content
Cameras & Lenses
Community
All content, design, and layout are Copyright © 1998–2025 Digital Photography Review All Rights Reserved.
Reproduction in whole or part in any form or medium without specific written permission is prohibited.
When you use DPReview links to buy products, the site may earn a commission.
©GPS Media - Guides, Products, Services.
Back
Top