Results 1 to 5 of 5

Thread: [Closed] mixidj+conduit fragments+spywarehunter4 hoaxware fragments

  1. #1
    Junior Member
    Join Date
    Sep 2013
    Posts
    3

    Default [Closed] mixidj+conduit fragments+spywarehunter4 hoaxware fragments

    My browsers and probably privacy are infected with conduit and mixidj and whatever if the files are now absent they still persist. I made a patch to zero-+read_only all mixidj and conduit files... (some are detected many are not) and i make constant efforts to zero-k-lock the mixidj files but it's recurring. My computer became very unstable because of spywarehunter4 that claims to clean conduit but that not only fails to but also ask to pay at the end of a long scan, and after taking system ownership and removing admin rights. Creating a virtual partition with boot files called sh4ldr that i also kicked off and zero-k-lock and even if i managed to kind of i-wish remove it, windows 8 is more unstable and some metro applications fails.
    There also has been a dilem with any of them all trying to replace winlogon.exe and or it was something trying to restore it, or it was something trying to override it. I decided to check the correct registry values and found a microsoft utility to restore the correct values but i doubt my system is safe and mixidj relapses and find its way into appdata/somewhere/somewhere windows search can't acces/chrome/chrome extensions stuff...
    I packed the patch i made.
    -------------------------------------------------------
    Edit
    Removed self fix information and links.

    • Note that all instructions given are customized for that member's personal computer only, the tools used may cause damage if run on a machine with different specs/infections. Please do not take fixes given to another user and apply to your own machine.


    • If someone posts instructions in their own topic, "this worked for me", it will be removed, possibly without notice. Just so you know.
    http://forums.spybot.info/showthread...-Assistance%29
    Last edited by tashi; 2013-09-10 at 08:06. Reason: Edit

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,485

    Default

    Hello aeiouy,

    Quote Originally Posted by aeiouy View Post
    My browsers and probably privacy are infected with conduit and mixidj and whatever if the files are now absent they still persist.
    In case you missed it please see the Malware Removal Forum FAQ which shows the procedure for requesting assistance in this forum.

    http://forums.spybot.info/showthread.php?t=288

    Or, to ask for Requests for additions to Spybot's detections

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Junior Member
    Join Date
    Sep 2013
    Posts
    3

    Default mixidj+conduit fragments+spywarehunter4 hoaxware fragments

    http://forums.spybot.info/showthread...ware-fragments
    I've been asked to move topic and add DDS and aswMBR but i am currently clueless... I'll check in spybot for both entries.
    copy of my original message:
    My browsers and probably privacy are infected with conduit and mixidj and whatever if the files are now absent they still persist. I made a patch to zero-+read_only all mixidj and conduit files... (some are detected many are not) and i make constant efforts to zero-k-lock the mixidj files but it's recurring. My computer became very unstable because of spywarehunter4 that claims to clean conduit but that not only fails to but also ask to pay at the end of a long scan, and after taking system ownership and removing admin rights. Creating a virtual partition with boot files called sh4ldr that i also kicked off and zero-k-lock and even if i managed to kind of i-wish remove it, windows 8 is more unstable and some metro applications fails.
    There also has been a dilem with any of them all trying to replace winlogon.exe and or it was something trying to restore it, or it was something trying to override it. I decided to check the correct registry values and found a microsoft utility to restore the correct values but i doubt my system is safe and mixidj relapses and find its way into appdata/somewhere/somewhere windows search can't acces/chrome/chrome extensions stuff...
    I packed the patch i made.
    Furthermore, i had to remove conduit entry in one of the 3 user profiles from chrome after i thought it removed.
    Also, the origin of both source malwares are mario bros 2.5D that has a malicious installer that canot be cancelled, that canot be exited, that will install spywares whatever the choice user may make, and freegate. To reproduce and observe the infection's behaviors, both plus spywarehunter4 are required.

    So, i don't know what DDS and sswMBR logs are. I will include them in the next reply so please do not lock or edit this thread.
    It would only slow down the cleaning process and maybe discourage me of posting again and get my windows installation disk useful.
    Mixidj infections are really intrusive and is worth countering. And spywarehunter4 makes radical system changes and has to be countered too.
    Yet here is spybot's log.
    --- Search result list ---
    Félicitations!: Aucun mouchard n'a été trouvé. (Status)
    I'd join the rest of the log but it's too long for your forum's max string length.
    Last edited by tashi; 2013-09-11 at 01:23. Reason: Moved from Requests for additions to Spybot's detections and merged

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,485

    Default

    Hello aeiouy,

    Sorry for the confusion, the Requests for additions to Spybot's detections forum is to ask for malware that isn't yet detected to be added to the detections.

    To seek malware removal for an active infection please see the FAQ which also includes guidelines for this forum and instructions in post #2 on how to provide the preliminary DDS and aswMBR logs used for analysis.

    http://forums.spybot.info/showthread.php?t=288

    Then start a new topic here in the Malware Removal Forum providing the DDS and aswMBR logs so a volunteer analyst can advise when available.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  5. #5
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,485

    Default

    Log split off to new topic: http://forums.spybot.info/showthread...935#post444935

    To e-mail the zero-k patch you'd like detectives to look at it can be sent to: Please provide a link back to your forum topic.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •