nickybee123
Honorary Members-
Posts
50 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by nickybee123
-
Unfortunately Zemana doesn't do much verbose reporting - the most I could get out of going in the report section was this: Product Name : Zemana AntiMalware Scan Status : Completed Scan Date : 12/4/2020 11:49:16 AM Scan Type : Smart Scan Scan Duration : 00:00:16 Scanned Objects : 2026 Detected Objects : 1 Excluded Objects : 0 Auto Upload : False OS : Windows 10 x64 Processor : 12X Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz BIOS Mode : UEFI Domain Info : DAHOUSE,False,NetSetupWorkgroupName CUID : 12DD681C032D972FB15B30 Detections MD5 : Status : Scanned Object : software\microsoft\windows\currentversion\internet settings\connections Publisher : Size : 0 Detection : MaliciousSetting f Action : Delete -----------------------------------------------------------------------
-
nope. that was ages ago - it's a fairly highly regarded thing installed directly from their github - https://github.com/Open-Shell/Open-Shell-Menu Out of curiosity prior to deleting it by Zemana - is it possible to find out what proxy stuff is being redirected to? Perhaps that could help understanding what it is (or perhaps it keeps varying)
-
and done. nice idea - but no dice. I disabled ALL non-MSFT services as per that page (had no startup things to disable other than that). Did a boot - checked they were still disabled. Ran Zemana - and got the same stuff. So either (a) it's masquerading as an MSFT service or (b) it ain't a service ;( Nick
-
here you go. To be clear I did a reboot. Made sure that hijack was still there by running Zemana (but NOT CLEARING the found hijack setting) Then I ran the registry query that produced the fixlog.txt Then I cleaned it with Zemana and continued working. (the reason I have to do it this way is because this is my primary laptop - so I need to use it) Fixlog.txt
-
ok same as before. Attached is RKLOG (again) - followed by FRST and addition. And also the Zemana output is: MD5 : Status : Scanned Object : software\microsoft\windows\currentversion\internet settings\connections Publisher : Size : 0 Detection : MaliciousSetting f Action : Delete Addition.txt FRST.txt rklog2.txt
-
Fixlog.txt No changes - still there after reboot. Here is the fixlog.txt - btw - everytime I reboot - I run Zemana to remove the Hijack. Which means that your fixlist was processed with the Hijack removed. Would you prefer that I process the fixlist with the Hijack present (I assume it shouldn't matter) but just checking.
-
No dice on the first attempt out of the gate. Zemana still finds it after reboot. No clues in what it says however - it's just: MD5 : Status : Scanned Object : software\microsoft\windows\currentversion\internet settings\connections Publisher : Size : 0 Detection : MaliciousSetting f Action : Delete As for Fixlog.txt and the zipfile they are attached. 01.12.2020_01.14.02.zip Fixlog.txt