AdwCleaner

Closed
merit3 Posts 1 Registration date Monday December 30, 2013 Status Member Last seen December 30, 2013 - Dec 30, 2013 at 10:49 PM
2011N2 Posts 13334 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 - Jan 1, 2014 at 06:21 PM
I ran adwcleaner but don't know where to locate the scans I did. Also, I have about: blank. Any suggestions of .dll scanner to address the problem?

Thanks in advance!
Related:

5 replies

2011N2 Posts 13334 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Dec 31, 2013 at 05:57 AM
Hello,

You have to modify the start page of the browser where about:blank is present.
And AdwCleaner's report is saved as C:\AdwCleaner[S0].txt

Gabriel.
0
I know how to switch the page back but when I do it just goes back to 'about:blank'.
It's a browser hijacker that scans miss. From what I've researched it lurks in 2 .dll
files. Any .dll scanners you'd suggest?

merit3
0
2011N2 Posts 13334 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Dec 31, 2013 at 11:30 AM
Hi,

Ok.

To help you and prescribe the remedy, I must make a diagnostic and to do so, I require a log.

1. Open this link and download ZHPDiag2 :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

(Don't be alarmed is the site is in French, it sometimes happens, the tool will take your system language and allow the download if you get a warning message.)

2. Save the file on your Desktop.

3. Double click on ZHPDiag.exe and follow the installation instructions.

(For Vista and Win 7 users, click right to ensure you execute with admin right)

The tool creates three icons ZHPDiag, MRB, and ZHPFix (If necessary,we will use ZHPFix after log analysis).

4. Double click on the short cut ZHPDiag on your Destktop.

5. If you need to change the language, click on the little house, (bottom right) and change to English

6. Click on the "Configure" button.

7. Click on the Magnifying glass "diagnosis with legitimates".

8. Click on "Search"

Wait for the tool to finished (maybe a long time)

9. Close ZHPDiag.

10. To transmit the report, click on this link :

https://authentification.site

9. Search the directory where you installed ZHPDiag (usually C:\desktop\zhpdiag.txt).

10. Select the file ZHPDiag.txt.

11. Click on "upload »

12. Copy the URL and post it here.

Gabriel.
0
Gabriel,

I will do the scan you sent when I have more time. This is a recent .dll scan.
HAPPY NEW YEAR!
Regards,
Debra
_____________









Scan Report

Date:2013-12-30 14:27:12 Total Error Files:84



.dll



ehshell.ni.dll 18686976 6.1.7601.17514 C:\Windows\assembly\NativeImages_v2.0.50727_32\ehshell\91dd7cd125dabbf644f7c4a29b5d7117\
Microsoft.MediaCenter.Interop.ni.dll 355840 6.1.7601.17514 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\308f319aa8913d21b30a8efa3e813e75\
Microsoft.MediaCenter.Shell.ni.dll 849920 6.1.7601.17514 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\843a0df61f1ef760829b1caf34f60582\
System.Data.SqlXml.ni.dll 2508288 2.0.50727.5420 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\4308c2310ca6f08c6e0068172e5b709f\
alinkui.dll 17744 8.0.50727.5420 C:\Windows\Microsoft.NET\Framework\v2.0.50727\2052\
cscompui.dll 68944 8.0.50727.5420 C:\Windows\Microsoft.NET\Framework\v2.0.50727\2052\
CvtResUI.dll 10064 8.0.50727.4940 C:\Windows\Microsoft.NET\Framework\v2.0.50727\2052\
vbc7ui.dll 89416 8.0.50727.5420 C:\Windows\Microsoft.NET\Framework\v2.0.50727\2052\
Vsavb7rtUI.dll 98640 8.0.50727.5420 C:\Windows\Microsoft.NET\Framework\v2.0.50727\2052\
mscorsecr.dll 25424 2.0.50727.5420 C:\Windows\Microsoft.NET\Framework\v2.0.50727\MUI\0804\
aspnet_rc.dll 46928 2.0.50727.5420 C:\Windows\Microsoft.NET\Framework\v2.0.50727\zh-CHS\
mscorrc.dll 165712 2.0.50727.5420 C:\Windows\Microsoft.NET\Framework\v2.0.50727\zh-CHS\
ShFusRes.dll 89424 2.0.50727.5420 C:\Windows\Microsoft.NET\Framework\v2.0.50727\zh-CHS\
cscompui.dll 77648 3.5.30729.5420 C:\Windows\Microsoft.NET\Framework\v3.5\2052\
vbc7ui.dll 105800 9.0.30729.5420 C:\Windows\Microsoft.NET\Framework\v3.5\2052\
aaclient.dll 131584 6.1.7601.17514 C:\Windows\System32\
admparse.dll 73216 8.0.7600.16385 C:\Windows\System32\
corpol.dll 18432 8.0.7600.16385 C:\Windows\System32\
ieakeng.dll 126976 8.0.7600.16385 C:\Windows\System32\
ieaksie.dll 229376 8.0.7600.16385 C:\Windows\System32\
ieakui.dll 163840 8.0.7600.16385 C:\Windows\System32\
LegitCheckControl.DLL 1485176 1.9.42.0 C:\Windows\System32\
mstime.dll 606208 8.0.7601.17514 C:\Windows\System32\
TPSvc.dll 423208 7.9.377.1 C:\Windows\System32\
TPVMMon.dll 284016 1.2.37.1 C:\Windows\System32\
TPVMMondeu.dll 23960 1.2.37.5 C:\Windows\System32\
TPVMMonjpn.dll 9632 1.2.37.3 C:\Windows\System32\
TPVMMonUI.dll 79208 1.2.13.9 C:\Windows\System32\
TPVMMonUIdeu.dll 9104 1.2.13.7 C:\Windows\System32\
TPVMMonUIjpn.dll 9104 1.2.17.1 C:\Windows\System32\
TPVMW32.dll 111856 8.0.26.1 C:\Windows\System32\
vmhgfs.dll 35888 8.0.1.0 C:\Windows\System32\
vmx_fb.dll 173232 11.6.0.13 C:\Windows\System32\
vmx_mode.dll 16432 11.6.0.13 C:\Windows\System32\
TPPS.DLL 124144 7.9.30.1 C:\Windows\System32\DriverStore\FileRepository\oemprint.inf_x86_neutral_1e110e780b7dbb69\i386\
TPPrn.dll 114688 0.3.84.1 C:\Windows\System32\DriverStore\FileRepository\oemprint.inf_x86_neutral_dca7bcb7115916d3\i386\
TPPrndeu.dll 36864 0.3.84.3 C:\Windows\System32\DriverStore\FileRepository\oemprint.inf_x86_neutral_dca7bcb7115916d3\i386\
TPPrnjpn.dll 32768 0.3.84.5 C:\Windows\System32\DriverStore\FileRepository\oemprint.inf_x86_neutral_dca7bcb7115916d3\i386\
TPPrnUI.dll 110592 7.8.209.2 C:\Windows\System32\DriverStore\FileRepository\oemprint.inf_x86_neutral_dca7bcb7115916d3\i386\
TPPrnUIdeu.dll 61440 7.8.209.3 C:\Windows\System32\DriverStore\FileRepository\oemprint.inf_x86_neutral_dca7bcb7115916d3\i386\
TPPrnUIjpn.dll 57344 7.8.209.5 C:\Windows\System32\DriverStore\FileRepository\oemprint.inf_x86_neutral_dca7bcb7115916d3\i386\
TPWinPrn.dll 368749 7.6.195.1 C:\Windows\System32\DriverStore\FileRepository\oemprint.inf_x86_neutral_dca7bcb7115916d3\i386\
EP7MDL09.DLL 3584 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7MDL0A.DLL 3584 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7MDL0B.DLL 4608 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7MDL0C.DLL 3584 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7MDL0D.DLL 3584 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7MDL0E.DLL 3584 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7MDL0F.DLL 3584 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7MDL0S.DLL 4096 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7MDL0T.DLL 4096 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7MDL0U.DLL 3072 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7MDL0V.DLL 3072 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7MDL0W.DLL 3584 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7RES03.DLL 86016 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
EP7UIP03.DLL 42496 1.0.0.0 C:\Windows\System32\DriverStore\FileRepository\prnep654.inf_x86_zh-cn_bd091255c49dc177\I386\
OKDTCRES.DLL 159744 0.3.1536.0 C:\Windows\System32\DriverStore\FileRepository\prnok652.inf_x86_zh-cn_4265b643505a147f\I386\
vmx_fb.dll 173232 11.6.0.13 C:\Windows\System32\DriverStore\FileRepository\vmx_svga.inf_x86_neutral_d37c324aef84a0f9\
vmx_mode.dll 16432 11.6.0.13 C:\Windows\System32\DriverStore\FileRepository\vmx_svga.inf_x86_neutral_d37c324aef84a0f9\
mscorees.dll 9552 4.0.31106.0 C:\Windows\System32\MUI\0804\
SpeechUXRes.dll 7173120 6.1.7600.16385 C:\Windows\System32\Speech\SpeechUX\zh-CN\
PS5UI.DLL 726016 0.3.7601.17514 C:\Windows\System32\spool\drivers\w32x86\3\
PSCRIPT5.DLL 542720 0.3.7601.17514 C:\Windows\System32\spool\drivers\w32x86\3\
TPPRN.DLL 114688 0.3.84.1 C:\Windows\System32\spool\drivers\w32x86\3\
TPPrndeu.dll 36864 0.3.84.3 C:\Windows\System32\spool\drivers\w32x86\3\
TPPrnjpn.dll 32768 0.3.84.5 C:\Windows\System32\spool\drivers\w32x86\3\
TPPrnUI.DLL 110592 7.8.209.2 C:\Windows\System32\spool\drivers\w32x86\3\
TPPrnUIdeu.dll 61440 7.8.209.3 C:\Windows\System32\spool\drivers\w32x86\3\
TPPrnUIjpn.dll 57344 7.8.209.5 C:\Windows\System32\spool\drivers\w32x86\3\
TPPS.DLL 124144 7.9.30.1 C:\Windows\System32\spool\drivers\w32x86\3\
TPWinPrn.dll 368749 7.6.195.1 C:\Windows\System32\spool\prtprocs\w32x86\

.exe



ARPPRODUCTICON.exe 25214 C:\Windows\Installer\{FE2F6A2C-196E-4210-9C04-2B1BC21F07EF}\

.sys



E1G60I32.sys 118784 8.4.1.0 C:\Windows\System32\drivers\
vmaudio.sys 25008 5.10.0.3504 C:\Windows\System32\drivers\
vmci.sys 54960 7.2.23.0 C:\Windows\System32\drivers\
vmdebug.sys 19504 7.3.3.2 C:\Windows\System32\drivers\
vmhgfs.sys 117552 8.0.11.0 C:\Windows\System32\drivers\
vmmouse.sys 11696 12.4.0.2 C:\Windows\System32\drivers\
vmx_svga.sys 63920 11.6.0.13 C:\Windows\System32\drivers\
vmaudio.sys 25008 5.10.0.3504 C:\Windows\System32\DriverStore\FileRepository\vmaudio.inf_x86_neutral_5dba202b4a9360c4\
vmci.sys 54960 7.2.23.0 C:\Windows\System32\DriverStore\FileRepository\vmci.inf_x86_neutral_e3bcc45adf76a14c\
vmmouse.sys 11696 12.4.0.2 C:\Windows\System32\DriverStore\FileRepository\vmmouse.inf_x86_neutral_3b9bf34307231a27\
vmscsi.sys 17968 1.2.0.6 C:\Windows\System32\DriverStore\FileRepository\vmscsi.inf_x86_neutral_21a76e6ea4786944\
vmx_svga.sys 63920 11.6.0.13 C:\Windows\System32\DriverStore\FileRepository\vmx_svga.inf_x86_neutral_d37c324aef84a0f9
0

Didn't find the answer you are looking for?

Ask a question
2011N2 Posts 13334 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Jan 1, 2014 at 06:21 PM
Hello,

Ok no problem, i wait for ZHPDiag's report.
Thanks, happy new year too. :)

See you soon.

Best regards,

Gabriel.
0