Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Hijack This Log Completed


  • This topic is locked This topic is locked

#16
Daemon

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Thank's - do this for me. Click here to download FindQoologic-Narrator.

Save it to your Desktop then extract the files from the zip into their own folder called FindQoologic. Open the FindQoologic folder. Locate and double-click the Find-Qoologic.bat file to run it. Wait until a text opens, then post it in your next reply here.
  • 0

Advertisements


#17
brneyegrl583

brneyegrl583

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
First if got a Windows Script Host Error: can not find script file "C:|DOCUME~1\Mom\LOCALS~1\Temp\Activesetup.vbs".

after hitting OK this is what appears in a notepad, I can't highlight the dos box.



»»»»»»»»»»»»»»»»»»»»»»»» startup files»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


»»»»»»»»»»»»»»»»»»»»»»»» Checking Global Startup »»»»»»»»»»»»»»»»»»»»»»


»»»»»»»»»»»»»»»»»»»»»»»» Registry Entries Found »»»»»»»»»»»»»»»»»»»»»»»

! REG.EXE VERSION 3.0

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\BriefcaseMenu
<NO NAME> REG_SZ {85BBD920-42A0-1069-A2E4-08002B30309D}

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\MediaFaceExtension
<NO NAME> REG_SZ {6E3C607A-B99C-4FA8-98F5-1AC1ADF7F5B9}

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
<NO NAME> REG_SZ {750fdf0e-2a26-11d1-a3ea-080036587f03}

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
<NO NAME> REG_SZ {09799AFB-AD67-11d1-ABCD-00C04FC30936}

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
<NO NAME> REG_SZ {A470F8CF-A1E8-4f65-8335-227475AA5C46}

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZip
<NO NAME> REG_SZ {E0D79304-84BE-11CE-9641-444553540000}

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
<NO NAME> REG_SZ Start Menu Pin

»»»»»»»»»»»»»»»»»»»»»»»»» Active setup »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
  • 0

#18
Daemon

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Click here to download and install the Visual Basic run time files. Try running it again after installing.

Edited by Daemon, 10 April 2005 - 02:33 PM.

  • 0

#19
brneyegrl583

brneyegrl583

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts

Click here to download and install the Visual Basic run time files. Try running it again after installing.


I am sorry, but this one is going over my head. I downloaded the file, which says it is a self extractor, but then I can't find anything and don't know what I am supposed to be "running".
  • 0

#20
Daemon

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Doubleclick the file you downloaded from Microsoft - that's all you need to do with that.

Then 'run' the Find-Qoologic.bat file again and let me know if you got that error message at the start. The FindQoologic files must be removed from the zip file not run within it otherwise it won't work. Post the log it generates.
  • 0

#21
brneyegrl583

brneyegrl583

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
I have done nothing other then what you have told me and now this time I got the following message when running the Qoologic, which I did unzip.

16 bit MS -Dos Subsystem error box
C:\Windows\System32\cmd.exe
c:\WINDOWS\SYSTEM32\AUTO.EXE.NT  The system file is not suitable for running MS-DOS and Microsoft Window applications.  Choose 'Close' to terminate the application.


I chose 'Close' and this is what I got.

PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, THERE MIGHT BE LEGIT FILES LISTED AND PLEASE BE CAREFUL WHILE FIXING. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
»»»»»»»»»»»»»»»»»»»»»»»» Files found »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»»»»»»»»»»»»»»» Registry Entries Found »»»»»»»»»»»»»»»»»»»»»»»

! REG.EXE VERSION 3.0

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\BriefcaseMenu
<NO NAME> REG_SZ {85BBD920-42A0-1069-A2E4-08002B30309D}

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\MediaFaceExtension
<NO NAME> REG_SZ {6E3C607A-B99C-4FA8-98F5-1AC1ADF7F5B9}

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
<NO NAME> REG_SZ {750fdf0e-2a26-11d1-a3ea-080036587f03}

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
<NO NAME> REG_SZ {09799AFB-AD67-11d1-ABCD-00C04FC30936}

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
<NO NAME> REG_SZ {A470F8CF-A1E8-4f65-8335-227475AA5C46}

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZip
<NO NAME> REG_SZ {E0D79304-84BE-11CE-9641-444553540000}

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
<NO NAME> REG_SZ Start Menu Pin

»»»»»»»»»»»»»»»»»»»»»»»»» Active setup »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

"Find activesetup", version1, launched at: 10:48
Operating System: Windows XP SP2


HKLM\Software\Microsoft\Active Setup\Installed Components\
">{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\(Default)" = "Windows Media Player"
\StubPath = "C:\WINDOWS\inf\unregmp2.exe /ShowWMP" [MS]
">{26923b43-4d38-484f-9b9e-de460746276c}\(Default)" = "Internet Explorer"
\StubPath = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE" [MS]
">{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\(Default)" = "Outlook Express"
\StubPath = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE" [MS]l
  • 0

#22
Daemon

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Slightly different problem. Go here and download the fix relevant to your OS:

http://www.tech-foru...opic/29806.html

Install then try find qoologic again.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP