Still missing this registry key as well, not sure if it has anything to do with the problem for WMP. Everything else seems to be working perfectly again, except that.
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb558}\In procServer32
Scratch that last one... f414c260 is back after running ghotiacre.zip once again.
I ran a new find.bat, and here's the current results... I don't see vbscript.dll anywhere...
D:\WINDOWS\$NtServicePackUninstall$\vbscript.dll
D:\WINDOWS\ServicePackFiles\i386\vbscript.dll
D:\WINDOWS\system32\vbscript.dll
D:\WINDOWS\system32\dllcache\vbscript.dll
D:\WINDOWS\$hf_mig$\KB917344\SP2QFE\jscript.dll
D:\WINDOWS\$NtServicePackUninstall$\jscript.dll
D:\WINDOWS\$NtUninstallKB917344$\jscript.dll
D:\WINDOWS\ServicePackFiles\i386\jscript.dll
D:\WINDOWS\system32\jscript.dll
D:\WINDOWS\system32\dllcache\jscript.dll
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}]
@="JScript Language Encoding"
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories\{F0B7A1A1-9847-11CF-8F20-00805F2CD064}]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories\{F0B7A1A2-9847-11CF-8F20-00805F2CD064}]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories\{F0B7A1A3-9847-11CF-8F20-00805F2CD064}]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32]
@="D:\\WINDOWS\\system32\\jscript.dll"
"ThreadingModel"="Both"
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\OLEScript]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\ProgID]
@="JScript.Encode"
D:\WINDOWS\$NtServicePackUninstall$\vbscript.dll
D:\WINDOWS\ServicePackFiles\i386\vbscript.dll
D:\WINDOWS\system32\vbscript.dll
D:\WINDOWS\system32\dllcache\vbscript.dll
D:\WINDOWS\$hf_mig$\KB917344\SP2QFE\jscript.dll
D:\WINDOWS\$NtServicePackUninstall$\jscript.dll
D:\WINDOWS\$NtUninstallKB917344$\jscript.dll
D:\WINDOWS\ServicePackFiles\i386\jscript.dll
D:\WINDOWS\SoftwareDistribution\Download\a39d7c907193cb74dabeac9b04866368\sp2gdr\jscript.dll
D:\WINDOWS\system32\jscript.dll
D:\WINDOWS\system32\dllcache\jscript.dll
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}]
@="JScript Language"
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories\{F0B7A1A1-9847-11CF-8F20-00805F2CD064}]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories\{F0B7A1A2-9847-11CF-8F20-00805F2CD064}]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32]
@="D:\\WINDOWS\\system32\\jscript.dll"
"ThreadingModel"="Both"
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\OLEScript]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\ProgID]
@="JScript"
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c261-6ac0-11cf-b6d1-00aa00bbbb58}]
@="JScript Language Authoring"
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c261-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c261-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories\{0AEE2A92-BCBB-11D0-8C72-00C04FC2B085}]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c261-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32]
@="D:\\WINDOWS\\system32\\jscript.dll"
"ThreadingModel"="Both"
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c261-6ac0-11cf-b6d1-00aa00bbbb58}\OLEScript]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c261-6ac0-11cf-b6d1-00aa00bbbb58}\ProgID]
@="JScript Author"
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}]
@="JScript Language Encoding"
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories\{F0B7A1A1-9847-11CF-8F20-00805F2CD064}]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories\{F0B7A1A2-9847-11CF-8F20-00805F2CD064}]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\Implemented Categories\{F0B7A1A3-9847-11CF-8F20-00805F2CD064}]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32]
@="D:\\WINDOWS\\system32\\jscript.dll"
"ThreadingModel"="Both"
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\OLEScript]
[HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\ProgID]
@="JScript.Encode"
Microsoft addressed the ActiveX problems by having users download from this URL.
http://windowsxp.mvps.org/reg/olereg.vbs
But, when I try to load up the reg change, I an error stating:
"Can't find script engine "VBScript" for script "D:\Documents and Settings\Denise\Desktop\olereg.vbs".
This furthers me to believe that the registry change fixed my jscript problems, but now my VBScript problems need to be addressed... I still can't figure out why I can't /unregister or regsvr those 2 DLL's...
Now that System Restore is back, should I do a restore?
(No more questions/posts until you reply, I promise.)
Hi
Ok so you have tried to register the dlls in normal mode ?
What is the latest restore point before the problems ?
You could also try is re-installing the Windows Script 5.6 helps -> Link
Same problem as before... Error installing jscript.dll and vbscript.dll.
I have a system restore point that goes back to the 3rd of January, but I wonder that after fixing the .dll problems, will they return when I go to clean the PC of malware again?
What do you think I should try?
Oh, and yes. I've tried to register in Normal Mode, Safe Mode, and every User profile that exists on the PC...
I am the bearer of bad news today...
System Restore fails to restore to the 2 restore points from the 3rd of January. There are no earlier dates as no one else that used this PC ever used it. I think I'm looking at a reformat, and I really don't want to do that to someone else's PC........
Hi again
So you want to reformat ? I'll give you instructions if you want...
Were you able to replace (earlier) both of the files jscript.dll and vbscript.dll?
Did you get an error when you tried to do it ?
Did you try to install Windows Script 5.6 ?
Please let me know
The script 5.6 did not work, it failed to install jscript.dll and vbscript.dll.
The right click copy and overwrite from the system32 file worked and replaced them, yet it still failed to register them.
I want to avoid a reformat if at all possible. I will have to find out if the owner wants it done or not.
Posting Permissions
