Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Where is this file located.....


  • Please log in to reply
15 replies to this topic

#1 jake21

jake21

  • Members
  • 369 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:58 AM

Posted 16 January 2016 - 09:30 AM

Some references to

zreglib log

I have searched my hard drive and cannot find where this file is located. Any ideas??

BC AdBot (Login to Remove)

 


#2 JohnnyJammer

JohnnyJammer

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:06:58 PM

Posted 17 January 2016 - 07:03 PM

Did you mean zreglib.log? And i assume its a windows PC?

If so then try running this command from a Dos prompt (cmd.exe from Run).

cd \ && cls && dir /b /s /on | find /i "zreglib" | sort


#3 jake21

jake21
  • Topic Starter

  • Members
  • 369 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:58 AM

Posted 17 January 2016 - 07:57 PM

Thanks let me give it a shot...Windows 7 machine...

#4 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 8,110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:04:58 AM

Posted 18 January 2016 - 11:54 AM

Another option is downloading the Search Everything program from voidtools.com.  It's available in both portable and installable formats.  I love this utility and find it invaluable in day-to-day use, but even more so when I need to search for some really obscure file "somewhere out there."  By default it does exactly what it's name says on any drive or drives you have it set up to monitor.  It will only work with NTFS and ReFS file systems, but that covers most of what's been out there for years now on hard drives.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

      Memory is a crazy woman that hoards rags and throws away food.

                    ~ Austin O'Malley

 

 

 

              

 


#5 jake21

jake21
  • Topic Starter

  • Members
  • 369 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:58 AM

Posted 18 January 2016 - 04:57 PM

Thanks for the help....I began by copy/pasting the JAMMER command .....( outlined in #2 above, from DOS prompt. After a few minutes, computer just returns with c:\

BRITECH: Downloaded and installed, voidtools. I type the following in the window...

zreglib log

Not sure what to press to actually begin the search or where to press/key,etc. Can you give me a quick howto? Thanks again to all!!!

#6 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 8,110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:04:58 AM

Posted 18 January 2016 - 07:05 PM

Downloaded and installed, voidtools. I type the following in the window...

zreglib log

Not sure what to press to actually begin the search or where to press/key,etc. Can you give me a quick howto? Thanks again to all!!!


There's nothing to press, the search begins automatically. You do need to be certain that Everything has had time to index the drive(s) you're trying to find something on, but that's usually done in under 5 minutes for the basic file name index.

If you type just "log" [sans quotes] in the search box you'll get an untold number of matches. I get nothing on my system for "zreglib", and if you get nothing when you enter that then the file does not exist, with any extension, or with "zreglib" anywhere in its name.

Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

      Memory is a crazy woman that hoards rags and throws away food.

                    ~ Austin O'Malley

 

 

 

              

 


#7 RolandJS

RolandJS

  • Members
  • 4,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:03:58 AM

Posted 18 January 2016 - 07:25 PM

Another tool to add to your collection is free-version of FileSeek [I have the pay-for Pro version].  It can't hurt to have another wrench in the toolbox.  Unless Search Everything has changed from when I tried it, I had problems with its indexing the entire HD.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#8 JohnnyJammer

JohnnyJammer

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:06:58 PM

Posted 18 January 2016 - 10:13 PM

If it returned with nothing then there is no file/folder named that mate as it searches recursively all sub folders and also using /i makes sure its not case sensitive.

Im assuming its some type if lib file, are you trying to compile software meant for unix on windows?


Edited by JohnnyJammer, 18 January 2016 - 10:13 PM.


#9 Havachat

Havachat

  • Members
  • 1,079 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sleepy Hollow - Geelong - Go Cats.
  • Local time:06:58 PM

Posted 19 January 2016 - 05:33 AM

Some references to

zreglib log

I have searched my hard drive and cannot find where this file is located. Any ideas??

Why are you trying to find it ?

 

I have windows 7 and have no reference to it .

 

And possibly something you dont want or need anyway...either virus or malware.



#10 jake21

jake21
  • Topic Starter

  • Members
  • 369 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:58 AM

Posted 19 January 2016 - 12:28 PM

This file pops up when I start the computer.....just a box with this name inside it....I can x and continue...not sure what it goes with or how, trying to access/delete this file if I can find it...Thanks, I'll do some more looking with the suggestions.

#11 Jo*

Jo*

  • Malware Response Team
  • 3,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:58 AM

Posted 19 January 2016 - 12:53 PM

:step1: Scan with SystemLook
  • Please download SystemLook (32-bit) by jpshortstuff and save it to your desktop
  • Please download SystemLook (64-bit) by jpshortstuff and save it to your desktop For 64-bit users
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following code box into the main textfield:
:reg 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

:regfind
zreglib
BootExecute
AppInit_DLLs
Userinit

:folderfind
*zreglib*

:filefind
*zreglib*
  • Click the Look button to start the scan (may take 5 ... 15 min.)
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
  • Please copy and paste the log to your reply.

Edited by Jo*, 19 January 2016 - 01:23 PM.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#12 jake21

jake21
  • Topic Starter

  • Members
  • 369 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:58 AM

Posted 19 January 2016 - 03:19 PM

THanks to all for the great help......SEE anythingy?

 

SystemLook 30.07.11 by jpshortstuff
Log created at 14:15 on 19/01/2016 by RAY
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Everything"=""C:\Program Files\Everything\Everything.exe" -startup"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"=""C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(No values found)

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(No values found)

========== regfind ==========

Searching for "zreglib"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zreglib]
[HKEY_USERS\S-1-5-21-3453812196-362897383-29464260-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zreglib]

Searching for "BootExecute"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-smss-bootexecute_31bf3856ad364e35_none_2f98bf433f61b9b2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\wow64_microsoft-windows-smss-bootexecute_31bf3856ad364e35_none_39ed699573c27bad]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager]
"BootExecute"="autocheck autochk *"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Session Manager]
"BootExecute"="autocheck autochk *"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
"BootExecute"="autocheck autochk *"

Searching for "AppInit_DLLs"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"APPINIT_DLLS"="SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"APPINIT_DLLS"="SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

Searching for "Userinit"
[HKEY_CURRENT_USER\Software\Microsoft\Office\Common\UserInfo]
"UserInitials"="R"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-userinit.resources_31bf3856ad364e35_en-us_903c6331299f704a]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-userinit_31bf3856ad364e35_none_a11115c99b789ded]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-userinit.resources_31bf3856ad364e35_en-us_341dc7ad7141ff14]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-userinit_31bf3856ad364e35_none_44f27a45e31b2cb7]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\Windows\system32\userinit.exe,"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="userinit.exe,"
[HKEY_USERS\S-1-5-21-3453812196-362897383-29464260-1001\Software\Microsoft\Office\Common\UserInfo]
"UserInitials"="R"

========== folderfind ==========

Searching for "*zreglib*"
No folders found.

========== filefind ==========

Searching for "*zreglib*"
C:\ProgramData\.zreglib ---hs-- 40 bytes [19:59 19/01/2016] [20:10 19/01/2016] 0CE11402364C820A26E7DC4A4244AD07
C:\Users\All Users\.zreglib ---hs-- 40 bytes [19:59 19/01/2016] [20:10 19/01/2016] 0CE11402364C820A26E7DC4A4244AD07

-= EOF =-



#13 Jo*

Jo*

  • Malware Response Team
  • 3,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:58 AM

Posted 19 January 2016 - 03:34 PM

========== filefind ==========
Searching for "*zreglib*"
C:\ProgramData\.zreglib ---hs-- 40 bytes [19:59 19/01/2016] [20:10 19/01/2016] 0CE11402364C820A26E7DC4A4244AD07
C:\Users\All Users\.zreglib ---hs-- 40 bytes [19:59 19/01/2016] [20:10 19/01/2016] 0CE11402364C820A26E7DC4A4244AD07

web search indicates, they could be related to AnyDVD trial

these are hidden files, so you have to enable showing hidden files in Windows Explorer.

----

autostart key for AnyDVD
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"=""C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe""

Edited by Jo*, 19 January 2016 - 03:38 PM.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#14 jake21

jake21
  • Topic Starter

  • Members
  • 369 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:58 AM

Posted 19 January 2016 - 08:01 PM

Thanks...I deleted this program.....must be some items left over from the delete. Thank you

#15 jake21

jake21
  • Topic Starter

  • Members
  • 369 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:58 AM

Posted 20 January 2016 - 08:41 AM

Thanks to all....




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users