Application not found for aswMBR after download

View previous topic View next topic Go down

Application not found for aswMBR after download

Post by KSmith39 on 15th May 2011, 1:25 pm

Ran the OTL scan and downloaded aswMBR, but notepad never opened. I am also unable to open aswMBR. System error says that the application is not found


Last edited by KSmith39 on 15th May 2011, 1:58 pm; edited 1 time in total

KSmith39
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2011-05-15
OS OS : XP
Points Points : 20378
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Application not found for aswMBR after download

Post by Gabethebabe on 15th May 2011, 1:52 pm

Hi there KSmith39 and welcome to GeekPolice!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:
  • Whilst I´m helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  • Feel free to ask questions! Especially if my instructions are not clear. I´m here to help, not confuse you.
  • I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  • Stick with me till the end. If your computer starts running better, doesn´t mean it is clean yet!

====================

What I think happens is that aswMBR is detected by your security software as a threat (which it obv is not) and deleted. So I would recommend you to temporarily disable your security software (antivirus and firewall) and try and rerun the OTL and aswMBR scans.

Please check out [You must be registered and logged in to see this link.] to find out how to temporarily disable any security software.

====================

Please download OTL by OldTimer from [You must be registered and logged in to see this link.] and save it to your desktop.
  • Close all windows and double click OTL.exe.
  • The Extra Registry setting should be Use Safelist
  • Copy and paste the following text into the Custom Scans/Fixes box:

Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\drivers\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
/md5start
atapi.sys
explorer.exe
iastor.sys
userinit.exe
winlogon.exe
/md5stop
  • Click the Run Scan button and allow it to run.
  • It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  • You may need multiple posts to get it all.

====================

Please download aswMBR by Alwil Software from [You must be registered and logged in to see this link.] and save it to your desktop.

  • Double click aswMBR.exe to run the tool
  • Click the Scan button to start the scan
  • Don´t panic if you see any **Rootkit** entries. The tool sometimes produces false alarms
  • Once the scan finishes click Save log to save the log to your desktop
  • Copy and paste the contents of this log (aswMBR.txt) into your next reply.


Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38228
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Application not found for aswMBR after download

Post by KSmith39 on 15th May 2011, 2:04 pm

(Thank you for your help.) Could not disable my security as I am unable to open anything in my control panel. Error msg C:WINDOW\system32\rundll32.exe Application not found

KSmith39
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2011-05-15
OS OS : XP
Points Points : 20378
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Application not found for aswMBR after download

Post by KSmith39 on 15th May 2011, 4:02 pm

I did a search and was able to locate the logs, but I am still unable to open aswMBR. Same error msg.

OTL logfile created on: 5/15/2011 11:40:21 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Admin\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

992.00 Mb Total Physical Memory | 513.00 Mb Available Physical Memory | 52.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 78.44 Gb Free Space | 70.18% Space Free | Partition Type: NTFS

Computer Name: ADMIN-60728E01A | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/15 09:11:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\My Documents\Downloads\OTL.com
PRC - [2011/04/14 12:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/03/05 00:05:26 | 000,096,752 | ---- | M] () -- C:\Program Files\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe
PRC - [2008/06/27 17:24:34 | 000,467,028 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/15 09:11:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\My Documents\Downloads\OTL.com
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2008/04/13 20:11:50 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2006/12/01 23:56:00 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/03/05 00:05:26 | 000,096,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe -- (CEEBC40A-FDED-4C59-B354-939132350B01)
SRV - [2008/06/27 17:24:34 | 000,467,028 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2008/02/27 12:54:52 | 000,360,547 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\NETGEAR\WNA1000\jswpsapi.exe -- (jswpsapi)


========== Driver Services (SafeList) ==========

DRV - [2011/05/15 08:41:49 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BB9FB077-2D37-412B-8732-054D9A8BE53B}\MpKsl3533c9a9.sys -- (MpKsl3533c9a9)
DRV - [2009/01/14 03:23:00 | 000,458,752 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WNA1000.sys -- (WNA1000)
DRV - [2008/10/01 17:45:52 | 000,057,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jswscimd.sys -- (JSWSCIMD)
DRV - [2007/12/14 05:31:00 | 000,057,408 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2004/08/03 18:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/07/24 13:10:34 | 000,017,149 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DNINDIS5.sys -- (DNINDIS5)
DRV - [2002/07/24 19:56:18 | 000,205,696 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2002/07/20 10:22:30 | 000,815,819 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSM.sys -- (LucentSoftModem)
DRV - [2002/07/19 14:25:58 | 000,202,880 | ---- | M] (YAMAHA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yacxgc.sys -- (WDM_YAMAHAAC97)
DRV - [2002/07/03 18:50:36 | 000,031,586 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyWBMS.sys -- (SONYWBMS) Sony Memory Stick controller(WB)
DRV - [2002/04/03 19:51:34 | 000,005,760 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2000/02/23 08:24:00 | 000,003,888 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "chrome://foxtab/content/homepage.html"
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.2b
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:3.3.5
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - HKLM\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/03/13 19:07:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/03/13 19:07:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/10 23:51:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/14 13:54:54 | 000,000,000 | ---D | M]

[2010/12/18 12:47:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions
[2011/05/10 23:51:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\7dt1kmfa.default\extensions
[2010/12/18 17:43:45 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\7dt1kmfa.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2011/05/01 20:35:35 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\7dt1kmfa.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/04/15 22:24:05 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\7dt1kmfa.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2011/05/01 14:55:12 | 000,000,000 | ---D | M] (Download Youtube Videos +) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\7dt1kmfa.default\extensions\video.downloader.plugin@ffpimp(2).com
[2011/05/01 15:35:36 | 000,000,000 | ---D | M] (Download Youtube Videos +) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\7dt1kmfa.default\extensions\video.downloader.plugin@ffpimp.com
[2011/05/10 23:51:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/01/11 04:39:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/04/14 12:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/01/09 04:16:05 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/05/14 13:54:54 | 001,152,488 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPFxViewer.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5

KSmith39
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2011-05-15
OS OS : XP
Points Points : 20378
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Application not found for aswMBR after download

Post by Gabethebabe on 15th May 2011, 5:56 pm

[You must be registered and logged in to see this link.] wrote:Error msg C:WINDOW\system32\rundll32.exe Application not found
OK, this is a pretty important system file that appears to be missing. Let´s see if that is indeed the case and if we can find a backup copy.

Please download SystemLook by jpshortstuff from one of the locations below and save it to your desktop.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
  • Double-click SystemLook.exe to run it.
  • Copy the following text into the main textfield:

:filefind
rundll32.exe
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop (SystemLook.txt.)

====================

In case we cannot find a backup copy: do you have a Windows XP setup disk?

Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38228
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Application not found for aswMBR after download

Post by KSmith39 on 15th May 2011, 6:02 pm

Its asking which program I would like to use to open this file. None seem to be an appropriate choice to me. Hmmm... (Recommends Firefox, but that just gives me a blank tab)
I had a disk, but it appears to have been "lifted". I'll keep looking while I wait.

OOPS! Sorry, I did find my disk.


Last edited by KSmith39 on 15th May 2011, 6:40 pm; edited 1 time in total (Reason for editing : Found XP disk)

KSmith39
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2011-05-15
OS OS : XP
Points Points : 20378
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Application not found for aswMBR after download

Post by Gabethebabe on 16th May 2011, 6:19 am

[You must be registered and logged in to see this link.] wrote:Its asking which program I would like to use to open this file.
You computer is asking which program should be used to open systemlook.exe?

We can try and fix that:

  • Please download exefix from [You must be registered and logged in to see this link.].
  • Doubleclick it to run. After that try running systemlook again.



Gabethebabe
Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38228
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum