This could be because:
- the file isn't in the default path. Do as suggested and search for
the file.
- the hard drive has issues and lost the file. Run Chkdsk and see if
there are problems.
- malware is sending a false report that the file isn't seen. See if
you can run Task Manager, and Regedit as a test.
- malware removed it. Run these:
Malwarebytes© Corporation
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
SuperAntispyware
http://www.superantispyware.com/superantispywarefreevspro.html
--
Joe =o)
I also have this one:
C:\WINDOWS\ServicePackFiles\i386
But yours is in the correct place, C:\WINDOWS\pchealth\helpctr\binaries\
Since you also can't run two malware programs, I suspect you're
infected. Three things I would try in the order shown:
1. Open Task Manager and stop any processes you don't recognize. If you
close the wrong one and the computer freezes, just restart and try
again. After stopping many unneeded processes, try Malwarebytes again.
2. If that didn't work, boot to Safe Mode and run Malwarebytes there.
3. Burn BitDefender, or another program listed at the link below, to a
CD (using a working machine) and test the infected machine with it.
BitDefender also has a Rootkit checker on the Linux Desktop; run it if
you think that's the problem:
http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/
Download the executable rather than the .iso image, if one is available,
(though no .exe is available for BitDefender).
After the scan is run, if you elect to quarantine files, they're
quarantined to RAM and lost after you reboot. You'll need to copy any
quarantined files to the hard drive, a thumb drive or elsewhere before
exiting.
Then run these:
Malwarebytes© Corporation
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
SuperAntispyware
http://www.superantispyware.com/superantispywarefreevspro.html
> I actually ran both Malwarebytes' Anti-Malware and SuperAntiSpyware
> earlier today, but each time the check was aborted because Windows
> froze. No threats were found before that.
>
> Chkdsk would probably take a year to complete.
--
Joe =o)
It could be malware and you should figure out why MBAM and SAS will
not run and fix that.
msconfig.exe (the one that gets run) is where it is supposed to be
which is:
C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
The path to msconfig is in the regsistry app paths variable.
HKLM\sotware\microsoft\windows\currentversion\app paths\msconfig\
The default value contains the path to the msconfig executable. It
should contain:
C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
It is in some other locations on your HDD on purpose since it is a
Windows Protected File. If you delete the correct one and WFP is
working, it will be quickly and silently be replaced with the copy
from dllcache and an event like this in the System Event Log:
Event Type: Information
Event Source: Windows File Protection
Event Category: None
Event ID: 64002
Description:
File replacement was attempted on the protected system file c:\windows
\pchealth\helpctr\binaries\msconfig.exe. This file was restored to the
original version to maintain system stability. The file version of the
system file is 5.1.2600.5512.
Rebuild the key and Windows will find msconfig. Merge this to your
registry:
=================================================================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App
Paths\MSCONFIG.EXE]
@="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe"
=================================================================
John
You're welcome.
> I wonder why the registry key had been deleted.
My first guess would be malware.
John
What changed, that you were able to run mbam and sas?
--
Joe =o)
A registry cleaner, or bad hard drive are two ways to lose critical
entries from the registry, I suppose.
--
Joe =o)