Jump to content


  • Posts

  • Joined

  • Last visited


0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I uninstalled the product right after i wrote of my displeasure. Unfortunately the product also changed my network name to some router I have never had possession of. Thank you for the experience finding the original names' correct spelling. then allow changes to network names in gpedit. I never saw that feature in the older product. Must keep you busy showing others how to use it. I wonder what other great features i will find later. You can use as examples for an advanced install most other products installers. If you are still stumped. Microsoft office is an example. You can also look at Windows programs and features -> Windows features -> Print and Document Services -> see how there is a little check boxes to select what services you wish to add . Amazing right. So has symantec and mcafee. The current product manager should change direction or someone else there should take the helm. Remind them it's called Malware bytes - get it. Take the time to explain it to them. Good luck on your new product. It wasn't what I had expected. Regards -John Please do not take the sarcasm personally.
  2. I have used Mb for man years and a free product to test for and remove malware. Thank you to the team that drove that product. I am not familiar with MB adding new features (Well i was hoping for change) when i googled it and downloaded it from your site. Today I reinstalled it and picked the advanced install. Could someone explain the reason for this option and there are not options for what actually gets installed. I mesan should I choose if my antivirus and ransomware products are going to be disabled? Isn't that really what an advanced install is - you know where the options are offers as to what features are installed. What happens at the end of the trial to the unsuspecting consumer at the end of the trial - does MB enable their anti virus. Forget that. I am not going to go into how sneaky it and underhanded it is to do that without notice - just like real malware would do. Seems Malware bytes has come full circle - congratulations. Let the excuses fly where they will. But what should and advanced install offer with a multi intrusive product when its messing with machine protection?
  3. Thanks for everyone's help. Its pretty obvious its no fault of MB's You were the only ones who tried to help. I wasted a lot of time looking only at the admin events and cbs.log and not at full event "picture" which indicated the start of a disk failure and probably started the snowball. I imaged the drive with clonezilla using its "recovery" option. Of course i still had some currupted files The files i was trying to recover were not in the standard build a cd there had been and update applied KB4571756 was one of the Win 10 2004 updates I was running DISM /Online /Cleanup-Image /CheckHealth DISM /Online /Cleanup-Image /ScanHealth DISM /Online /Cleanup-Image /RestoreHealth sfc /scannow sfc /scannow sfc /scannow In the time I spend attempting different options my restore points were overwritten. So I restored the drive from the image. I used DISM to reapply kb4571756 which it did. (example below) DISM /Online /Cleanup-Image /RestoreHealth /Source:wim:F:\Sources\install.wim:1 /LimitAccess (i actually had to extract the correct index into its own file for the wim:1 to work lost cmd in restore) DISM.exe /Online /Add-Package /PackagePath:X:\temp\Windows10.0-KB4571756-x64_PSFX.cab The issue was still there so I began uninstalling anything that had installed a couple of days before I started having issues including windows updates and kb4571756 rebooted. StateRepository was disabled through all so set it to manual Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\StateRepository\start =3 I got a desktop but a spinning circle on the start/task bar - so with a ctrl-alt-del i was able to run a task manager and got to a command prompt again Then ran : DISM /Online /Cleanup-Image /CheckHealth DISM /Online /Cleanup-Image /ScanHealth DISM /Online /Cleanup-Image /RestoreHealth sfc /scannow sfc /scannow sfc /scannow CBS.LOG showed it fixed a couple of corrupt files but the errors I was getting earlier did not show. rebooted and I am now at Version 10.0.19041.450 My machine is now back working. dism /online /get-packages /format:table dism /online /get-packageinfo /packagename:"Package_for_KB4577266~31bf3856ad364e35~amd64~~19041.504.1.2" dism /Online /Remove-Package /PackageName:Package_for_KB4577266~31bf3856ad364e35~amd64~~19041.504.1.2 Resource https://www.repairwin.com/how-to-remove-windows-updates-using-wusa-and-dism-commands/ https://chefkochblog.wordpress.com/2018/02/24/fix-all-update-kb-related-issue-via-dism/ Thanks again
  4. *** Update *** I was able to copy the needed files from boot media except for StateRepository which I had to disable via Regedit in safe mode Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\StateRepository Change Start to 4 (disable) I was then able to get a desktop and a task manager - but as of yet, no explorer, no start button, no bar. But I can click on the desktop icons or start apps in the task manager. Errors are AppXSvc crying about the State Repository not started and Faulting application name: explorer.exe, version: 10.0.19041.488, time stamp: 0xb1a44bf9 Faulting module name: ucrtbase.dll, version: 10.0.19041.488, time stamp: 0x0d8057d8 Exception code: 0xc0000409 Fault offset: 0x000000000007287e Faulting process id: 0xaa8 Faulting application start time: 0x01d6a5d2b6d60f91 Faulting application path: C:\WINDOWS\explorer.exe Faulting module path: C:\WINDOWS\System32\ucrtbase.dll Report Id: 21cfaa66-05d0-4322-ba16-b16033d06723 Faulting package full name: Faulting package-relative application ID:
  5. Sorry, I missed this i am running now=. It is asking for a ticket number should i just ignore?
  6. I am running the 64bit version FRST The reason I uninstalled MB was because of the nag. The machine will only boot to save mode with command prompt. The file that sfc keeps stumbling on Windows.StateRepository.dll clip below I all looked at first like the drive was failing but whenever i tried to boot normally the only app that seemed to start after login was the MB installer wanting to install an update. It didn't matter if i Clicked YES and waited a few hours or NO. There would be a blue spinning circle and if i clicked on the screen it would flash CTRL-ALT-DEL only allowed logoff or switch user. Task manager would not start. I could do a Shift-Restart. Safe mode with or without networking would never come up. the only way i have access is Save-Mode command prompt. I have also restored two different sets but the MB Installer would still show. I eventually used NIRsoft utilities to try and uninstall and went as far as renaming the folders (and renamed them back) the chameleon process could not be removed or disabled . I paid more attention to the sfc/dism logs and the permission messages re: ...system32\drivers\en-US taking ownership and icacls reset and those errors went away along with the chameleon process. however the services entries still exist and i am sure i can remove them with sc ao i am back to my spinning blue circle (no longer trying to do a MB update) and my corrupt Windows.StateRepository.dll I have gotten myself a bit deeps and lost not knowing how i got here. FRST is finished is there a non public box i can send them? Thanks for your response if you can offer direction it would be appreciated. -John 2020-10-09 15:56:27, Error CSI 000001a1@2020/10/9:19:56:27.297 (F) onecore\base\wcp\sil\ntsystem.cpp(3674): Error c0000242 [Error,Facility=(system),Code=578 (0x0242)] originated in function Windows::Rtl::SystemImplementation::DirectFileSystemProvider::SysReadFile expression: (null) [gle=0x80004005] 2020-10-09 15:56:27, Info CBS Could not get active session for current session file logging [HRESULT = 0x80004003 - E_POINTER] 2020-10-09 15:56:27, Info CBS Could not get file name for current session file logging [HRESULT = 0x80004003 - E_POINTER] 2020-10-09 15:56:27, Info CBS Added C:\WINDOWS\Logs\CBS\CBS.log to WER report. 2020-10-09 15:56:27, Info CBS Added C:\WINDOWS\Logs\CBS\CbsPersist_20201005153427.cab to WER report. 2020-10-09 15:56:27, Info CBS Added C:\WINDOWS\Logs\CBS\CbsPersist_20201005101637.cab to WER report. 2020-10-09 15:56:27, Info CBS Added C:\WINDOWS\Logs\CBS\CbsPersist_20201001210639.cab to WER report. 2020-10-09 15:56:27, Info CBS Added C:\WINDOWS\Logs\CBS\CbsPersist_20200929201611.cab to WER report. 2020-10-09 15:56:27, Info CBS Not able to add pending.xml to Windows Error Report. [HRESULT = 0x80070002 - ERROR_FILE_NOT_FOUND] 2020-10-09 15:56:27, Info CBS Not able to add pending.xml.bad to Windows Error Report. [HRESULT = 0x80070002 - ERROR_FILE_NOT_FOUND] 2020-10-09 15:56:27, Info CBS Not able to add poqexec.log to Windows Error Report. [HRESULT = 0x80070002 - ERROR_FILE_NOT_FOUND] 2020-10-09 15:56:27, Info CBS Not able to add SCM.EVM to Windows Error Report. [HRESULT = 0x80070002 - ERROR_FILE_NOT_FOUND] 2020-10-09 15:56:27, Error CSI 000001a2 (F) c0000242 [Error,Facility=(system),Code=578 (0x0242)] #19868279# from Windows::Rtl::SystemImplementation::DirectFileSystemProvider::SysReadFile(h = 708 ('\Device\HarddiskVolume3\Windows\WinSxS\amd64_windows-staterepository_31bf3856ad364e35_10.0.19041.508_none_dad6dd3627c4da6b\Windows.StateRepository.dll'), evt = 0, apcr = NULL, apcc = NULL, iosb = @0xb11afbb50, data = {l:0 b:}, byteoffset = 0, key = (null)) [gle=0xd0000242] 2020-10-09 15:56:27, Error CSI 000001a3 (F) c0000242 [Error,Facility=(system),Code=578 (0x0242)] #19868278# from Windows::Rtl::SystemImplementation::CFile::ReadFile(Flags = 3, Buffer = {l:0 ml:4194304 b:}, Offset = 0, Disposition = 0)[gle=0xd0000242]
  7. downloaded latest version of MB and Installed ran till trial up and uninstalled on windows 10 machine ver 10.0.19041.508 Now i can only boot machine to safe mode with command prompt. tried system restore of image 2 days before - same tried system restore of image 2 weeks before - same in save mode the driver for md are still there and CANNOT be remove even after MB uninstall program report app is removed sfc and dism fail output after running the below commands in sequence attached dism /online /Cleanup-Image /StartComponentCleanup sfc /scannow sfc /scannow dism /online /cleanup-image /checkhealth dism /online /cleanup-image /scanhealth dism /online /cleanup-image /restorehealth sfc /scannow sfc /scannow I have downloaded a couple of windows installer cd and extracted win 10 pro (6) and converted the install.esd to install.win and extracted the sources folders but they didn't seem to have the correct versions of the reported (CBS.LOG - bottom) corrupt dll's. I think i did find the correct dll's in KB4571756. I am asking for any assistance you can offer before i move forward to at least assist me with getting MB removed from the machine before i return to chasing my tail Thank you dism.log cbs.log
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.