Jump to content
joshkmartinez

I CANNOT INSTALL MALWARE BYTES BECAUSE OF "system resource is in use"

Recommended Posts

There's still things we need to do, so you can wait while we continue. For the next step, I suggest you to disable your Rainmeter theme once more, as it might breaks it.

EndqYRa.pngSystem File Checker (SFC)
Follow the instructions below to run a SFC scan on your system and to provide the CBS log in your next reply;

  • On Windows Vista & 7, click on the Windows Start Menu, then enter cmd in the search box, right-click on the cmd icon and select Spcusrh.pngRun as Administrator
  • On Windows 8, drag your cursor in the bottom-left corner, and right-click on the metro menu preview, then select Command Prompt (Admin);
  • On Windows 8.1 and Windows 10, right click on the Windows logo in the bottom-left corner and select Command Prompt (Admin);
  • Enter the command below and press on Enter;
    sfc /scannow

    Note: There's a space between "sfc" and "/scannow";
  • Once the scan is complete, enter the command below and press on Enter
    copy %windir%\logs\cbs\cbs.log "%userprofile%\Desktop\cbs.txt"
  • A file called cbs.txt will have appeared on your Desktop. Upload the file on Dropbox, Google Drive or OneDrive and post the download URL for it here;


Note: Please note that the CBS.log is volatile, which means that if you don't upload it after the SFC scan is completed, it won't have the information from the scan anymore. So archive it and upload it as soon as you can.

Share this post


Link to post
Share on other sites

Good, now let's run a DISM scan just to make sure everything's fine too.

EndqYRa.pngDISM - Fixing Component Store Corruption
Follow the instructions below to run a DISM operation on your system.

  • On Windows 8, drag your cursor in the bottom-left corner, and right-click on the metro menu preview, then select Command Prompt (Admin);
  • On Windows 8.1 and Windows 10, right click on the Windows logo in the bottom-left corner and select Command Prompt (Admin);
  • Enter the command below and press on Enter;
    DISM /Online /Cleanup-Image /RestoreHealth
  • Let the scan run until the end (100%). Depending on your system, it can take some time;
  • Copy the C:\Windows\Logs\DISM folder and C:\Windows\Logs\CBS\CBS.log file on your Desktop, then right-click on it, go to Send to... and select Compressed .zip archive;
  • Upload the file on Dropbox, Google Drive or OneDrive and post the download URL for it here;


Note: Please note that the CBS.log is volatile, which means that if you don't upload it after the DISM scan is completed, it won't contains the information from the scan anymore. So archive it and upload it as soon as you can.

Share this post


Link to post
Share on other sites

Just to double check... I haven't gotten any ads since I have removed the VPN's. I didn't want to do this until I doubled checked with you.

Share this post


Link to post
Share on other sites

That's really good news :) You can follow the instructions in my previous post. Let's see if these ads comeback while we work on repairing your system.

Share this post


Link to post
Share on other sites

I get access is denied when i type esentutl /p <%systemroot%>\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb. I dont know why because I am running cmd as admin.

Capture1.PNG

Share this post


Link to post
Share on other sites

You need to replace:

<%systemroot%>

With:

C:\Windows

So it'll give:

esentutl /p C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb

Follow the instructions from the beginning once more.

Share this post


Link to post
Share on other sites

I don't think I can't be more precise than the instruction given in the article I linked you. Follow them.

Under "Repair the catalog database by using Esentutl", Step 5, use this command:

esentutl /p C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb

And under "Create a new catroot2 folder by using the command prompt", Step 5, use this command:

ren C:\Windows\System32\catroot2 catroot2.old

And finally, under the "Verify" article, Step 5 as well, use this command:

esentutl /g C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb

Here, hopefully that helps.

m0st7EM.png

Share this post


Link to post
Share on other sites
47 minutes ago, Aura said:

esentutl /p C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb

when i do this i get this

Capture1.PNG

Share this post


Link to post
Share on other sites

You need to stop the cryptsvc service first (Step 4). Please follow the instructions, line by line.

Share this post


Link to post
Share on other sites

You're getting an "Access denied" when stopping the service, or when running the second command (esentutl /p..)?

Share this post


Link to post
Share on other sites

Alright, follow the instructions below (we'll try to automate the first part of the fix using FRST).

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.

  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located);
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste its content in your next reply;

fixlist.txt

Share this post


Link to post
Share on other sites

It looks like it went through this time.

Which .raw file are you referring to? What's the name and location of that file?

Share this post


Link to post
Share on other sites

Well, not a single add has come. I think my main problem is fixed. Is there anything else you would like me to do?

Edited by joshkmartinez
improper grammer

Share this post


Link to post
Share on other sites

Yes, you can delete it.

It's good to know that the ads went away :) And yes, there's still a few things to do. What I'm working on right now is to address another issue you're having. Please run a new scan with FRST, and provide me the FRST.txt log afterwards.

Share this post


Link to post
Share on other sites

The fact that many items (files) belonging to Microsoft are shown as "Not Signed" on your system, which means that there's most likely an issue with the CryptSvc data. And it looks like the first part of the fix didn't work. Now, going back to the article I posted before, I would like you to follow the next set of instructions.

https://technet.microsoft.com/en-us/library/cc734083(v=ws.10).aspx?f=255&MSPPError=-2147217396

"Create a new catroot2 folder" OR "Create a new catroot2 folder using the command prompt". So you can do either method. If one doesn't work, try the other.

LhCUBaJ.png

 

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.