I CANNOT INSTALL MALWARE BYTES BECAUSE OF "system resource is in use"

[joshkmartinez]

I think i know why I have been getting the error im the cmd all the time. Its becasue the floder is in use. This is also why i cannot rename catroot2 to catroot2.old.

[joshkmartinez]

May I turn on my rainmeter skins? I really miss them.

[Aura]

You can turn it on, yes.

And you stopped the Cryptographic Service before trying to rename the folder, right?

[joshkmartinez]

Yep

[Aura]

Okay, try to restart your computer before following the renaming procedure. If it doesn't work, let me know and we'll try to disable the service beforehand.

[joshkmartinez]

 I still get the exact same error that the folder is in use by another program.

[joshkmartinez]

What shall I do now?

[Aura]

Alright, press on the Windows + R keys, enter services.msc and press on Enter. In the Services window, look for Cryptographic Services, right-click on it, select Properties and change the Startup Type to Disabled. Once done, restart your computer and try to rename the folder.

[joshkmartinez]

This is very annoying and unusual. I still get the same error even when the cryptographic service is turned off at start up

[joshkmartinez]

Should I also activate the service at start up again?

[Aura]

Yes, un-do the chance and change the Startup type to "Automatic". I'll see if I can create a fix that will force rename the folder on boot. I've done it once before, I just need to find it in my stuff.

[joshkmartinez]

Still with me on this???

I'd like to also fix my windows store problem...

Edited June 9, 2017 by joshkmartinez

[Aura]

Sorry for the delay, I just found an old post of mine for that issue. In the command prompt (with Admin Rights, of course), before using the ren command to rename the catroot2 folder, enter these commands (1 by 1):

net stop wuauserv
net stop cryptSvc
net stop bits

So the full set of commands would be:

net stop wuauserv
net stop cryptsvc
net stop bits
ren C:\System32\catroot2 catroot2.old
net start bits
net start cryptsvc
net start wuauserv

 

[joshkmartinez]

Ok, what now?

[Aura]

Did you rename the catroot2 folder to catroot2.old successfully?

[joshkmartinez]

Yes

[Aura]

Good. Now follow the instructions under the "Verify" paragraph, and give me a screenshot of the command prompt once the esentutl command is done running.

https://technet.microsoft.com/en-us/library/cc734083(v=ws.10).aspx?f=255&MSPPError=-2147217396

net stop cryptsvc
esentutl /g C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
net start cryptsvc

 

[joshkmartinez]

[Aura]

Good Now please run a new scan with FRST and provide me the FRST.txt log afterward.

[joshkmartinez]

FRST.txt

[joshkmartinez]

What do you think now?

[Aura]

Well, the "issue" is still present, though from my understanding, it probably was before you were infected, as the malware you were infected with doesn't cause it. For now, if it doesn't cause you any issues, it's fine.

How's your system behaving now? Are there any other malware-related issues left to address that you can see?

[joshkmartinez]

No my all of my malware related problems are fixed. Thank you so much for your time and commitment. However, I would like to fix my windows store problem.

[Aura]

What's your Windows Store issue?

[joshkmartinez]

Every solution I have tried online doesn't work