Corrupt Files After Virus

Brick

Active member
Joined
Aug 27, 2013
Posts
36
Ages ago a virus infected my computer, ruining it for a day or 2, i successfully removed the virus using multiple antimalware/virus softwares (mainly malwarebytes) but i've never been able to fix .net framework updates from failing every time, so i did a sfc scan and i saw tons of corrupt or whatever files
Attatched are my logs:
 
Hello Brick, welcome to Sysnative!

Your CBS log shows the following corruption:

Code:
2013-08-27 21:15:35, Info                  CSI    00000310 [SR] Repairing 13 (0x000000000000000d) components
2013-08-27 21:15:35, Info                  CSI    00000311 [SR] Beginning Verify and Repair transaction
2013-08-27 21:15:35, Info                  CSI    00000312 [SR] Cannot verify component files for Microsoft-Windows-ACLUIFileFolderTool.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    00000313 [SR] Cannot repair member file [l:18{9}]"MSDTC.LOG" of Microsoft-Windows-COM-DTC-Runtime, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-08-27 21:15:35, Info                  CSI    00000314 [SR] Cannot verify component files for Microsoft-Windows-DIMS-AutoEnroll.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    00000315 [SR] Cannot verify component files for Microsoft-Windows-DIMS-KeyRoam.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    00000316 [SR] Cannot verify component files for Microsoft-Windows-DIMS.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    00000317 [SR] Cannot verify component files for WCF-System.IO.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:b03f5f7f11d50a3a}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    00000318 [SR] Cannot verify component files for System.IO.Log.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_MSIL (8), Culture = [l:10{5}]"en-us", VersionScope neutral, PublicKeyToken = {l:8 b:b03f5f7f11d50a3a}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    00000319 [SR] Cannot verify component files for System.IO.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_MSIL (8), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:b03f5f7f11d50a3a}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    0000031a [SR] Cannot verify component files for Microsoft-Windows-ACLUIFileFolderTool.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    0000031b [SR] Cannot verify component files for Microsoft-Windows-DIMS.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    0000031c [SR] Cannot verify component files for Microsoft-Windows-DIMS-AutoEnroll.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    0000031d [SR] Cannot verify component files for Microsoft-Windows-DIMS-KeyRoam.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    0000031e [SR] Cannot verify component files for WCF-System.IO.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:b03f5f7f11d50a3a}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    0000031f [SR] Cannot repair member file [l:18{9}]"MSDTC.LOG" of Microsoft-Windows-COM-DTC-Runtime, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-08-27 21:15:35, Info                  CSI    00000320 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

Can you download and install the System Update Readiness Tool (SURT) please?

Download System Update Readiness Tool for Windows 7 for x64-based Systems (KB947821) [August 2013] from Official Microsoft Download Centre

Then post the log:

C:\Windows\Logs\CBS\CheckSUR.persist.log

Tom
 
Hello :)

WARNING: This fix has been created specifically for this user. If you are not this user, do not follow these instructions as you may cause serious harm to your computer.
Download a copy of SFCFixScript.zip attached to this post, and save it to your Desktop.
Then download a copy of SFCFix.exe from here: https://www.sysnative.com/forums/downloads/sfcfix/, and also save it to your Desktop.
Single click on SFCFixScript.zip and drag and drop it on top of SFCFix.exe. SFCFix will open and perform a fix for your CheckSUR.log corruption.
A logfile called SFCFix.txt will open (and be saved to your Desktop). Please copy and paste the report into your next reply.

Thank you!

Richard
 

Attachments

Please re-run SFC, and let us know whether it comes out clean. Also, are any of your other problems persisting?

Reason being: we've now fixed everything in your first set of logs. But if your problems remain, we'll take another set and see what's left.

:)

Richard
 
Windows resource protection did not find any integrity violations, about to restart my computer to see if all the updates will work.
 
I am still having repairing/installing updates for .net framework, it says "Installation is forbidden. Contact your system administrator."

clicking on log file showed this:
Read More:

with the Msi log below

 

Attachments

I also have problems using .msi files, i have to use troubleshooter where it says changes made: skip version check
 
I also have problems using .msi files, i have to use troubleshooter where it says changes made: skip version check, also about the last post: i have tried the fixit 50123 and 50202
 
Hello again :)

Open an Elevated Command Prompt:https://www.sysnative.com/forums/wi...-prompt-window-windows-windows-vista-7-a.html

Run the following commands (copy and paste them in):

Code:
mkdir %userprofile%\Desktop\exports_for_niemiro
reg EXPORT HKLM\Software\Policies\Microsoft\Windows\Installer %userprofile%\Desktop\exports_for_niemiro\installer.reg
reg EXPORT HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy  Objects\{A541BD3D-1A70-4D7B-BC99-CF1ADFC0DE9F}Machine\Software\Policies\Microsoft\Windows\Safer %userprofile%\Desktop\exports_for_niemiro\safer_hkcu.reg
reg EXPORT HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy  Objects\{A541BD3D-1A70-4D7B-BC99-CF1ADFC0DE9F}Machine\Software\Policies\Microsoft\Windows\Safer %userprofile%\Desktop\exports_for_niemiro\safer_hklm.reg

Then zip up and upload the exports_for_niemiro folder from your Desktop.

Thank you!

Richard
 
Ah! Forgive me. Please try instead:

Code:
reg EXPORT "HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{A541BD3D-1A70-4D7B-BC99-CF1ADFC0DE9F}Machine\Software\Policies\Microsoft\Windows\Safer" %userprofile%\Desktop\exports_for_niemiro\safer_hkcu.reg
reg EXPORT "HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{A541BD3D-1A70-4D7B-BC99-CF1ADFC0DE9F}Machine\Software\Policies\Microsoft\Windows\Safer" %userprofile%\Desktop\exports_for_niemiro\safer_hklm.reg

Thank you.

Richard
 
ERROR: The system was unable to find the specified registry key or value for both now
 
I have also noticed i cannot see my BD drive in my computer, and in device manager, under it's properties it shows : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
it is a HP BD E DH12E3LH The correct troubleshooting thing found the problem but couldn't fix it aswell.
After seeing that i should see if deleting
UpperFilters
LowerFilters
UpperFilters.bak
LowerFilters.bak
in
HKEY_LOCAL_MACHINE
SYSTEM
CurrentControlSet
Control
Class
{4D36E965-E325-11CE-BFC1-08002BE10318}
there was no class folder
 
the one that installs from downloading says some error, and i just can't get the other one to even open, it just asks for admin permission but does nothing, lastly trying the updates from windows update fail aswell
 
Is this being attempted from an admin account? Whilst it is a very good security measure to run normal day to day work out of a standard user account, for the purpose of testing, can you please run from a full admin account, for testing purposes, if you are not already. If you *are* running from an admin account, I'll have to think a little bit first as to what might be wrong.
 
Back
Top