Corrupt Files After Virus

[Brick]

Ages ago a virus infected my computer, ruining it for a day or 2, i successfully removed the virus using multiple antimalware/virus softwares (mainly malwarebytes) but i've never been able to fix .net framework updates from failing every time, so i did a sfc scan and i saw tons of corrupt or whatever files
Attatched are my logs:

 

[tom982]

Hello Brick, welcome to Sysnative!

Your CBS log shows the following corruption:

2013-08-27 21:15:35, Info                  CSI    00000310 [SR] Repairing 13 (0x000000000000000d) components
2013-08-27 21:15:35, Info                  CSI    00000311 [SR] Beginning Verify and Repair transaction
2013-08-27 21:15:35, Info                  CSI    00000312 [SR] Cannot verify component files for Microsoft-Windows-ACLUIFileFolderTool.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    00000313 [SR] Cannot repair member file [l:18{9}]"MSDTC.LOG" of Microsoft-Windows-COM-DTC-Runtime, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-08-27 21:15:35, Info                  CSI    00000314 [SR] Cannot verify component files for Microsoft-Windows-DIMS-AutoEnroll.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    00000315 [SR] Cannot verify component files for Microsoft-Windows-DIMS-KeyRoam.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    00000316 [SR] Cannot verify component files for Microsoft-Windows-DIMS.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    00000317 [SR] Cannot verify component files for WCF-System.IO.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:b03f5f7f11d50a3a}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    00000318 [SR] Cannot verify component files for System.IO.Log.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_MSIL (8), Culture = [l:10{5}]"en-us", VersionScope neutral, PublicKeyToken = {l:8 b:b03f5f7f11d50a3a}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    00000319 [SR] Cannot verify component files for System.IO.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_MSIL (8), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:b03f5f7f11d50a3a}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    0000031a [SR] Cannot verify component files for Microsoft-Windows-ACLUIFileFolderTool.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    0000031b [SR] Cannot verify component files for Microsoft-Windows-DIMS.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    0000031c [SR] Cannot verify component files for Microsoft-Windows-DIMS-AutoEnroll.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    0000031d [SR] Cannot verify component files for Microsoft-Windows-DIMS-KeyRoam.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    0000031e [SR] Cannot verify component files for WCF-System.IO.Log, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:b03f5f7f11d50a3a}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (FALSE)
2013-08-27 21:15:35, Info                  CSI    0000031f [SR] Cannot repair member file [l:18{9}]"MSDTC.LOG" of Microsoft-Windows-COM-DTC-Runtime, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-08-27 21:15:35, Info                  CSI    00000320 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

Can you download and install the System Update Readiness Tool (SURT) please?

Download System Update Readiness Tool for Windows 7 for x64-based Systems (KB947821) [August 2013] from Official Microsoft Download Centre

Then post the log:

C:\Windows\Logs\CBS\CheckSUR.persist.log

Tom

 

[Brick]

Ok, here it is.

 

[niemiro]

Hello :)

WARNING: This fix has been created specifically for this user. If you are not this user, do not follow these instructions as you may cause serious harm to your computer.
Download a copy of SFCFixScript.zip attached to this post, and save it to your Desktop.
Then download a copy of SFCFix.exe from here: https://www.sysnative.com/forums/downloads/sfcfix/, and also save it to your Desktop.
Single click on SFCFixScript.zip and drag and drop it on top of SFCFix.exe. SFCFix will open and perform a fix for your CheckSUR.log corruption.
A logfile called SFCFix.txt will open (and be saved to your Desktop). Please copy and paste the report into your next reply.

Thank you!

Richard

 

[Brick]

Here the file is

 

[niemiro]

Please re-run SFC, and let us know whether it comes out clean. Also, are any of your other problems persisting?

Reason being: we've now fixed everything in your first set of logs. But if your problems remain, we'll take another set and see what's left.

:)

Richard

 

[Brick]

Windows resource protection did not find any integrity violations, about to restart my computer to see if all the updates will work.

 

[Brick]

I am still having repairing/installing updates for .net framework, it says "Installation is forbidden. Contact your system administrator."

clicking on log file showed this:

Read More:

OS Version = 6.1.7601, Platform 2, Service Pack 1
OS Description = Windows 7 - x64 Home Premium Edition Service Pack 1

CommandLine = C:\f7f1071bd19f463bc929f6344200c070\\Setup.exe /x86 /x64
TimeZone = GMT Daylight Time
Initial LCID = 1033


Using Simultaneous Download and Install mechanism


Operation: Repairing

Package Name = Microsoft .NET Framework 4 Setup
Package Version = 4.0.30319

User Experience Data Collection Policy: AlwaysUploaded




Number of applicable items: 6




Exe (C:\f7f1071bd19f463bc929f6344200c070\Windows6.1-KB958488-v6001-x64.msu) failed with 0x240006 - (null).

MSI (C:\f7f1071bd19f463bc929f6344200c070\netfx_Core_x64.msi) Installation failed. Msi Log: Microsoft .NET Framework 4 Setup_20130828_134736216-MSI_netfx_Core_x64.msi.txt



Final Result: Installation failed with error code: (0x80070659), "This installation is forbidden by system policy. Contact your system administrator. " (Elapsed time: 0 00:00:23).

with the Msi log below

 

[Brick]

I also have problems using .msi files, i have to use troubleshooter where it says changes made: skip version check

 

[Brick]

I also have problems using .msi files, i have to use troubleshooter where it says changes made: skip version check, also about the last post: i have tried the fixit 50123 and 50202

 

[niemiro]

Hello again :)

Open an Elevated Command Prompt:https://www.sysnative.com/forums/wi...-prompt-window-windows-windows-vista-7-a.html

Run the following commands (copy and paste them in):

mkdir %userprofile%\Desktop\exports_for_niemiro
reg EXPORT HKLM\Software\Policies\Microsoft\Windows\Installer %userprofile%\Desktop\exports_for_niemiro\installer.reg
reg EXPORT HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy  Objects\{A541BD3D-1A70-4D7B-BC99-CF1ADFC0DE9F}Machine\Software\Policies\Microsoft\Windows\Safer %userprofile%\Desktop\exports_for_niemiro\safer_hkcu.reg
reg EXPORT HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy  Objects\{A541BD3D-1A70-4D7B-BC99-CF1ADFC0DE9F}Machine\Software\Policies\Microsoft\Windows\Safer %userprofile%\Desktop\exports_for_niemiro\safer_hklm.reg

Then zip up and upload the exports_for_niemiro folder from your Desktop.

Thank you!

Richard

 

[Brick]

For the last 2 it said ERROR: Invalid syntax, but here is the folder anyway

 

[niemiro]

Ah! Forgive me. Please try instead:

reg EXPORT "HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{A541BD3D-1A70-4D7B-BC99-CF1ADFC0DE9F}Machine\Software\Policies\Microsoft\Windows\Safer" %userprofile%\Desktop\exports_for_niemiro\safer_hkcu.reg
reg EXPORT "HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{A541BD3D-1A70-4D7B-BC99-CF1ADFC0DE9F}Machine\Software\Policies\Microsoft\Windows\Safer" %userprofile%\Desktop\exports_for_niemiro\safer_hklm.reg

Thank you.

Richard

 

[Brick]

ERROR: The system was unable to find the specified registry key or value for both now

 

[Brick]

I have also noticed i cannot see my BD drive in my computer, and in device manager, under it's properties it shows : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
it is a HP BD E DH12E3LH The correct troubleshooting thing found the problem but couldn't fix it aswell.
After seeing that i should see if deleting
UpperFilters
LowerFilters
UpperFilters.bak
LowerFilters.bak
in
HKEY_LOCAL_MACHINE
SYSTEM
CurrentControlSet
Control
Class
{4D36E965-E325-11CE-BFC1-08002BE10318}
there was no class folder

 

[Brick]

never mind, fixed the BD drive error

 

[niemiro]

ERROR: The system was unable to find the specified registry key or value for both now

I think we have found our problem :)

Please navigate to this website, and right at the bottom of the article, download and import the registry script "for the entire 'Safer' tree": Fix for "The system administrator has set policies to prevent this installation" error. | The BHC Blog

Restart your computer and let me know whether that resolves your problem.

Thank you!

Richard

 

[Brick]

Doesn't seem to have fixed it.

 

[Brick]

the one that installs from downloading says some error, and i just can't get the other one to even open, it just asks for admin permission but does nothing, lastly trying the updates from windows update fail aswell

 

[niemiro]

Is this being attempted from an admin account? Whilst it is a very good security measure to run normal day to day work out of a standard user account, for the purpose of testing, can you please run from a full admin account, for testing purposes, if you are not already. If you *are* running from an admin account, I'll have to think a little bit first as to what might be wrong.