Malware, Spyware, and randomly closing programs!

[bludfist]

So recently I've been having an issue with programs closing by themselves. This includes: iTunes, Opera, IE, and almost every game I play. I think it's because of a virus that I know I got a couple of days ago while I was transferring from AVG free to the new avast. I was browsing some unrelated forums and mistakenly clicked on one of those damn pop-up adds.

I've been meticulously combating the virus/malware and have finally gotten around to posting logs! Any help would be appreciated.

Thanks,
Blud

 

[Bobbye]

It appears that you are running a 64bit version of Windows 7. The HijackThis program won't work on this system. Please perform the following scan:

We need to see some information about what is happening in your machine.

• Download DDS by sUBs from the following links. Save it to your desktop.
  o DDS.scr
  
  After downloading the tool, disconnect from the internet and disable all antivirus protection.
  
• Double click on the DDS icon, allow it to run.
• A small box will open, with an explanation about the tool. No input is needed, the scan is running.
• Notepad will open with the results, click no to the Optional_Scan
• Follow the instructions that pop up for posting the results.
• Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.

Run the scan, enable your A/V and reconnect to the internet. You can find information on A/V control HERE

When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Please attach both in your next reply.

 

[bludfist]

Downloaded program, disabled anti-virus and disconnected from the internet.

Here's the logs! Thanks for the help.

 

[Bobbye]

Okay, you may have noticed that the software makers don't have much to offer for Windows 7/64 bit. You haven't received help in a couple of the forums also.

There are 3 areas of problems- you'll need to work one at a time:
1. Errors or corrupt file systems:
You need to run CHKDSK on HarddiskVolume3.and on volume C. The system has corrupt file system structure:

Start> Run> type in cmd> OK> at the C:\ type in chkdsk /f
You will get a nag message- close it and reboot and the checking will start in a few seconds.

Then reboot the computer and let it run. It will take while if you haven't done it. The system will reboot when finished.

What is HarddiskVolume3? Do you or did you have a flash drive connected? IF so, you will also need to run the error checking on it.
-----------------------
2. Permissions issue
To resolve this error:
Error: Microsoft-Windows-DistributedCOM [10016] -
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

You're going to have to do a Registry Edit. Use the steps here: http://support.microsoft.com/kb/899965
Yes, I know it says XP, but it's the 64 bit that's causing the problem. See if these steps resolve it.
Note instructions to back up the Registry first.

IF you know what the component is, you can use the following instead:

Open Component Services and find the application's security properties:

1. Click Start> Run> type in comexp.msc> OK
2. To locate your application, click Component Services> Computers> My Computer> then click COM+ Applications.
3. Right-click the application name> Properties.
4. Click the Security tab in the application properties dialog box> adjust the security settings to allow the requested operation to complete.

Your account must have administrative privileges.

3. Possible malware: run the following online scan:
Run Eset NOD32 Online AntiVirus Scanner HERE

Note: You will need to use Internet Explorer for this scan.

• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the Active X control to install
• Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
• Click Start
• Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
• Click Scan
• Wait for the scan to finish
• Re-enable your Antivirus software.
• A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

There will be more but this will be a good start. Please attach the Eset log to next reply. Superantispyware doesn't wprk on either Windows 7 or 64 bit- not sure which.

 

[bludfist]

Thanks for the reply. I'll do this as soon as I get home today! =D