Hi,
I am having a problem with my pc. I have used AVG and Spybot S@D. Avg seems to be unable to get it all, Spybot has errors when cleaning.I cannot access my control panel. I have attached my logfile.
Any assistance is greatly appreciated.

Hi :

 Your HijackThis log indicates you are using McAfee for your security ;
 since this Forum is for Avast Users, I recommend you ask for help on the
 McAfee Support Forums at http://forums.mcafeehelp.com/index.php .

Hi, I might be biased, but no prejudiced. A bug’s a bug and I like to squash them, no matter who let them in.

So if you’re still with, I’ll give you a hand.

Download ComboFix from Here or Here to your Desktop.

Double click combofix.exe and follow the prompts.

When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix’s window while its running. That may cause it to stall.

Hi and thanks…
I don’t use mcafee? I don’t know how to remove it??? A friend put AVG and Spybot… mcafee didn’t work for me before… didn’t know it was still running… and if it is why am I having this issue… lol, obviously didn’t work well this time either…
Anyways will do combofix and post log

McAfee has an uninstall tool that you could run to ensure any possible remnants are removed.
http://download.mcafee.com/products/licensed/cust_support_patches/VSCleanupTool.exe
2007 version - http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe
Also see - How do I uninstall SecurityCenter? http://ts.mcafeehelp.com/faq3.asp?docid=71525

Thanks, it seems to take up alot of space for nothing. I will do. I also didn’t know what avast was, I did a searchfor help with this issue and got this forum. sry. I will remove. also here is the combofix.
Any assistance is greatly appreciated

According to HJT, you have Authentium AntiVirus running, some of mcafee and not AVG antivirus. The AVG you have is AVG antispyware, which is not an antivirus program, but it is compatible with antivirus programs, so keep it.

Follow DavidR’s advice on removing the rest of mcafee.

If Authentium AntiVirus is working and updtaed, we’ll carry on with that as your av. If not please uninstall it and install avast.

Let’s get started on this.

Please download SmitfraudFix (by S!Ri) to your Desktop.
Download this ptool from: http://siri.urz.free.fr/Fix/SmitfraudFix.exe
Double-click Smitfraudfix.exe
Select option #1 - Search by typing 1 and press “Enter”; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply as an attachment. The report can be found at the root of the system drive, usually at C:\rapport.txt

IMPORTANT: Do NOT run any other options until you are asked to do so!

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a “RiskTool”;
it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between “good” and “malicious” use of such programs, therefore they may alert the user

Please attah the smitfraudfix and a new HJT log in your next reply. Thanks

Sorry for the time lapse. I was trying to get this fixed before I had to fly out, didn’t make it. just got back tonight… long day with switching flights. will do as told first thing this morning.

again i am sorry and thanks for your assistance.

No problem, we’re still here.

okay… here goes. I have no access to task manager, had 5 explorers open, could not close. got pass that. computer freezes alot, has to catch up with itself. I keep getting bad image error boxes popping up, active x controls will not run, script error pop-ups as well. tried to download mcafee unistaller that you listed above. goes almost 100% then I get (not responding). finally got to control panel, but cannot remove any programs.
So… Do I really need to remove all of mcAfee first? tried…
Cannot locate Authentium Antivirus… I would unistall that as well
will try Smitfraud fix now…

started smitfraud…
stuck on…
scanning processes…
scanning hosts…
hasn’t gone any further. Is this normal?
I also have find.exe-bad image and cmd.exe-badimage pop ups every time I x one out the other pops up.

Ok. Smit finished… Had to keep closing pop-ups until scanning finished. attached report

heres new hijack

Let’s see if we can get some of this cleared up, then tackle the multi antiviruses.

Depending how bad it is this could take some tme. Let it run to completion.

1. Restart your computer

2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.

3. Instead of Windows loading as normal, a menu should appear

4. Select the first option, to run Windows in Safe Mode.

5. When you are at the logon prompt, log in as the same user as you usually do.
   .

6. When your computer has started in safe mode and you see the desktop.

5.Close all open Windows.

6. Now, double-click on the SmitFraudfix icon that should be residing on your desktop

7. You will now see a menu in a blue dos screen. Press the number 2 on your keyboard and the press the enter key to choose the option Clean (safe mode recommended).

8. The program will start cleaning your computer and go through a series of cleanup processes. When it is done, it will automatically start the Disk Cleanup

9. This program will remove all Temp, Temporary Internet Files, and other files that may be leftover files from this infection. This process can take up to a few hours depending on your computer, so please be patient. When it is complete, it will close automatically and you should continue with step 11.

10. When Disk Cleanup is finished, you will be presented with an option asking Do you want to clean the registry ? (y/n). At this screen you should press the Y button on your keyboard and then press the enter key.

11. When this last routine is finished, you will be presented with a red screen stating Computer will reboot now. Close all applications. You should now press the spacebar on your computer. A counter will appear stating that the computer will reboot in 15 seconds. Do not cancel this countdown and allow your computer to reboot.

12. Once the computer has rebooted, you will be presented with a Notepad screen containing a log of all the files removed from your computer. Examine this log, and when you are done, close the Notepad screen. Please Save This Log. We will need to see this. If it is easier for you save it to the desktop.

will do

Ok, I followed your directions… when smit started, each one of the processes it checked a bad-image pop-up came up in order for it to complete i would have to hit Ok for each pop-up, then it continued until complete.I received the " Do you want to clean the registry?" like 40 times… it finally accepted my “Y” and enter… I did not receive a red screen stating computer will reboot. I did receive a notepad screen. so here it is.

Post a new HJt log and let me know what’s going on.

Hi again,
Here’s the new hjlog. also the bad image window that pops up follows:
Notepad.Exe- Bad Image
The application or DLL C:/windows/System32/wowfx.dll is not a valid windows image. Please check this against your installation diskette.
This window that pops up is for everything and anything I do on the computer. ie- find.exe, cmd.exe, iexporer.exe, vacfix.exe, swreg.exe, aol.exe… ect ect
never had this problem before? But I no longer have the security balloon saying I have a virus. But i do have an issue when I am typing this post. the window I am on randomly goes in and out- as in i will get half of this text typed and it is like I am toggling between two windows tho I am not. i have to wait for this window to be the active one , so i pause my typing until the top of the window goes back to blue from graythen contipe… (that was me typing "from gray then continue to type…)
strange?

this seems to be one of the problems, listed on my hjk file.
O20 - AppInit_DLLs: C:\WINDOWS\system32\wowfx.dll

any assistance is always greatly appreciated

Let’s go after some more of this.

Print these instructions out as you will be doing the first half from safe mode. Download both programs first.

Download SDFix and save it to your desktop.

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press “Enter”.
Choose your usual account.

In Safe Mode, double click SDFix.exe and install to the default location by clicking Install. The SDFix Folder will be extracted to %systemdrive% \ (Drive that contains the Windows directory - typically ‘C:\SDFix’) Open the SDFix folder in Safe Mode then double click the RunThis.bat file to start the fixtool. Type Y to begin the script.

It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot. Press any Key and it will restart the PC.
Your system will take longer that normal to restart as the fixtool will be running and removing files. When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.
Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt back onto the forum with a new HijackThis log

Download ComboFix from Here or Here to your Desktop.

Double click combofix.exe and follow the prompts.

When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix’s window while its running. That may cause it to stall.