No access to anything

[Visnew]

Right now, currently, I have access to NO anti-virus programs/firewalls, or spybot/malwarebytes'. All I have is regedit, google chrome, & hijackthis. I cannot setup SUPERAntiSpyware.exe. I did all steps possible (2, 6, & 7). Now I'm doing step 8. When I go to popular search engines, I get various random pages (not the ones I want). Google Chrome is not effected by ANYTHING. I have to run some stuff as administrator. My internet applications are VERY slow when submitting forms. Except Google Chrome. Every Startup/Non-Microsoft Service is disabled at this point.

 

[DelJo63]

hmm; looks awful slim

use run->cmd to get a command prompt and then enter

tasklist >ps_list.txt​

then in your follow-up, attach the file ps_list.txt
to document what is running on the system

 

[Visnew]

Follow up. This is with Non-Microsoft Serviced Disabled & All Startup Items Disabled. I want google talk to notify me for new emails for updates here

 

[Visnew]

Search google for:
hsfd83jfdg.dll

Choose the first result.
This explains everything.

This is what I had.

How can I get rid of it?

 

[kimsland]

Go to Safe Mode with networking

Have a look at:

UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions

 

[Visnew]

I already tried. Look @ post 1.

 

[kimsland]

OK I just did.
Now normally I don't help yet, until all logs posted, but this should get you out of trouble pretty quickly

Re-open HJT scan.
Place a tick next to all of the following, and with all Internet browsers closed first, select FIX

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 195.175.37.8:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: C:\WINDOWS\system32\hsfd83jfdg.dll - {C5BF49A2-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\hsfd83jfdg.dll
O3 - Toolbar: (no name) - {F4D76F09-7896-458a-890F-E1F05C46069F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - Startup: TrayIt!.exe
O4 - Startup: TrayIt!.std
O4 - Startup: trayit4!.dll
O16 - DPF: {3352B5B9-82E8-4FFD-9EB1-1A3E60056904} (Chilkat Crypt2) - http://www.chilkatsoft.com/download/ChilkatCrypt2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{061086B6-ABB8-4709-8FB4-C774247280DE}: NameServer = 75.111.126.144,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{F65BF6A4-1537-4E8A-8975-A4C6039E74D2}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{061086B6-ABB8-4709-8FB4-C774247280DE}: NameServer = 75.111.126.144,208.67.220.220
O17 - HKLM\System\CS3\Services\Tcpip\..\{061086B6-ABB8-4709-8FB4-C774247280DE}: NameServer = 75.111.126.144,208.67.220.220
O22 - SharedTaskScheduler: jgzfkj9w38rksndfi7r4 - {C5BF49A2-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\hsfd83jfdg.dll

Then Uninstall your AVG Antivirus
Then run the removal tool
Here is the 32Bit version (most users): http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe
Here is the 64Bit version: http://www.avg.com/filedir/util/avg_arv_sup_____.dir/avgremoverx64.exe

Then Uninstall your Spybots S&D

Then restart

Install Avira free AntiVirus

The follow: UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions in full

:grinthumb

 

[Visnew]

ok i be back 2moro.

I got:

Local machine: installation failed
Installation:
Error: Action failed for registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows: creating registry key....
Error 0x80070005

be back l8r.

 

[swwelsh]

If you can download stuff, try this:
http://downloads.andymanchesta.com/removaltools/sdfix.exe
It should unpack to c:\sdfix
Then reboot to safe mode as administrator and run c:\sdfix\runthis.bat (I think that is right, I am sure one of the other guys will correct it if I got it wrong)

 

[Visnew]

my last post was for avg uninstall...

 

[kimsland]

Did you run the AVG removal tool, I linked he text above to?

 

[Visnew]

yes i ran removal im gonna get avira then do sdfix

can i reinstall avg for active shield only?

 

[kimsland]

can i reinstall avg for active shield only?

Um... => No

 

[Visnew]

why? what else do you need??

 

[kimsland]

Well I'd like to agree with swwelsh, and say do a scan with SDFix (can't hurt )

Please download and run SDFix (I'm sorry, but I must refer you to t h i s tutorial on its use, scroll down to "SDFix Instructions")

Download, and run the "RunThis.bat" in Safe Mode, as advised
Then attach the log and a new HJT log
Oh by the way, it says that it may take 20mins to scan! (Mine took over an hour to complete!)

 

[Visnew]

I did the above. I scanned with Super Anti-Spyware & HiJackThis. Here are those logs. I am scanning with Malwarebytes' now.

Here you go.

 

[kimsland]

Download, and run the "RunThis.bat" in Safe Mode, as advised

Did you run this in Safe Mode?
Because according to your HJT log, it is still trying to run right now (in Normal Mode)

 

[Visnew]

yes. super did that.

Here is mbam scan (I had to run others & remove first before i could run this):

 

[kimsland]

"SDFix Instructions")

Download, and run the "RunThis.bat" in Safe Mode, as advised
Then attach the log and a new HJT log

What happened to the SDFix log ?
Did it even run?

Edit:

And stop replying to yourself, use EDIT if your post is still the last post in the thread
9 Posts of yours merged in this thread already !

 

[Visnew]

Sorry. It tried to run but then I X'ed out of it because I just got done running it when I ran SUPER. Which log file do u need in C:\SDFix\?

 

[kimsland]

I quoted the Tutorial for SDFix purposely
In that tutorial Step14 should have shown you a log

I cannot go over the tutorial, it's too good, and I haven't the time
Maybe just run it again. Refer to post #15 in this lengthy thread

Best to follow instructions exactly, to stop me repeating myself to you

 

[Visnew]

it wont output a log

 

[kimsland]

Sorry. It tried to run but then I X'ed out of it

Well something has gone bad from doing this. Probably next time do not interrupt any scan like this. SDFix is very strong and determined scan engine, that should only be used when Support request you should use it. Stopping it halfway through the scan has just caused more totally unrelated issues.

I'm at a loss

Lets try this.
Remove the SDFix folder completely (ie Delete it from C:\SDFix)
Restart, and hopefully you can download and run it again (in full)

 

[Visnew]

it didnt even do it the first time. & the scan ran after SUPERSpyware & still no log. forget it though i have no symptoms anymore. thx everyone. i will always use this forum for viruses!

 

[kimsland]

it didnt even do it the first time. & the scan ran after SUPERSpyware & still no log. forget it though i have no symptoms anymore. thx everyone. i will always use this forum for viruses!

Here's another option

Use CCleaner (from the 8-step removal guide, that you did)
But click on the registry button (when you start CCleaner, you will see this big button on the left hand side)
Do a complete registry scan, and fix all issues, I usually run it 3 times in a row (fixing every time)

I should mention, I have never fixed SDFix before