Need help with ismon

Status
Not open for further replies.
These should be applied in safe mode.


This should be fixed (and the file deleted from that directory):

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm


Have you set the proxy server on purpose? If not, fix this:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 195.242.36.3:3128


Fix this too, to be sure:

R3 - URLSearchHook: (no name) - <default> - (no file)


These are unknown to me:

O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} (ACNPlayer2 Class) - http://138.108.63.129/ePlayer/V3_2_0_0/ACNePlayer.cab

O21 - SSODL: coursings - {f8d02387-789a-4c0f-a1d8-8a93f33ee4df} - (no file)
 
Hello and welcome to Techspot.

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

BroadJump\Client Foundation
AWS\WeatherBug

Close control panel.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

CFD.exe
Weather.exe

Close task manager.

Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 195.242.36.3:3128<Only fix this, if you didn`t set this proxy yourself, or you don`t know what it is.

R3 - URLSearchHook: (no name) - <default> - (no file)

O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1

O4 - Global Startup: Digital Line Detect.lnk = ?

O9 - Extra button: Help - {08F93E4B-4A2F-40CF-86DF-C60DB13902F3} - http://www.comcast.net/memberservices/ (file missing) (HKCU)

O9 - Extra button: ComcastHSI - {35AEEB9D-7D23-43A2-98A0-EECF1769DABB} - http://www.comcast.net (file missing) (HKCU)

O9 - Extra button: Support - {FDEBFFC1-560E-49FB-8B16-3ECEB03871AE} - http://www.comcastsupport.com (file missing) (HKCU)

O15 - Trusted Zone: http://www.fortunerep.com

O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?

O16 - DPF: {3CF32649-D1C0-4F42-AB44-ED284748920B} (Merriam-Webster Online Toolbar) - http://www.m-w.com/toolbar/webinstall.cab

O16 - DPF: {416792D8-F532-493A-BECC-1C99A1501FF9} (vmLaunch Class) - http://media2.comcast.net/anon.comcastonline2/onleng/downloads/VideoMail/vmLaunc her2.cab

O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} (ACNPlayer2 Class) - http://138.108.63.129/ePlayer/V3_2_0_0/ACNePlayer.cab

O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)

21 - SSODL: coursings - {f8d02387-789a-4c0f-a1d8-8a93f33ee4df} - (no file)

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm

C:\Program Files\AWS

C:\Program Files\BroadJump

Reboot your computer.

Regards Howard :wave: :wave:
 
No problem.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of breezcool only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.
Back