Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! Inqwire Ads Keep Poping Up


  • This topic is locked This topic is locked
2 replies to this topic

#1 charles1961

charles1961

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 05 May 2006 - 02:40 PM

ive tried everything,still te inqwire pop up wont go away

heres my hijack log..


Logfile of HijackThis v1.99.1
Scan saved at 2:25:57 PM, on 5/5/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe
C:\Program Files\wmconnect\wmtray.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\SecuritySuite.exe
C:\Documents and Settings\Windows User\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/...://my.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Wal-Mart Connect Tray Icon.lnk = C:\Program Files\wmconnect\wmtray.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{A77DF2F1-17A4-4BDE-B850-608AE55CAC4C}: NameServer = 63.65.143.2
O18 - Filter: text/html - {3551784B-E99A-474f-B782-3EC814442918} - (no file)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\System32\PackethSvc.exe

BC AdBot (Login to Remove)

 


m

#2 JG427

JG427

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 09 May 2006 - 09:27 PM

Hi, charles1961.
I don't see anything in your log that would cause the popups.
Only some minor junk and leftovers that should be removed.

Is their some reason that you have not update your operating system to SP2?
I have seen cases where going to a website with inqire popups and no popup blocker would cause this.
Internet Explorer sp2 includes a popup blocker. Google Toolbar also includes a popup blocker.

Installing a hosts file would also help to prevent many ads and links included in web pages from loading.
Following the steps in my prevention speech should help and increase the security of your system.
I'll post it after some clean up.

You have BroadJump\Client Foundation running on your system. It's adware that was probably installed by your internet service provider.
I suggest uninstalling it in add/remove programs. It's listed here as Bjcfd.
Click the start button on the taskbar > control panel > add/remove programs.
(Or on xp pro, start>settings>control panel>add/remove programs)

If the following entry is listed, click to highlight and choose remove.
Broadjump Client Foundation

Scan with hijackthis and checkmark these lines:
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe<--fix If you choose to remove bjcfd, may be gone if you uninstalled broadjump
O18 - Filter: text/html - {3551784B-E99A-474f-B782-3EC814442918} - (no file)
Close all browsers and open windows, except hijackthis, and click fix checked.

Restart your system.
Try the following steps suggested, then see if the popups continue.
After that, scan with hijackthis and let me know how your system is running.

Visit microsoft update and click the express button to get high-priority updates.

The xp firewall only blocks incoming connections which will allow any program or trojan on your system to connect without permission.
Most third party firewalls block incoming and outgoing unless you permit it.
Zone Alarm, Outpost Firewall and Sunbelt Kerio Personal Firewall have free versions for personal use.

Considerer using the Firefox web browser.
It's more secure than Internet explorer, blocking almost all known browser hijackers.
Firefox has faster browsing, improved popup blocking, tabbed browsing and many other features.


SpywareBlaster - Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests.

IE-SPYAD adds a long list of sites associated with known advertisers, marketers, and crapware pushers to the Restricted sites zone of Internet Explorer.
Using IE-Spyad to enhance your privacy and security

Blocking Unwanted Parasites with a Hosts File

SpywareBlaster, IE-SPYAD and the Hosts file do not run in the background, just check for updates every few weeks.
Open spywareblaster and click check for updates then enable all protection.
Updates for IE-SPYAD and MVPS HOSTS are announced in the software forum at SpywareInfo.
Posted Image

#3 JG427

JG427

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 21 May 2006 - 09:52 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users