[thousandsflee]

Hi - When I copy something from a website, for example a URL to paste onto the address bar or something to copy to wrod, it a) won't let me paste it, b) freezes IE and c) closes all IE windows. It's only been happening for a week now, with no explination. At first I thought it might be adware, but ran Adaware a few times, made no difference. It's IE 6, running on XP SP 2. Thanks

Edited by thousandsflee, 09 August 2005 - 09:58 AM.

[Advertisements]

Adware isn't the only bad stuff out there. AdAware SE can not and I stress CAN NOT be used solely by its self to protect your machine. You need to go through the guide HERE
This guide will clean 70% of all problems from a machine, however if you are still having problems, and you MAY NOT be please post a HiJack This log in the Malware forum. Once you have a clean bill of health, if you are still having problems please return to this thread for further assistance.

[phybyr0ptyk]

Adware isn't the only bad stuff out there. AdAware SE can not and I stress CAN NOT be used solely by its self to protect your machine. You need to go through the guide HERE
This guide will clean 70% of all problems from a machine, however if you are still having problems, and you MAY NOT be please post a HiJack This log in the Malware forum. Once you have a clean bill of health, if you are still having problems please return to this thread for further assistance.

[thousandsflee]

Did all mention scans. Forgot to save log fil for Ewido as had to restart Windows after updating. Ewido turned up one thing "Not a virus.Pornware.PopCap.b (from quarintine) Below is HijackThis log file (which ironically pasted with no problems, but still problems copying from internet to address bar or word) Thanks!

Logfile of HijackThis v1.99.1
Scan saved at 19:13:46, on 10/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security

Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\sistray.EXE
C:\Program Files\PCEye2000\pceye.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\BOS\PixAlert Monitor Home\Mctrla5-0.exe
C:\WINDOWS\system32\pcwpx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\1-Click Answers\answers.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\COMMON~1\GURUNE~1\agtserv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Ailish Hathcock\Local Settings\Temporary

Internet Files\Content.IE5\PD2LMURP\HijackThis[1].exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://home.iol.ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.google.ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://home.iol.ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://home.iol.ie
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} -

C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -

C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program

Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -

C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-gb\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} -

C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no

file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}

- C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program

Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-gb\msntb.dll
O3 - Toolbar: 1-Click Answers - {7754C418-F62E-44aa-B169-E719E718BCFD}

- C:\PROGRA~1\1-CLIC~1\IEToolbar\AnswersToolbarU.dll
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\sisUSBrg.exe
O4 - HKLM\..\Run: [PcEye] C:\Program Files\PCEye2000\pceye.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark

X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec

Shared\ccApp.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program

Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program

Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PixAlertMonitor] C:\Program Files\BOS\PixAlert

Monitor Home\Mctrla5-0.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor]

C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common

Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter

4.2\THGuard.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft

Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [JavaUpdate0.07] C:\WINDOWS\System32\ukqnri.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN

Messenger\msnmsgr.exe" /background
O4 - Global Startup: 1-Click Answers.lnk = C:\Program Files\1-Click

Answers\answers.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program

Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft

Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program

Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Answers... - file:C:\Program

Files\1-Click Answers\Html\atiemenu.htm
O9 - Extra button: Money Viewer -

{E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft

Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.iQon.ie
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -

http://messenger.zon...kr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient

Class) -

http://messenger.zon...ent.cab31267.ca

b
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags

Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {3B0EA9E6-7003-4B38-B398-9B1B6DF439C5} -

http://download.answ...nswersSetup.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -

http://a840.g.akamai...trendmicro.com/

housecall/xscan53.cab
O16 - DPF: {82F2D6B2-6C58-4404-A930-9DB0FD90D4B1}

(Driver_Detective_v43_Non_Member.DD_v43) -

http://www.drivershq..._Non_Member.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient

Class) -

http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}

(MsnMessengerSetupDownloadControl Class) -

http://messenger.msn...pdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -

http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online

Control) - http://zone.msn.com/.../default/gf.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl

Object) - http://zone.msn.com/...WebLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object)

- http://zone.msn.com/...aploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class)

- http://fdl.msn.com/z...s/heartbeat.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation

- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec

Corporation - C:\Program Files\Common Files\Symantec

Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec

Corporation - C:\Program Files\Common Files\Symantec

Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks -

C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program

Files\ewido\security suite\ewidoguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. -

C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) -

Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton

AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec

Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec

Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -

C:\Program Files\Common Files\Symantec Shared\Security

Center\SymWSC.exe

.

[Blakely223]

Heya!

I noticed you were having trouble with Internet Explorer, and i wanted to try and shed some light on this with my limited knowledge of computers

Internet Explorer is largely the most popular Browser on Earth, so it's safe to assume it's gonna be the prime target of ALOT of spyware/malware/virus's and generally all kinds of nasty html/java exploits that can just bypass internet explorer's security and wreck havoc onto your PC.

I'm sure you're probably aware that there are alternatives to Internet Explorer, but alot of people don't realize how effective they are!

So if you're willing to try out a different browser, i'm sure you wouldent be disappointed.

At the moment, i use Opera which can be downloaded here.

It is almost completely immune to all major Internet Explorer exploits and bugs, and it is constantly being updated. It allows you to have a personalized mail account built in, it has a google search built in, a zoom, and a load of security features.

The best part about it, is that unlike internet explorer, you can run countless amounts of Web-Pages but they are all neatly organized inside your opera browser for quick viewing and multiple surfing. And it doesnt completely destroy your quickbar at the bottom of the page, like IE does.

So goodluck with your problem, and i hope you try another Browser soon, i'm sure it would help you tremendously.

[thousandsflee]

I have actually tried Opera before but I found that I never used it so I uninstalled it. It just annoyed me for some reason, but I did find that multi-page feature very handy. Thanks for your help anyway.

[thousandsflee]

I did download Ewido Security Suite yesterday, but I already have Norton Anti-Virus, will these two programmes compromise each other???... just checked, it's ok.

Edited by thousandsflee, 11 August 2005 - 11:47 AM.

[phybyr0ptyk]

I have actually tried Opera before but I found that I never used it so I uninstalled it.  It just annoyed me for some reason, but I did find that multi-page feature very handy.  Thanks for your help anyway. 

Try FIREFOX if you didn't like Opera. I use both of them extensively, however I NEVER use Internet Explorer. It is simply to much of a risk to us e and risk damage to this INVESTMENT (my computer). That said the choice is still yours though.

Want to see the risk you take when you use IE click below or goto google and search 'internet explorer security risks'

http://www.google.co...G=Google Search

To me using Internet Explorer is like throwing a lit match into a bucket of gasoline, sooner or later its going to blow up in your face .

[thousandsflee]

Downloaded and am using Firefox at the moment, I like it much better than Opera. So that's a plus. Also I don't have the copy and paste problem with it. Thanks!

[phybyr0ptyk]

Since you like it, you should check out the extensions for it. Firefox is 500 times better once you download and install some extensions that you may find interesting and useful.

https://addons.mozil...ox&category=All

Finding a theme that is appealling to your eyes will make firefox that much better as well because you will be looking at something you like.

https://addons.mozil...ox&category=All

Spred the Firefox word, Mozilla needs our help to keep this great product alive.

[thousandsflee]

Thanks for all the advice plus I managed to fix IE problem too.