Explorer droping out no reason

[blackoscar]

Usually cannot submit the problem as soon as I hit any kind of upload or link button Explorer just shuts down.

Can anyone help

No idea what files are good or bad after HIJACKTHIS scan

Logfile of HijackThis v1.99.1

Scan saved at 12:30:04 PM, on 5/10/2005

Platform: Windows 2000 SP3 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\System32\NMSSvc.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\System32\mspmspsv.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\Explorer.EXE

C:\Program Files\Analog Devices\SoundMAX\Smtray.exe

C:\program files\Telstra\Signup\tbpt.exe

C:\Program Files\Error Fixer\ErrorFixer.Exe

C:\WINNT\System32\nof.exe

C:\Program Files\Nokia\PC Suite for Nokia 6600\connmngmntbox.exe

C:\Program Files\Nokia\PC Suite for Nokia 6600\ectaskscheduler.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe

C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe

C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE

C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe

C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE

C:\WINNT\System32\wuauclt.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\PROGRA~1\WINZIP\winzip32.exe

C:\unzipped\hijackthis[1]\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe

O4 - HKLM\..\Run: [{F7D90BD2-14A9-11d3-AD9E-00AA0064EC94}] C:\program files\Telstra\Signup\tbpt.exe

O4 - HKLM\..\Run: [ff] nof.exe

O4 - HKLM\..\RunServices: [ff] nof.exe

O4 - HKLM\..\RunServices: [mouse] mouse.exe

O4 - HKCU\..\Run: [ErrorFixer] "C:\Program Files\Error Fixer\ErrorFixer.Exe" /boot

O4 - HKCU\..\Run: [ff] nof.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: PCSuiteForNokia6600 Detect.lnk = C:\Program Files\Nokia\PC Suite for Nokia 6600\connmngmntbox.exe

O4 - Global Startup: PCSuiteForNokia6600 TS.lnk = C:\Program Files\Nokia\PC Suite for Nokia 6600\ectaskscheduler.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1127954007453

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/bejeweled...aploader_v6.cab

O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{D69C604A-5688-4F47-8496-350842F09ABA}: NameServer = 203.49.70.20 139.134.2.190

O20 - Winlogon Notify: f3dsl - C:\WINNT\SYSTEM32\lsd_f3.dll

O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe

O23 - Service: Remote_Procedure_Call (svchost) - Unknown owner - %windir%\system32\svchost.cmd (file missing)

Edited October 6, 2005 by blackoscar

[chilifrei64]

I would run your Big 3 anti spyware (MS, lavasoft, spybot).. you definately have spyware

these ones look fishy to me

C:\program files\Telstra\Signup\tbpt.exe

C:\Program Files\Error Fixer\ErrorFixer.Exe

C:\WINNT\System32\nof.exe

[epic]

It could possibly have something to do with your Phone software installed on your PC. You may want to role back to a later date when the software was not installed and try installing it again. Besides that, remove all the quick startup programs like WinZip, Nero, smtray and the Intel card. They are not needed to function.

Do you even use Veritas software (i.e. Backup tools)?

IE does not like 3rd party plugin's at times, suggest disabling 3rd party plugins in Tools-Internet Options-Advanced.

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx,

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm,

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm,

Big no no....

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/bejeweled...aploader_v6.cab

O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{D69C604A-5688-4F47-8496-350842F09ABA}: NameServer = 203.49.70.20 139.134.2.190

O20 - Winlogon Notify: f3dsl - C:\WINNT\SYSTEM32\lsd_f3.dll (a.k.a. PWSteal.Banker.B )

Unsure of nof.exe, errorfixer is (from what I understand) scamware, tbpt.exe do you have some kind of TELE / mobile services (if not delete / remove)?

O4 - HKLM\..\Run: [{F7D90BD2-14A9-11d3-AD9E-00AA0064EC94}] C:\program files\Telstra\Signup\tbpt.exe

O4 - HKLM\..\Run: [ff] nof.exe

O4 - HKCU\..\Run: [ErrorFixer] "C:\Program Files\Error Fixer\ErrorFixer.Exe" /boot

O4 - HKCU\..\Run: [ff] nof.exe

Other than that I see a lot of phone software running on your pc as a resident, not needed.

Edited October 9, 2005 by epic