Internet Explorer won't launch

[JJMc 0]

I just went through hell getting rid of several trojans. All appears to be well except that IE, when you double click the icon, will flash for a split second, then the window closes and disappears. I downloaded and ran HijackThis, which I have never used before and don't really know anything about. The log is posted below. Anyone have any ideas? For the record, the virus consisted of some bullshit "AntiSpywareXP 2009" program and also a rootkit.

 

PS- Wondered this for a while..why are there so many instances of "svchost?" Thanks.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:20:47 AM, on 10/29/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\cisvc.exe

C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\trlrm\RMHSvc.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\IPSBHO.DLL

O2 - BHO: Trlokom IE Toolbar - {C5AF4D9B-0B55-4BAC-9486-218EA2C6BC3E} - C:\Program Files\SpyWall\TrlIETool.dll

O3 - Toolbar: Trlokom IE Toolbar - {C5AF4D9B-0B55-4BAC-9486-218EA2C6BC3E} - C:\Program Files\SpyWall\TrlIETool.dll

O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.hp.com/ediags/dd/instal...nosticsxp2k.cab

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab

O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe

O23 - Service: Trlokom Central Management Helper 1.4.1 0 (trlokom_rmhsvc) - Trlokom, Inc. - C:\WINDOWS\trlrm\RMHSvc.exe

O23 - Service: Security Center (wscsvc) - Unknown owner - C:\WINDOWS\C:\WINDOWS\System32\svchost.exe (file missing)

 

--

End of file - 3170 bytes

[Thoth 0]

AntiSpywareXP 2009. I just dealt with that on my work computer.

 

All those svchost processes are normal, in my experience.

 

Make sure that there is no brastk.exe process running. Also make sure your control panel actually contains genuine Windows control panels.

 

Beyond that, IE should be fine. Brastk just fucks up your home page, changing it to google.com.

[AndrewTS 0]

You try it in safe boot yet? Does windows explorer have the same issue or just IE?

 

 

[JJMc 0]

Make sure that there is no brastk.exe process running. Also make sure your control panel actually contains genuine Windows control panels.

 

Yeah, I ended up getting rid of that with some scanner I downloaded. Although, it still appears in the list of startup programs (it is unchecked, though) along with AntiSpywareXP 2009. There is no file path displayed

for brastk, it just says "brastk.exe." For Antispyware2009 however, it says it is in Program Files, even though it no longer is. How can I remove them from the startup list?

 

EDIT: There's also a "cisvc.exe" process that comes on at startup and uses 98% CPU, slowing down the system to a crawl. I keep killing it via the task manager and running a search and deleting all instances of it, but it keeps coming back. Some sites say it is a legit Windows process, but others said otherwise, which I tend to believe.

 

And Andrew, thanks, I sorted out the problem with IE. I had to uninstall it and then reinstall it for whatever reason. It did not affect Windows Explorer.

[Jaxxson Mayhem 0]

Download and run AVG in safe mode.