One says:
RUNDLL
Error loading E:\Program Files\xoluzylg\jivoxefg.dll
The specified module could not be found.
The other one says:
RUNDLL
Error loading E:\WINDOWS\system32\txwbyqyp.dll
The specified module could not be found.
Here are some pictures of what they look like. If anyone knows how to get rid of these, please help.
Here's the log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54:54 PM, on 6/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
E:\WINDOWS\system32\LEXBCES.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\LEXPPS.EXE
E:\WINDOWS\Explorer.EXE
E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
e:\Program Files\Cox\Applications\App\syssvcnt.exe
E:\Program Files\Symantec AntiVirus\DefWatch.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Symantec AntiVirus\Rtvscan.exe
E:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
E:\Program Files\QuickTime\QTTask.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
E:\WINDOWS\system32\WgaTray.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Documents and Settings\Administrator\My Documents\Important Things\HijackThis.exe
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
F2 - REG:system.ini: UserInit=E:\WINDOWS\system32\Userinit.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0ED8C21C-6657-445E-85A6-34913E87C3A5} - E:\WINDOWS\system32\awtro.dll (file missing)
O2 - BHO: (no name) - {10FEFBB5-3409-28C8-2974-34B60D49F0CE} - E:\WINDOWS\system32\cnqeqjn.dll (file missing)
O2 - BHO: (no name) - {36888FB9-330A-7BAF-2974-34B60D49F1CF} - E:\WINDOWS\system32\kiqi.dll (file missing)
O2 - BHO: (no name) - {36898FB9-330A-7BAF-2974-34B60D49F1CF} - E:\WINDOWS\system32\kiqi.dll (file missing)
O2 - BHO: (no name) - {3C7195F6-D788-4D50-BA72-2EE212EDAC78} - (no file)
O2 - BHO: (no name) - {3D4F1889-A568-C0AA-1A17-828DBE24D3C9} - E:\WINDOWS\SYSTEM32\EILEIYT.DLL (file missing)
O2 - BHO: (no name) - {3DF9DDB4-300D-2CFA-2974-34B60D49F2C8} - E:\WINDOWS\system32\zcyb.dll (file missing)
O2 - BHO: (no name) - {40FFF616-E1D9-4DFC-B45B-69396F839FE8} - E:\WINDOWS\system32\cbxwu.dll (file missing)
O2 - BHO: (no name) - {41F0F2BD-3C5F-28CE-2974-34B60D49F3CB} - E:\WINDOWS\system32\tdtfi.dll (file missing)
O2 - BHO: (no name) - {433E128A-D26C-C09A-1A17-828DBE24D3C9} - E:\WINDOWS\SYSTEM32\EILEIYT.DLL (file missing)
O2 - BHO: (no name) - {43FFAAB4-3A0E-2CCE-2974-34B60D49F2C8} - E:\WINDOWS\system32\zcyb.dll (file missing)
O2 - BHO: (no name) - {48FDF8B9-3909-7B9B-2974-34B60D49F1CF} - E:\WINDOWS\system32\kiqi.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - E:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {98712648-EEA8-FF5E-89DE-EEABAC720091} - E:\WINDOWS\system32\xsjiwrdg.dll (file missing)
O2 - BHO: (no name) - {B4B5AD2B-3099-2C08-EC58-367611690094} - E:\WINDOWS\system32\qwlmtrn.dll (file missing)
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - E:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (file missing)
O2 - BHO: (no name) - {E603274B-E8AB-FF6A-89DE-EEABAC720091} - E:\WINDOWS\system32\xsjiwrdg.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - (no file)
O4 - HKLM\..\Run: [ESP] E:\Program Files\Cox\Applications\app\start.exe
O4 - HKLM\..\Run: [NI.UERS_0001_N91M2007] "E:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\CDHRABZG\ErrorSafeFreeInstall[1].exe" -nag
O4 - HKLM\..\Run: [{00-00-00-04-ZN}] E:\Documents and Settings\Administrator\Local Settings\Temp\T0CHD001.exe CHD003
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "E:\WINDOWS\system32\txwbyqyp.dll",sitypnow
O4 - HKLM\..\Run: [mhuzspgl] rundll32.exe "E:\Program Files\xoluzylg\jivoxefg.dll",Init
O4 - HKLM\..\Run: [SC2] E:\Program Files\SecCenter\scprot4.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "E:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Performance Center] E:\Program Files\Ascentive\Performance Center\APCMain.exe -m
O4 - Startup: TA_Start.lnk = E:\Documents and Settings\Administrator\Local Settings\Temp\T0CHD001.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Yahoo! Search - file:///E:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///E:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///E:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///E:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) - http://www3.authenti.../bin/wizard.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - E:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn...ro.cab34246.cab
O20 - Winlogon Notify: awtro - E:\WINDOWS\system32\awtro.dll (file missing)
O20 - Winlogon Notify: cbxwu - E:\WINDOWS\system32\cbxwu.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ESP Security System Service (AuthSysSvc) - Authentium, Inc. - e:\Program Files\Cox\Applications\App\syssvcnt.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - E:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - E:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - E:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (file missing)
O23 - Service: SAVRoam (SavRoam) - symantec - E:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - E:\Program Files\Symantec AntiVirus\Rtvscan.exe
--
End of file - 8819 bytes
Edited by Cyborger, 01 July 2008 - 08:00 AM.