Technology HI Jack This Help

[Ketley4]

Ok my mate needs help. So can illuminatile help me??

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\PROGRA~1\YOURSI~1\ysb.dll
O3 - Toolbar: iMesh Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [CPQHotkeys] hotkeysvc.exe
O4 - HKLM\..\Run: [ATIUpdater] atiupdxx.exe
O4 - HKLM\..\Run: [Windows AdStatus] C:\Program Files\Windows AdStatus\WinStat.exe
O4 - HKLM\..\Run: [update] adaware.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [den] c:\windows\den.exe
O4 - HKLM\..\Run: [nH8Ý9¿Ì*ú]Mú*ÀaîžaaC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\dhjhjw.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\RunServices: [CPQHotkeys] hotkeysvc.exe
O4 - HKLM\..\RunServices: [ATIUpdater] atiupdxx.exe
O4 - HKLM\..\RunServices: [update] adaware.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [CPQHotkeys] hotkeysvc.exe
O4 - HKCU\..\Run: [ATIUpdater] atiupdxx.exe
O4 - HKCU\..\RunServices: [CPQHotkeys] hotkeysvc.exe
O4 - HKCU\..\RunServices: [ATIUpdater] atiupdxx.exe
O4 - Startup: DLHelperEXE.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'xfire_lsp_11078.dll' missing
O15 - Trusted Zone: http://www.mohaa-online.bigbig.com
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/gamc13-gb/gbc13/games4.cab
O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com/dialer/internazionale_ver4.CAB
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/dlhelper/version7/dlhelper.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C886256C-7A63-4213-AD2F-02AD3735DF06} (AtlCtrl Class) - http://dl.adshooter.com/code/SYSsfitb.cab
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://66.117.37.13/gbn298.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FF01E02-046F-46B3-896D-FC94D41B11FA}: NameServer = 194.74.65.69 194.72.9.38
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FF01E02-046F-46B3-896D-FC94D41B11FA}: NameServer = 194.74.65.69 194.72.9.38

 

[Illuminattile]

Ok my mate needs help. So can illuminatile help me??

He'll do his best.

O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\PROGRA~1\YOURSI~1\ysb.dll
O3 - Toolbar: iMesh Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O4 - HKLM\..\Run: [CPQHotkeys] hotkeysvc.exe
O4 - HKLM\..\Run: [Windows AdStatus] C:\Program Files\Windows AdStatus\WinStat.exe
O4 - HKLM\..\Run: [update] adaware.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [den] c:\windows\den.exe
O4 - HKLM\..\Run: [nH8Ý9¿Ì*ú]Mú*ÀaîžaaC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\dhjhjw.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\RunServices: [CPQHotkeys] hotkeysvc.exe
O4 - HKLM\..\RunServices: [ATIUpdater] atiupdxx.exe
O4 - HKLM\..\RunServices: [update] adaware.exe
O4 - HKCU\..\Run: [CPQHotkeys] hotkeysvc.exe
O4 - HKCU\..\RunServices: [CPQHotkeys] hotkeysvc.exe
O4 - Startup: DLHelperEXE.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O10 - Broken Internet access because of LSP provider 'xfire_lsp_11078.dll' missing
O15 - Trusted Zone: http://www.mohaa-online.bigbig.com
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/gamc13-gb/gbc13/games4.cab
O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com/dialer/internazionale_ver4.CAB
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/dlhelper/version7/dlhelper.cab
O16 - DPF: {C886256C-7A63-4213-AD2F-02AD3735DF06} (AtlCtrl Class) - http://dl.adshooter.com/code/SYSsfitb.cab
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://66.117.37.13/gbn298.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FF01E02-046F-46B3-896D-FC94D41B11FA}: NameServer = 194.74.65.69 194.72.9.38
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FF01E02-046F-46B3-896D-FC94D41B11FA}: NameServer = 194.74.65.69 194.72.9.38

There's a LOT of stuff there. Get your friend to go into Control Panel > Add/Remove Programs and see what's in there. Also, run the Trend Micro Housecall and the online Trojan Scan.