UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/8/2008 3:24:38 AM
System Uptime: 3/23/2010 4:30:28 PM (0 hours ago)

Motherboard: | | 4CoreDual-VSTA
Processor: Intel(R) Pentium(R) D CPU 3.00GHz | CPUSocket | 3013/200mhz
Processor: Intel(R) Pentium(R) D CPU 3.00GHz | CPUSocket | 3013/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 37 GiB total, 16.412 GiB free.
D: is FIXED (NTFS) - 37 GiB total, 20.173 GiB free.
E: is CDROM ()
G: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP112: 12/25/2009 12:44:01 AM - Removed WinZip 12.1
RP113: 12/25/2009 12:44:54 AM - Installed WinZip 14.0
RP114: 1/4/2010 8:45:31 PM - System Checkpoint
RP115: 1/5/2010 10:27:43 PM - System Checkpoint
RP116: 1/7/2010 2:34:45 PM - System Checkpoint
RP117: 1/8/2010 10:00:17 PM - System Checkpoint
RP118: 1/12/2010 6:46:23 PM - System Checkpoint
RP119: 1/12/2010 10:40:05 PM - Installed DirectX
RP120: 1/14/2010 5:24:31 PM - Software Distribution Service 3.0
RP121: 1/19/2010 9:54:22 AM - Removed Adobe Reader 9.1.
RP122: 1/20/2010 8:19:09 PM - System Checkpoint
RP123: 1/22/2010 12:48:45 PM - System Checkpoint
RP124: 1/22/2010 10:32:08 PM - Software Distribution Service 3.0
RP125: 1/23/2010 3:55:03 PM - Removed Google Earth.
RP126: 1/30/2010 12:45:49 PM - System Checkpoint
RP127: 2/1/2010 8:18:54 PM - System Checkpoint
RP128: 2/6/2010 2:07:21 PM - System Checkpoint
RP129: 2/7/2010 12:30:57 PM - Installed GoGear VIBE Device Manager
RP130: 2/7/2010 12:33:58 PM - Installed Media Converter for Philips
RP131: 2/7/2010 12:37:28 PM - Installed Connect Service
RP132: 2/10/2010 11:13:38 AM - System Checkpoint
RP133: 2/11/2010 12:03:18 AM - Software Distribution Service 3.0
RP134: 2/14/2010 8:13:46 PM - System Checkpoint
RP135: 2/17/2010 9:31:25 PM - System Checkpoint
RP136: 2/22/2010 12:56:52 PM - System Checkpoint
RP137: 2/24/2010 9:06:54 PM - Software Distribution Service 3.0
RP138: 3/1/2010 8:32:42 PM - Removed WinZip 14.0
RP139: 3/2/2010 8:58:10 PM - System Checkpoint
RP140: 3/10/2010 12:52:00 PM - Software Distribution Service 3.0
RP141: 3/12/2010 9:46:10 AM - Installed Java(TM) 6 Update 18
RP142: 3/13/2010 9:25:57 PM - System Checkpoint
RP143: 3/18/2010 9:39:09 PM - Avira AntiVir Personal - 3/18/2010 21:38
RP144: 3/19/2010 12:27:49 PM - Avira AntiVir Personal - 3/19/2010 12:27
RP145: 3/20/2010 12:18:06 AM - Avira AntiVir Personal - 3/20/2010 0:17
RP146: 3/22/2010 6:00:45 PM - System Checkpoint
RP147: 3/23/2010 11:33:55 AM - Installed WinZip 14.0

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.1
Adobe Shockwave Player 11.5
Ask Toolbar
Avira AntiVir Personal - Free Antivirus
BitTorrent
Camfrog Video Chat 5.2
Company of Heroes
CrossFire(Remove only)
Dawn of War - Dark Crusade
DNA
Download Accelerator Plus (DAP)
DVD Suite
EPSON Attach To Email
EPSON Easy Photo Print
EPSON File Manager
EPSON Printer Software
EPSON Scan Assistant
EPSON Web-To-Page
ESC58_59 User's Guide
ESET NOD32 Antivirus
F.A. Davis's Nursing Care Plan, ed. 6, on CD-ROM
Facebook Plug-In
FoxyTunes for Firefox
Game Booster
Garena
GoGear VIBE Device Manager
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Java Auto Updater
Java(TM) 6 Update 18
Java(TM) 6 Update 7
Malwarebytes' Anti-Malware
Media Converter for Philips
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB973686)
MSXML4 Parser
Nero 7 Essentials
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)
Norton 360
NVIDIA Drivers
OpenAL
Pando Media Booster
PIF DESIGNER
Platform
PowerDVD
PowerProducer
QuickTime Alternative 1.67
Realtek High Definition Audio Driver
Reganam Toolbar
RF Online
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB978382)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
Software Update for Web Folders
Spelling Dictionaries Support For Adobe Reader 9
The Sims 2
Torchlight
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB977724)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Outlook 2007 Junk Email Filter (kb979895)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows XP (KB925720)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VIA Platform Device Manager
VIA Rhine-Family Fast Ethernet Adapter
Windows Imaging Component
Windows Internet Explorer 7
WinRAR archiver
WinZip 14.0
WOT for Internet Explorer
Yahoo! BrowserPlus
Yahoo! Messenger
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

3/22/2010 8:03:33 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde ViaIde xfilt
3/22/2010 8:03:00 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
3/22/2010 4:39:00 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the NMIndexingService service to connect.
3/22/2010 4:39:00 PM, error: Service Control Manager [7000] - The NMIndexingService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/22/2010 4:39:00 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
3/21/2010 4:05:32 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
3/21/2010 4:05:32 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/20/2010 12:04:10 PM, error: Service Control Manager [7034] - The Windows User Mode Driver Framework service terminated unexpectedly. It has done this 1 time(s).
3/20/2010 12:04:10 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s).
3/20/2010 12:04:07 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
3/19/2010 11:11:47 PM, error: Service Control Manager [7034] - The NMIndexingService service terminated unexpectedly. It has done this 1 time(s).
3/19/2010 11:11:46 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
3/19/2010 11:11:46 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
3/19/2010 11:11:46 PM, error: Service Control Manager [7034] - The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly. It has done this 1 time(s).
3/19/2010 11:11:46 PM, error: Service Control Manager [7034] - The ArcSoft Connect Daemon service terminated unexpectedly. It has done this 1 time(s).
3/19/2010 11:11:46 PM, error: Service Control Manager [7031] - The Eset Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
3/18/2010 8:37:40 PM, error: Service Control Manager [7023] - The Network Image service terminated with the following error: The specified module could not be found.
3/18/2010 8:37:40 PM, error: Service Control Manager [7023] - The Driver Server service terminated with the following error: The specified module could not be found.
3/18/2010 8:37:40 PM, error: Service Control Manager [7023] - The Boot Time service terminated with the following error: The specified module could not be found.
3/18/2010 8:37:40 PM, error: Service Control Manager [7023] - The Boot Network service terminated with the following error: The specified module could not be found.
3/18/2010 10:15:45 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.

==== End Of File ===========================

There are quite a few programs on your computer that track or spy on you, while browsing and working on your computer. Some are safer than others.

I recommend to remove the following programs, due to their ill nature:

Ask Toolbar (adware)
Google Toolbar (tracker)
Yahoo! Toolbar (tracker)
Crawler Toolbar (spyware)
Game Booster (suspicious program)
Download Accelerator Plus (DAP) (spyware)
CamFrog Video Chat (spyware)
BitTorrent (distribution of malware)
Daemon Tools Toolbar (tracker and adware)

Also, remove this old version of Java: Java(TM) 6 Update 7

-=============-
Please let me know which ones you uninstalled/removed.

Sir Jay,

I have removed the programs as you requested, but i cannot remove some of it for some reasons..

Ask toolbar - can't remove it. whenever i remove it from the add or remove window, it says "Error loading C:\PROGRA~1\AskSBar\bar\1.bin\AskBar.dll". I checked the program files but there's no existing folder of the program. It seems that i deleted the whole folder sometime in the past

Google Toolbar - removed

Yahoo! Toolbar - can't remove it. Whenever i remove it, it leaves a black bar in the place of the toolbar, which makes my firefox looks like it was slashed into two, which makes my persona look like crap. I don't use the toolbar anyways. Do you know any remedies for this?

Crawler Toolbar - can't remove. I didn't know that i have that one. It also doesn't exist in add or remove programs. I can't find int also in the program files.

Game Booster - removed. well, my friend gave me this program. He said that it can boost frame rate in video games.

DAP - removed. uhm.. can you recommend me a program to substitute for my DAP? My connection sucks big time and it's a hassle whenever i download large chunk of files...

CamFrog -removed

BitTorrent - removed

Daemon tools - removed

Java(TM) 6 Update 7 - removed

If you use Firefox, check out DownThemAll. I been using that FF extension for almost two years.

Don't worry. If you only have one toolbar, it is better than a lot. Yahoo! Toolbar should be fine. I have used it in the past. They don't track as much as Google Toolbar does.

For Ask Toolbar, please do the following:

1. Please download AskRemover by Belahzur from here
   
2. Extract the zip file to your Desktop, then run AskRemover.bat
   
3. Allow it to run, and select yes to the registry merge warning.
   
4. Copy and paste the resulting log in your next post.
   

For Crawler toolbar, please do the following:

Please open Notepad and enter in the following:

Windows Registry Editor 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\CustomizeSearch=http://www.crawler.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CustomizeSearch=http://www.crawler.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar=http://www.crawler.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchAssistant=http://www.crawler.com]
[-HKEY_CLASSES_ROOT\CMail.CMailClass]
[-HKEY_CLASSES_ROOT\ctbcommon.Buttons]
[-HKEY_CLASSES_ROOT\ctbr.R404Pro]
[-HKEY_CLASSES_ROOT\CToolbar.TB4Client]
[-HKEY_CLASSES_ROOT\CToolbar.TB4Script]
[-HKEY_CLASSES_ROOT\CToolbar.TB4Server]
[-HKEY_CLASSES_ROOT\Weather4.WeatherObj]
[-HKEY_CLASSES_ROOT\CLSID\{183643C8-EE67-4574-9A38-927852E34163}]
[-HKEY_CLASSES_ROOT\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_CLASSES_ROOT\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}]
[-HKEY_CLASSES_ROOT\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-HKEY_CLASSES_ROOT\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}]
[-HKEY_CLASSES_ROOT\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}]
[-HKEY_CLASSES_ROOT\CLSID\{786C6F15-0D85-46FB-9A31-0AA0E93C88FF}]
[-HKEY_CLASSES_ROOT\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}]
[-HKEY_CLASSES_ROOT\CLSID\{B1CF6225-211E-4B4C-B466-5F224E348FF3}]
[-HKEY_CLASSES_ROOT\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}]
[-HKEY_CLASSES_ROOT\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}]
[-HKEY_CLASSES_ROOT\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}]
[-HKEY_CLASSES_ROOT\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}]
[-HKEY_CLASSES_ROOT\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}]
[-HKEY_CLASSES_ROOT\TypeLib\{0085379D-A745-47E0-8642-82A922D9F12D}]
[-HKEY_CLASSES_ROOT\TypeLib\{2BA9A794-DC89-456F-90F4-A29D3E608216}]
[-HKEY_CLASSES_ROOT\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}]
[-HKEY_CLASSES_ROOT\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}]
[-HKEY_CLASSES_ROOT\PROTOCOLS\Handler\tbr]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar={4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\""={4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks={CFBFAE00-17A6-11D0-99CB-00C04FD64497}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\CToolbar]
[-HKEY_CURRENT_USER\Software\CToolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL]

Then, click File > Save as...
Save as crawler.reg to your Desktop.
Choose Save as type... All Files.
Click Save.

Then, exit Notepad.

Double-click on crawler.reg, and it will finish quickly and launch a log.

Please post that in your next reply.

Sir Jay,

Thank you very much for recommending downthemall extension!

Anyways, here's the askremover log..

Ask Remover Version 1.1 - Written by Belahzur

The current time and date is 14:41:49.93 Wed 03/24/2010

Microsoft Windows XP [Version 5.1.2600]


==== STARTING CHECK ====

==== Starting removal of Ask ====

Applying removal of Ask Toolbar registry keys.

==== REGISTRY DUMP ====

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main
Start Page REG_SZ http://www.yahoo.com/


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Default_Search_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Default_Page_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=69157


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Start Page REG_SZ http://go.microsoft.com/fwlink/?LinkId=69157


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Search Bar REG_SZ http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html

*** The above keys may not need fixing ***

==== FINAL CHECK ====

==== EOF ====


As for the crawler log, it encounters an error whenever i open crawler.reg. It says...

"Cannot import C:\Documents and Settings\MARIGZA\Desktop\Crawler.reg: The specified is not a registry script. You can only import binary registry files from within the registry editor"

what am going to do?

Sorry. Syntax error.

Please open Notepad and enter in the following:

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\CustomizeSearch=http://www.crawler.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CustomizeSearch=http://www.crawler.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar=http://www.crawler.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchAssistant=http://www.crawler.com]
[-HKEY_CLASSES_ROOT\CMail.CMailClass]
[-HKEY_CLASSES_ROOT\ctbcommon.Buttons]
[-HKEY_CLASSES_ROOT\ctbr.R404Pro]
[-HKEY_CLASSES_ROOT\CToolbar.TB4Client]
[-HKEY_CLASSES_ROOT\CToolbar.TB4Script]
[-HKEY_CLASSES_ROOT\CToolbar.TB4Server]
[-HKEY_CLASSES_ROOT\Weather4.WeatherObj]
[-HKEY_CLASSES_ROOT\CLSID\{183643C8-EE67-4574-9A38-927852E34163}]
[-HKEY_CLASSES_ROOT\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_CLASSES_ROOT\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}]
[-HKEY_CLASSES_ROOT\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-HKEY_CLASSES_ROOT\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}]
[-HKEY_CLASSES_ROOT\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}]
[-HKEY_CLASSES_ROOT\CLSID\{786C6F15-0D85-46FB-9A31-0AA0E93C88FF}]
[-HKEY_CLASSES_ROOT\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}]
[-HKEY_CLASSES_ROOT\CLSID\{B1CF6225-211E-4B4C-B466-5F224E348FF3}]
[-HKEY_CLASSES_ROOT\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}]
[-HKEY_CLASSES_ROOT\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}]
[-HKEY_CLASSES_ROOT\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}]
[-HKEY_CLASSES_ROOT\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}]
[-HKEY_CLASSES_ROOT\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}]
[-HKEY_CLASSES_ROOT\TypeLib\{0085379D-A745-47E0-8642-82A922D9F12D}]
[-HKEY_CLASSES_ROOT\TypeLib\{2BA9A794-DC89-456F-90F4-A29D3E608216}]
[-HKEY_CLASSES_ROOT\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}]
[-HKEY_CLASSES_ROOT\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}]
[-HKEY_CLASSES_ROOT\PROTOCOLS\Handler\tbr]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar={4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\""={4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks={CFBFAE00-17A6-11D0-99CB-00C04FD64497}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\CToolbar]
[-HKEY_CURRENT_USER\Software\CToolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL]

Then, click File > Save as...
Save as crawler.reg to your Desktop.
Choose Save as type... All Files.
Click Save.

Then, exit Notepad.

Double-click on crawler.reg and allow it to merge in to the Registry.

Then, reboot your computer and let me know if those toolbars are gone.

Sir Jay,

All of the toolbars are gone now thanks to you

But recently, i got infected again with BDS.Small.iuj. But it's not the explorer.exe, but C:\System Volume Information\_restore\(blah..blah.. blah..)exe. Maybe someone in our house opened a malicious site or something, since i am not the only one who uses this computer. Oh well... I hate to say this but can you help me with again in this matter? The infected file is currently being quarantined by my free avira and i can't clean it. Also i haven't noticed any significant changes in my windows.. Also i don't want to delete it because it may cause a disaster if i did..


Virus or unwanted program 'BDS/Small.iuj [backdoor]'
detected in file 'C:\System Volume Information\_restore{01CB568E-AA82-4FB8-B5DE-E4C6FD49C92D}\RP144\A0166450.exe.
Action performed: Move file to quarantine

No. That is explorer.exe in System Restore, before we removed the infection.

Let's get rid of all of it. Put its book on the shelf.

Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:

• Select Start > All Programs > Accessories > System tools > System Restore.
  
• On the dialogue box that appears select Create a Restore Point
  
• Click NEXT
  
• Enter a name e.g. Clean
  
• Click CREATE

You now have a clean restore point, to get rid of the bad ones:

• Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  
• In the Drop down box that appears select your main drive e.g. C
  
• Click OK
  
• The System will do some calculation and the display a dialogue box with TABS
  
• Select the More Options Tab.
  
• At the bottom will be a system restore box with a CLEANUP button click this
  
• Accept the Warning and select OK again, the program will close and you are done
  

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:

• Save it to your Desktop.
  
• Double click OTC.exe.
  
• Click the CleanUp! button.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes.
  

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

==

Please download TFC by OldTimer to your desktop

• Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  
• It will close all programs when run, so make sure you have saved all your work before you begin.
  
• Click the Start
  button to begin the process. Depending on how often you clean temp
  files, execution time should be anywhere from a few seconds to a minute
  or two. Let it run uninterrupted to completion.
  
• Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

==

Download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

phew.. thought i had that damn virus again.

Here's the checkup.txt as you requested

Results of screen317's Security Check version 0.99.2
Windows XP Service Pack 2
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
ESET NOD32 Antivirus
Norton 360
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 18
Adobe Flash Player 10
Adobe Reader 9.3.1
````````````````````````````````
Process Check:
objlist.exe by Laurent
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

oh and another thing.. can i delete now the file C:\System Volume Information\_restore{01CB568E-AA82-4FB8-B5DE-E4C6FD49C92D}\RP144\A0166450.exe that is being quarantined?

You should only be running one antivirus. Since you have Norton 360 and Nod32 -- are both of those paid and up-to-date? Are they in use?

Did you clear all the Restore points after creating a new one, as I stated above? If so, the malware in System Restore should now be gone.

Please upgrade to Windows XP SP3, because it includes all previously released updates. It also includes a small number of new functionalities. Some of the updates that Service Pack 3 provides, you may not have. It is now available via Windows Update.

More info about SP3: http://www.geekpolice.net/operating-systems-f20/windows-xp-service-pack-3-information-t16956.htm

Let me know about that information, please.

Sir Jay,

Norton 360 was my previous antivirus before a friend of mine recommended Nod32. But i already removed 360 a long time ago and i don't now how it popped out in the checkup. And yes, my NOD32 is paid and i always update it.

Yes, i did what you instructed me regarding clearing all the Restore Points. But should i restore the C:\System Volume Information\_restore that is infected and being quarantined before cleaning my restore points?

As for my OS, i can't upgrade it because of "you-know-what".. haha lol
But i've been saving up a lot of dough for a major overhual, and that includes going windows 7

Ok. Seems clean.

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

AntiSpyware

• SpywareBlaster
  SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found here.
  
• Spybot - Search & Destroy.
  Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).
  

NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure.

Securing your computer

• Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  
• hpHosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.
  

Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:

• Firefox may be downloaded from here: http://www.getfirefox.com
  
• Opera is available here: http://www.opera.com/download/
  

See this page for more info about malware and prevention.

Please leave feedback for The Ultimate Geek TaskForce! by going here

If you would like to make a small donation, please see the link in my signature below.

If you ever need help in the future, feel free to come back to this site for any computer issue, and we shall help.

And it's finally over! haha

Thank you very, very much sir Jay! I really appreciated your help. Kudos to you and all of the people who help people with these kinds of problems.

Just one more thing. Just like you said above, i should only have one antivirus, so what should i keep?

I'm having doubts about the reliability of my NOD32 since it did not detect BDS.Small.iuj, which was detected by my free avira..

Also, is windows firewall enough? If not, what firewall should i get?

I would recommend to keep ESET Nod32. One slipthrough is rarely a big deal.

I am sure it will work out for you.

If I recommend a firewall, it would be Outpost free firewall: http://free.agnitum.com/