Post-Virus issue with Google Chrome

Good chance you will have to reinstall it, but let's do this first;

Download HijackThis Executable from here. Save it to your desktop.
Start HJT & press the "Do a system scan and save a log file" button. When the scan is finished a window will pop up giving you the option of where to save it. Save it to desktop where it is easy to access. Open the log file and then go to the format Tab and make sure that wordwrap is unchecked. Copy the entire contents of the file & paste it into the body of your post. DO NOT FIX ANYTHING YET. Most of what is there is necessary for the running of your system.

==============

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 4:11:20 PM, on 3/4/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
D:\Windows\system32\Dwm.exe
D:\Windows\system32\taskhost.exe
D:\Windows\Explorer.EXE
D:\Program Files\Heroes of Newerth\hon.exe
D:\Windows\system32\wuauclt.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Windows\system32\taskhost.exe
D:\Windows\system32\taskeng.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Windows\system32\SearchProtocolHost.exe
D:\Windows\system32\SearchFilterHost.exe
D:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: D:\Windows\system32\lsk6b6g7cp.dll - {A3BA40A2-74F0-42BD-F434-00B15A2C8953} - D:\Windows\system32\lsk6b6g7cp.dll (file missing)
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Livestream Procaster] "D:\Program Files\Livestream Procaster\Procaster.exe" -autorun
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [uTorrent] "D:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun
O4 - HKCU\..\Run: [Google Update] "D:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: 61871.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O20 - AppInit_DLLs: app_dll.dll

--
End of file - 3773 bytes

OTL logfile created on: 3/4/2010 4:14:11 PM - Run 1
OTL by OldTimer - Version 3.1.33.0 Folder = D:\Users\Andrew\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 49.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 298.09 Gb Total Space | 69.46 Gb Free Space | 23.30% Space Free | Partition Type: NTFS
Drive D: | 931.37 Gb Total Space | 777.11 Gb Free Space | 83.44% Space Free | Partition Type: NTFS
Drive E: | 186.30 Gb Total Space | 93.09 Gb Free Space | 49.97% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDREW-PC
Current User Name: Andrew
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/04 16:12:54 | 000,552,960 | ---- | M] (OldTimer Tools) -- D:\Users\Andrew\Desktop\OTL.exe
PRC - [2009/10/30 21:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe
PRC - [2009/07/13 17:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe

========== Modules (SafeList) ==========

MOD - [2010/03/04 16:12:54 | 000,552,960 | ---- | M] (OldTimer Tools) -- D:\Users\Andrew\Desktop\OTL.exe
MOD - [2009/07/13 17:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\sspicli.dll
MOD - [2009/07/13 17:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\sechost.dll
MOD - [2009/07/13 17:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\samcli.dll
MOD - [2009/07/13 17:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\profapi.dll
MOD - [2009/07/13 17:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\netutils.dll
MOD - [2009/07/13 17:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 17:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 17:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\devobj.dll
MOD - [2009/07/13 17:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 17:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 17:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- D:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/02/28 11:40:08 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 17:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 17:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 17:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 17:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 17:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- D:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 17:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 17:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 17:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 17:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 17:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 17:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 17:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 17:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 17:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 17:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 17:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 17:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- D:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 17:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 17:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 17:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- D:\Windows\System32\sppsvc.exe -- (sppsvc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 21 03 DA 7C 4D B8 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: ([2010/03/03 19:44:42 | 000,000,000 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (D:\Windows\system32\lsk6b6g7cp.dll) - {A3BA40A2-74F0-42BD-F434-00B15A2C8953} - D:\Windows\System32\lsk6b6g7cp.dll File not found
O4 - HKLM..\Run: [GrooveMonitor] D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe File not found
O4 - HKLM..\Run: [Livestream Procaster] D:\Program Files\Livestream Procaster\Procaster.exe File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe File not found
O4 - HKCU..\Run: [Google Update] D:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [uTorrent] D:\Program Files\uTorrent\uTorrent.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: D:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\61871.lnk = D:\Users\Andrew\AppData\Local\Temp\mvNat.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (app_dll.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\System32\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - D:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/20 07:42:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 13:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - D:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - D:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - D:\Windows\System32\bdesvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2010/03/04 16:12:52 | 000,552,960 | ---- | C] (OldTimer Tools) -- D:\Users\Andrew\Desktop\OTL.exe
[2010/03/04 16:10:48 | 000,000,000 | ---D | C] -- D:\Program Files\TrendMicro
[2010/03/03 21:12:03 | 000,000,000 | ---D | C] -- D:\Program Files\VS Revo Group
[2010/03/03 21:05:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/03 21:05:45 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys
[2010/03/03 21:05:45 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malware
[2010/03/03 21:05:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes
[2010/03/03 19:45:00 | 000,000,000 | ---D | C] -- D:\Program Files\Adobe
[2010/03/03 19:41:51 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Roaming\Foxit
[2010/03/03 19:41:40 | 000,000,000 | ---D | C] -- D:\Program Files\Foxit Software
[2010/03/01 19:54:09 | 000,000,000 | ---D | C] -- D:\Program Files\DAEMON Tools Lite
[2010/03/01 19:53:56 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Roaming\DAEMON Tools Lite
[2010/03/01 19:53:53 | 000,000,000 | ---D | C] -- D:\ProgramData\DAEMON Tools Lite
[2010/03/01 19:31:32 | 000,000,000 | ---D | C] -- D:\Program Files\uTorrent
[2010/03/01 19:31:12 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Roaming\uTorrent
[2010/03/01 19:25:46 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Local\WMTools Downloaded Files
[2010/03/01 19:16:36 | 000,000,000 | ---D | C] -- D:\Program Files\Movie Maker 2.6
[2010/02/28 15:57:22 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Local\Procaster
[2010/02/28 15:57:22 | 000,000,000 | ---D | C] -- D:\Program Files\Livestream Procaster
[2010/02/28 12:42:25 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Roaming\DivX
[2010/02/28 12:41:20 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\PX Storage Engine
[2010/02/28 12:41:02 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DivX Shared
[2010/02/28 12:41:02 | 000,000,000 | ---D | C] -- D:\Program Files\DivX
[2010/02/28 11:33:39 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Roaming\WinRAR
[2010/02/28 11:33:32 | 000,000,000 | ---D | C] -- D:\Program Files\WinRAR
[2010/02/28 11:26:13 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Works
[2010/02/28 11:25:58 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Visual Studio
[2010/02/28 11:25:58 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DESIGNER
[2010/02/28 11:25:46 | 000,000,000 | ---D | C] -- D:\Windows\PCHEALTH
[2010/02/28 11:25:46 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft.NET
[2010/02/28 11:24:39 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Visual Studio 8
[2010/02/28 11:24:03 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Local\Microsoft Help
[2010/02/28 11:24:02 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Office
[2010/02/28 11:24:02 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft Help
[2010/02/28 10:39:19 | 000,000,000 | ---D | C] -- D:\Users\Andrew\Documents\Heroes of Newerth
[2010/02/28 10:37:31 | 000,000,000 | -HSD | C] -- D:\Windows\Installer
[2010/02/28 10:37:31 | 000,000,000 | ---D | C] -- D:\Program Files\Heroes of Newerth
[2010/02/28 00:17:22 | 000,000,000 | ---D | C] -- D:\Users\Andrew\Documents\Downloads
[2010/02/28 00:15:49 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Local\Google
[2010/02/28 00:15:42 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Local\Deployment
[2010/02/28 00:15:42 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Local\Apps
[2010/02/28 00:14:33 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Roaming\Macromedia
[2010/02/28 00:14:33 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Roaming\Adobe
[2010/02/28 00:14:32 | 000,000,000 | ---D | C] -- D:\Windows\System32\Macromed
[2010/02/28 00:06:26 | 000,000,000 | R--D | C] -- D:\Users\Andrew\Searches
[2010/02/28 00:06:18 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Roaming\Identities
[2010/02/28 00:06:17 | 000,000,000 | R--D | C] -- D:\Users\Andrew\Contacts
[2010/02/28 00:06:14 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Local\VirtualStore
[2010/02/28 00:06:12 | 000,000,000 | --SD | C] -- D:\Users\Andrew\AppData\Roaming\Microsoft
[2010/02/28 00:06:12 | 000,000,000 | R--D | C] -- D:\Users\Andrew\Videos
[2010/02/28 00:06:12 | 000,000,000 | R--D | C] -- D:\Users\Andrew\Saved Games
[2010/02/28 00:06:12 | 000,000,000 | R--D | C] -- D:\Users\Andrew\Pictures
[2010/02/28 00:06:12 | 000,000,000 | R--D | C] -- D:\Users\Andrew\Music
[2010/02/28 00:06:12 | 000,000,000 | R--D | C] -- D:\Users\Andrew\Links
[2010/02/28 00:06:12 | 000,000,000 | R--D | C] -- D:\Users\Andrew\Favorites
[2010/02/28 00:06:12 | 000,000,000 | R--D | C] -- D:\Users\Andrew\Downloads
[2010/02/28 00:06:12 | 000,000,000 | R--D | C] -- D:\Users\Andrew\Documents
[2010/02/28 00:06:12 | 000,000,000 | R--D | C] -- D:\Users\Andrew\Desktop
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\AppData\Local\Temporary Internet Files
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\Templates
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\Start Menu
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\SendTo
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\Recent
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\PrintHood
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\NetHood
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\Documents\My Videos
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\Documents\My Pictures
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\Documents\My Music
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\My Documents
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\Local Settings
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\AppData\Local\History
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\Cookies
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\Application Data
[2010/02/28 00:06:12 | 000,000,000 | -HSD | C] -- D:\Users\Andrew\AppData\Local\Application Data
[2010/02/28 00:06:12 | 000,000,000 | -H-D | C] -- D:\Users\Andrew\AppData
[2010/02/28 00:06:12 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Local\Temp
[2010/02/28 00:06:12 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Local\Microsoft
[2010/02/28 00:06:12 | 000,000,000 | ---D | C] -- D:\Users\Andrew\AppData\Roaming\Media Center Programs
[2010/02/28 00:05:59 | 000,000,000 | -HSD | C] -- D:\Recovery
[2010/02/27 23:53:29 | 000,000,000 | ---D | C] -- D:\Windows\SoftwareDistribution
[2010/02/27 23:51:01 | 000,000,000 | ---D | C] -- D:\Windows\Prefetch
[2010/02/27 23:49:47 | 000,000,000 | ---D | C] -- D:\Windows\Panther
[2010/02/27 23:45:16 | 000,000,000 | ---D | C] -- D:\Windows.old

========== Files - Modified Within 14 Days ==========

[2010/03/04 16:15:13 | 001,048,576 | -HS- | M] () -- D:\Users\Andrew\NTUSER.DAT
[2010/03/04 16:12:54 | 000,552,960 | ---- | M] (OldTimer Tools) -- D:\Users\Andrew\Desktop\OTL.exe
[2010/03/04 16:10:48 | 000,002,967 | ---- | M] () -- D:\Users\Andrew\Desktop\HiJackThis.lnk
[2010/03/04 16:08:00 | 000,000,912 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-410888586-2273857637-1047589884-1001UA.job
[2010/03/04 16:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At17.job
[2010/03/04 15:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At16.job
[2010/03/04 14:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At15.job
[2010/03/04 13:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At14.job
[2010/03/04 12:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At13.job
[2010/03/04 11:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At12.job
[2010/03/04 10:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At11.job
[2010/03/04 09:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At10.job
[2010/03/04 08:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At9.job
[2010/03/04 07:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At8.job
[2010/03/04 06:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At7.job
[2010/03/04 05:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At6.job
[2010/03/04 04:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At5.job
[2010/03/04 03:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At4.job
[2010/03/04 02:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At3.job
[2010/03/04 01:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At2.job
[2010/03/04 00:02:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At1.job
[2010/03/03 23:19:19 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2010/03/03 23:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At24.job
[2010/03/03 22:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At23.job
[2010/03/03 21:16:28 | 000,002,257 | ---- | M] () -- D:\Users\Andrew\Desktop\Google Chrome.lnk
[2010/03/03 21:12:03 | 000,001,222 | ---- | M] () -- D:\Users\Andrew\Desktop\Revo Uninstaller.lnk
[2010/03/03 21:08:00 | 000,000,860 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-410888586-2273857637-1047589884-1001Core.job
[2010/03/03 21:07:37 | 000,018,160 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/03 21:07:37 | 000,018,160 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/03 21:06:33 | 000,713,888 | ---- | M] () -- D:\Windows\System32\PerfStringBackup.INI
[2010/03/03 21:06:33 | 000,615,122 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2010/03/03 21:06:33 | 000,103,496 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2010/03/03 21:05:49 | 000,000,979 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/03 21:02:38 | 000,000,812 | -HS- | M] () -- D:\Users\Andrew\AppData\Roaming\51d92164-3544-424b-ac30-d0ea3c263c6c_.mkv
[2010/03/03 21:02:38 | 000,000,812 | -HS- | M] () -- D:\Users\Andrew\AppData\Local\51d92164-3544-424b-ac30-d0ea3c263c6c_.mkv
[2010/03/03 21:02:38 | 000,000,812 | -HS- | M] () -- D:\ProgramData\51d92164-3544-424b-ac30-d0ea3c263c6c_.mkv
[2010/03/03 21:00:35 | 000,524,288 | -HS- | M] () -- D:\Users\Andrew\NTUSER.DAT{cebd1f04-274a-11df-b598-001fd0819598}.TMContainer00000000000000000002.regtrans-ms
[2010/03/03 21:00:35 | 000,524,288 | -HS- | M] () -- D:\Users\Andrew\NTUSER.DAT{cebd1f04-274a-11df-b598-001fd0819598}.TMContainer00000000000000000001.regtrans-ms
[2010/03/03 21:00:35 | 000,065,536 | -HS- | M] () -- D:\Users\Andrew\NTUSER.DAT{cebd1f04-274a-11df-b598-001fd0819598}.TM.blf
[2010/03/03 21:00:31 | 000,000,006 | -H-- | M] () -- D:\Windows\tasks\SA.DAT
[2010/03/03 21:00:20 | 2615,910,400 | -HS- | M] () -- D:\hiberfil.sys
[2010/03/03 20:45:52 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At22.job
[2010/03/03 20:45:52 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At20.job
[2010/03/03 20:45:52 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At19.job
[2010/03/03 20:45:52 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At18.job
[2010/03/03 20:19:08 | 000,003,668 | ---- | M] () -- D:\ProgramData\fiosejgfse.dll
[2010/03/03 20:18:58 | 000,000,148 | ---- | M] () -- D:\Users\Andrew\Desktop\taskmanager.reg
[2010/03/03 20:00:31 | 000,000,380 | ---- | M] () -- D:\Windows\tasks\At21.job
[2010/03/03 19:42:06 | 000,000,876 | ---- | M] () -- D:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\61871.lnk
[2010/03/03 19:41:51 | 000,001,188 | ---- | M] () -- D:\Users\Public\Desktop\Foxit Reader.lnk
[2010/03/01 19:54:29 | 000,691,696 | ---- | M] () -- D:\Windows\System32\drivers\sptd.sys
[2010/03/01 19:25:03 | 000,003,584 | ---- | M] () -- D:\Users\Andrew\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/01 07:33:11 | 002,851,568 | -H-- | M] () -- D:\Users\Andrew\AppData\Local\IconCache.db
[2010/03/01 07:31:34 | 000,017,532 | ---- | M] () -- D:\Users\Andrew\Documents\Spanish - Mario Toral.docx
[2010/02/28 20:20:26 | 000,011,183 | ---- | M] () -- D:\Users\Andrew\Documents\History - Chapters 15-16 Vocab.docx
[2010/02/28 15:57:23 | 000,000,984 | ---- | M] () -- D:\Users\Public\Desktop\Livestream Procaster.lnk
[2010/02/28 12:41:22 | 000,001,100 | ---- | M] () -- D:\Users\Public\Desktop\DivX Player.lnk
[2010/02/28 12:41:20 | 000,001,136 | ---- | M] () -- D:\Users\Public\Desktop\DivX Converter.lnk
[2010/02/28 12:41:02 | 000,001,587 | ---- | M] () -- D:\Users\Andrew\Desktop\DivX Movies.lnk
[2010/02/28 11:47:33 | 000,108,824 | ---- | M] () -- D:\Users\Andrew\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/28 11:43:19 | 000,412,432 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2010/02/28 11:24:21 | 000,000,478 | ---- | M] () -- D:\Windows\win.ini
[2010/02/28 10:39:21 | 000,001,871 | ---- | M] () -- D:\Users\Andrew\Desktop\Heroes of Newerth.lnk
[2010/02/28 00:33:14 | 000,383,592 | RHS- | M] () -- D:\gdrop
[2010/02/28 00:33:14 | 000,171,136 | RHS- | M] () -- D:\xeldr
[2010/02/28 00:33:14 | 000,008,192 | ---- | M] () -- D:\bootsect.lxe.bak
[2010/02/28 00:24:48 | 000,524,288 | -HS- | M] () -- D:\Users\Andrew\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/02/28 00:24:48 | 000,524,288 | -HS- | M] () -- D:\Users\Andrew\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/02/28 00:24:48 | 000,065,536 | -HS- | M] () -- D:\Users\Andrew\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/02/28 00:06:12 | 000,000,020 | -HS- | M] () -- D:\Users\Andrew\ntuser.ini
[2010/02/27 23:55:17 | 000,042,045 | ---- | M] () -- D:\Windows\System32\license.rtf
[2010/02/27 23:52:31 | 000,000,000 | -H-- | M] () -- D:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/02/27 23:49:34 | 000,008,192 | RHS- | M] () -- D:\BOOTSECT.BAK

========== Files Created - No Company Name ==========

[2010/03/04 16:10:48 | 000,002,967 | ---- | C] () -- D:\Users\Andrew\Desktop\HiJackThis.lnk
[2010/03/03 21:16:28 | 000,002,257 | ---- | C] () -- D:\Users\Andrew\Desktop\Google Chrome.lnk
[2010/03/03 21:12:03 | 000,001,222 | ---- | C] () -- D:\Users\Andrew\Desktop\Revo Uninstaller.lnk
[2010/03/03 21:05:49 | 000,000,979 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/03 21:03:07 | 000,000,912 | ---- | C] () -- D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-410888586-2273857637-1047589884-1001UA.job
[2010/03/03 21:03:06 | 000,000,860 | ---- | C] () -- D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-410888586-2273857637-1047589884-1001Core.job
[2010/03/03 21:00:35 | 000,524,288 | -HS- | C] () -- D:\Users\Andrew\NTUSER.DAT{cebd1f04-274a-11df-b598-001fd0819598}.TMContainer00000000000000000002.regtrans-ms
[2010/03/03 21:00:35 | 000,524,288 | -HS- | C] () -- D:\Users\Andrew\NTUSER.DAT{cebd1f04-274a-11df-b598-001fd0819598}.TMContainer00000000000000000001.regtrans-ms
[2010/03/03 21:00:35 | 000,065,536 | -HS- | C] () -- D:\Users\Andrew\NTUSER.DAT{cebd1f04-274a-11df-b598-001fd0819598}.TM.blf
[2010/03/03 20:18:58 | 000,000,148 | ---- | C] () -- D:\Users\Andrew\Desktop\taskmanager.reg
[2010/03/03 19:58:48 | 000,003,668 | ---- | C] () -- D:\ProgramData\fiosejgfse.dll
[2010/03/03 19:45:11 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At24.job
[2010/03/03 19:45:10 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At23.job
[2010/03/03 19:45:10 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At22.job
[2010/03/03 19:45:09 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At21.job
[2010/03/03 19:45:09 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At20.job
[2010/03/03 19:45:08 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At19.job
[2010/03/03 19:45:08 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At18.job
[2010/03/03 19:45:08 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At17.job
[2010/03/03 19:45:07 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At16.job
[2010/03/03 19:45:07 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At15.job
[2010/03/03 19:45:06 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At14.job
[2010/03/03 19:45:06 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At13.job
[2010/03/03 19:45:05 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At12.job
[2010/03/03 19:45:05 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At11.job
[2010/03/03 19:45:04 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At9.job
[2010/03/03 19:45:04 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At10.job
[2010/03/03 19:45:03 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At8.job
[2010/03/03 19:45:03 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At7.job
[2010/03/03 19:45:03 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At6.job
[2010/03/03 19:45:02 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At5.job
[2010/03/03 19:45:02 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At4.job
[2010/03/03 19:45:01 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At3.job
[2010/03/03 19:45:01 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At2.job
[2010/03/03 19:45:00 | 000,000,380 | ---- | C] () -- D:\Windows\tasks\At1.job
[2010/03/03 19:44:45 | 000,000,812 | -HS- | C] () -- D:\Users\Andrew\AppData\Roaming\51d92164-3544-424b-ac30-d0ea3c263c6c_.mkv
[2010/03/03 19:44:45 | 000,000,812 | -HS- | C] () -- D:\Users\Andrew\AppData\Local\51d92164-3544-424b-ac30-d0ea3c263c6c_.mkv
[2010/03/03 19:44:45 | 000,000,812 | -HS- | C] () -- D:\ProgramData\51d92164-3544-424b-ac30-d0ea3c263c6c_.mkv
[2010/03/03 19:42:06 | 000,000,876 | ---- | C] () -- D:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\61871.lnk
[2010/03/03 19:41:51 | 000,001,188 | ---- | C] () -- D:\Users\Public\Desktop\Foxit Reader.lnk
[2010/03/01 19:54:29 | 000,691,696 | ---- | C] () -- D:\Windows\System32\drivers\sptd.sys
[2010/03/01 19:25:03 | 000,003,584 | ---- | C] () -- D:\Users\Andrew\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/28 16:42:24 | 000,011,183 | ---- | C] () -- D:\Users\Andrew\Documents\History - Chapters 15-16 Vocab.docx
[2010/02/28 15:57:23 | 000,000,984 | ---- | C] () -- D:\Users\Public\Desktop\Livestream Procaster.lnk
[2010/02/28 12:41:22 | 000,001,100 | ---- | C] () -- D:\Users\Public\Desktop\DivX Player.lnk
[2010/02/28 12:41:20 | 000,001,136 | ---- | C] () -- D:\Users\Public\Desktop\DivX Converter.lnk
[2010/02/28 12:41:02 | 000,001,587 | ---- | C] () -- D:\Users\Andrew\Desktop\DivX Movies.lnk
[2010/02/28 12:08:35 | 000,017,532 | ---- | C] () -- D:\Users\Andrew\Documents\Spanish - Mario Toral.docx
[2010/02/28 10:39:21 | 000,001,871 | ---- | C] () -- D:\Users\Andrew\Desktop\Heroes of Newerth.lnk
[2010/02/28 00:33:14 | 000,383,592 | RHS- | C] () -- D:\gdrop
[2010/02/28 00:33:14 | 000,171,136 | RHS- | C] () -- D:\xeldr
[2010/02/28 00:33:14 | 000,008,192 | ---- | C] () -- D:\bootsect.lxe.bak
[2010/02/28 00:06:12 | 001,048,576 | -HS- | C] () -- D:\Users\Andrew\NTUSER.DAT
[2010/02/28 00:06:12 | 000,524,288 | -HS- | C] () -- D:\Users\Andrew\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/02/28 00:06:12 | 000,524,288 | -HS- | C] () -- D:\Users\Andrew\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/02/28 00:06:12 | 000,065,536 | -HS- | C] () -- D:\Users\Andrew\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/02/28 00:06:12 | 000,000,020 | -HS- | C] () -- D:\Users\Andrew\ntuser.ini
[2010/02/27 23:52:31 | 000,000,000 | -H-- | C] () -- D:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/02/27 23:50:45 | 2615,910,400 | -HS- | C] () -- D:\hiberfil.sys
[2009/07/13 15:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll

========== LOP Check ==========

[2010/03/01 20:34:02 | 000,000,000 | ---D | M] -- D:\Users\Andrew\AppData\Roaming\DAEMON Tools Lite
[2010/03/03 19:41:51 | 000,000,000 | ---D | M] -- D:\Users\Andrew\AppData\Roaming\Foxit
[2010/03/03 20:19:55 | 000,000,000 | ---D | M] -- D:\Users\Andrew\AppData\Roaming\uTorrent
[2010/03/04 00:02:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At1.job
[2010/03/04 09:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At10.job
[2010/03/04 10:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At11.job
[2010/03/04 11:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At12.job
[2010/03/04 12:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At13.job
[2010/03/04 13:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At14.job
[2010/03/04 14:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At15.job
[2010/03/04 15:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At16.job
[2010/03/04 16:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At17.job
[2010/03/03 20:45:52 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At18.job
[2010/03/03 20:45:52 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At19.job
[2010/03/04 01:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At2.job
[2010/03/03 20:45:52 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At20.job
[2010/03/03 20:00:31 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At21.job
[2010/03/03 20:45:52 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At22.job
[2010/03/03 22:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At23.job
[2010/03/03 23:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At24.job
[2010/03/04 02:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At3.job
[2010/03/04 03:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At4.job
[2010/03/04 04:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At5.job
[2010/03/04 05:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At6.job
[2010/03/04 06:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At7.job
[2010/03/04 07:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At8.job
[2010/03/04 08:00:00 | 000,000,380 | ---- | M] () -- D:\Windows\Tasks\At9.job
[2009/07/13 20:53:46 | 000,003,120 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2009/07/13 17:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- D:\Windows\System32\drivers\AGP440.sys
[2009/07/13 17:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- D:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/13 17:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- D:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2010/03/04 00:35:59 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- D:\Windows\System32\drivers\atapi.sys
[2009/07/13 17:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- D:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/13 17:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- D:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2006/02/28 04:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\$WINDOWS.~Q\DATA\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\$WINDOWS.~Q\DATA\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/13 17:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- D:\Windows\System32\cngaudit.dll
[2009/07/13 17:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- D:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2009/07/13 17:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- D:\Windows\System32\drivers\iaStorV.sys
[2009/07/13 17:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- D:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 17:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- D:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/13 17:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- D:\Windows\System32\netlogon.dll
[2009/07/13 17:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- D:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/13 17:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- D:\Windows\System32\drivers\nvstor.sys
[2009/07/13 17:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- D:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 17:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- D:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/13 17:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- D:\Windows\System32\scecli.dll
[2009/07/13 17:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- D:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/13 17:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\Windows\System32\dxtmsft.dll
[2009/07/13 17:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\Windows\System32\dxtrans.dll
[2009/07/13 17:15:28 | 000,186,368 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\Windows\System32\iepeers.dll

< %systemroot%\System32\config\*.sav >

< End of report >

OTL Extras logfile created on: 3/4/2010 4:14:11 PM - Run 1
OTL by OldTimer - Version 3.1.33.0 Folder = D:\Users\Andrew\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 49.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 298.09 Gb Total Space | 69.46 Gb Free Space | 23.30% Space Free | Partition Type: NTFS
Drive D: | 931.37 Gb Total Space | 777.11 Gb Free Space | 83.44% Space Free | Partition Type: NTFS
Drive E: | 186.30 Gb Total Space | 93.09 Gb Free Space | 49.97% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDREW-PC
Current User Name: Andrew
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{2BC9740C-F4F1-4C90-B72E-3F9EDB694309}" = Livestream Procaster
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Foxit Reader" = Foxit Reader
"hon" = Heroes of Newerth
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Revo Uninstaller" = Revo Uninstaller 1.85
"uTorrent" = µTorrent
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/4/2010 12:07:58 AM | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mbam-setup.exe, version: 1.44.0.0, time
stamp: 0x2a425e19 Faulting module name: mbam-setup.exe, version: 1.44.0.0, time
stamp: 0x2a425e19 Exception code: 0x80000003 Fault offset: 0x00009b24 Faulting process
id: 0x1798 Faulting application start time: 0x01cabb50462daf18 Faulting application
path: D:\Users\Andrew\Documents\Downloads\mbam-setup.exe Faulting module path: D:\Users\Andrew\Documents\Downloads\mbam-setup.exe
Report
Id: 8425f9bd-2743-11df-8c71-001fd0819598

Error - 3/4/2010 12:08:19 AM | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mbam-setup.exe, version: 1.44.0.0, time
stamp: 0x2a425e19 Faulting module name: mbam-setup.exe, version: 1.44.0.0, time
stamp: 0x2a425e19 Exception code: 0x80000003 Fault offset: 0x00009b24 Faulting process
id: 0x1660 Faulting application start time: 0x01cabb50529dc3d8 Faulting application
path: D:\Users\Andrew\Documents\Downloads\mbam-setup.exe Faulting module path: D:\Users\Andrew\Documents\Downloads\mbam-setup.exe
Report
Id: 908ce69a-2743-11df-8c71-001fd0819598

Error - 3/4/2010 12:08:29 AM | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mbam-setup.exe, version: 1.44.0.0, time
stamp: 0x2a425e19 Faulting module name: mbam-setup.exe, version: 1.44.0.0, time
stamp: 0x2a425e19 Exception code: 0x80000003 Fault offset: 0x00009b24 Faulting process
id: 0xafc Faulting application start time: 0x01cabb5058890ca8 Faulting application
path: D:\Users\Andrew\Documents\Downloads\mbam-setup.exe Faulting module path: D:\Users\Andrew\Documents\Downloads\mbam-setup.exe
Report
Id: 96902494-2743-11df-8c71-001fd0819598

Error - 3/4/2010 12:09:01 AM | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mbam-setup.exe, version: 1.44.0.0, time
stamp: 0x2a425e19 Faulting module name: mbam-setup.exe, version: 1.44.0.0, time
stamp: 0x2a425e19 Exception code: 0x80000003 Fault offset: 0x00009b24 Faulting process
id: 0x8d4 Faulting application start time: 0x01cabb506b4fb601 Faulting application
path: D:\Users\Andrew\Documents\Downloads\mbam-setup.exe Faulting module path: D:\Users\Andrew\Documents\Downloads\mbam-setup.exe
Report
Id: a94ace4a-2743-11df-8c71-001fd0819598

Error - 3/4/2010 12:09:23 AM | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4b18b14e Faulting module name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4b18b14e Exception code: 0xc0000005 Fault offset: 0x000019fc Faulting process
id: 0xe68 Faulting application start time: 0x01cabb5077f46a78 Faulting application
path: D:\Windows\system32\svchost.exe Faulting module path: D:\Windows\system32\svchost.exe
Report
Id: b6b1b5af-2743-11df-8c71-001fd0819598

Error - 3/4/2010 12:12:44 AM | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4b18b14e Faulting module name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4b18b14e Exception code: 0xc0000005 Fault offset: 0x000019fc Faulting process
id: 0x1544 Faulting application start time: 0x01cabb50eee357c4 Faulting application
path: D:\Windows\system32\svchost.exe Faulting module path: D:\Windows\system32\svchost.exe
Report
Id: 2e7319fc-2744-11df-8c71-001fd0819598

Error - 3/4/2010 12:48:12 AM | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mbam-setup.exe, version: 1.44.0.0, time
stamp: 0x2a425e19 Faulting module name: mbam-setup.exe, version: 1.44.0.0, time
stamp: 0x2a425e19 Exception code: 0x80000003 Fault offset: 0x00009b24 Faulting process
id: 0xb54 Faulting application start time: 0x01cabb55e465abe2 Faulting application
path: D:\Users\Andrew\Documents\Downloads\mbam-setup.exe Faulting module path: D:\Users\Andrew\Documents\Downloads\mbam-setup.exe
Report
Id: 2309c5df-2749-11df-8606-001fd0819598

Error - 3/4/2010 12:48:20 AM | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mbam-setup.exe, version: 1.44.0.0, time
stamp: 0x2a425e19 Faulting module name: mbam-setup.exe, version: 1.44.0.0, time
stamp: 0x2a425e19 Exception code: 0x80000003 Fault offset: 0x00009b24 Faulting process
id: 0x474 Faulting application start time: 0x01cabb55ea0f51e9 Faulting application
path: D:\Users\Andrew\Documents\Downloads\mbam-setup.exe Faulting module path: D:\Users\Andrew\Documents\Downloads\mbam-setup.exe
Report
Id: 27d60bec-2749-11df-8606-001fd0819598

Error - 3/4/2010 1:01:22 AM | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
0x4b6a7c02 Faulting module name: chrome.dll, version: 4.0.249.89, time stamp: 0x4b6a7bcf
Exception
code: 0xc0000005 Fault offset: 0x0001a4bb Faulting process id: 0xd2c Faulting application
start time: 0x01cabb57b670e292 Faulting application path: D:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
module path: D:\Users\Andrew\AppData\Local\Google\Chrome\Application\4.0.249.89\chrome.dll
Report
Id: f9cbe317-274a-11df-b598-001fd0819598

Error - 3/4/2010 1:05:51 AM | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mbam.exe, version: 1.44.0.0, time stamp:
0x4b46461a Faulting module name: mbam.exe, version: 1.44.0.0, time stamp: 0x4b46461a
Exception
code: 0x80000003 Fault offset: 0x00003114 Faulting process id: 0xab8 Faulting application
start time: 0x01cabb585b2f62cb Faulting application path: D:\Program Files\Malwarebytes'
Anti-Malware\mbam.exe Faulting module path: D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
Report
Id: 9a05185d-274b-11df-b598-001fd0819598

[ System Events ]
Error - 3/4/2010 4:14:24 AM | Computer Name = Andrew-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.

Error - 3/4/2010 4:14:26 AM | Computer Name = Andrew-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.

Error - 3/4/2010 4:14:30 AM | Computer Name = Andrew-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.

Error - 3/4/2010 4:14:32 AM | Computer Name = Andrew-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.

Error - 3/4/2010 4:14:35 AM | Computer Name = Andrew-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.

Error - 3/4/2010 4:14:39 AM | Computer Name = Andrew-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.

Error - 3/4/2010 4:14:43 AM | Computer Name = Andrew-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.

Error - 3/4/2010 4:14:47 AM | Computer Name = Andrew-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.

Error - 3/4/2010 4:21:14 AM | Computer Name = Andrew-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.

Error - 3/4/2010 4:21:17 AM | Computer Name = Andrew-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.

< End of report >

I already tried reinstalling, in fact it was the first thing I tried :P

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

  :OTL
  O2 - BHO: (D:\Windows\system32\lsk6b6g7cp.dll) - {A3BA40A2-74F0-42BD-F434-00B15A2C8953} - D:\Windows\System32\lsk6b6g7cp.dll File not found
  O4 - HKLM..\Run: [GrooveMonitor] D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe File not found
  O4 - HKLM..\Run: [Livestream Procaster] D:\Program Files\Livestream Procaster\Procaster.exe File not found
  O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe File not found
  O4 - HKCU..\Run: [uTorrent] D:\Program Files\uTorrent\uTorrent.exe File not found
  O4 - Startup: D:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\61871.lnk = D:\Users\Andrew\AppData\Local\Temp\mvNat.exe File not found
  O20 - AppInit_DLLs: (app_dll.dll) - File not found
  O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
  
  :Commands
  [emptytemp]
  [resethosts]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BA40A2-74F0-42BD-F434-00B15A2C8953}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BA40A2-74F0-42BD-F434-00B15A2C8953}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Livestream Procaster deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
D:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\61871.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:app_dll.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Andrew
->Temp folder emptied: 29279186 bytes
->Temporary Internet Files folder emptied: 42600298 bytes
->Google Chrome cache emptied: 819568 bytes
->Flash cache emptied: 10869 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3540751 bytes
RecycleBin emptied: 10807738 bytes

Total Files Cleaned = 83.00 mb

D:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error: Unable to interpret <[Reboot]:OTL> in the current context!
Error: Unable to interpret <O2 - BHO: (D:\Windows\system32\lsk6b6g7cp.dll) - {A3BA40A2-74F0-42BD-F434-00B15A2C8953} - D:\Windows\System32\lsk6b6g7cp.dll File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [GrooveMonitor] D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Livestream Procaster] D:\Program Files\Livestream Procaster\Procaster.exe File not found> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe File not found> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [uTorrent] D:\Program Files\uTorrent\uTorrent.exe File not found> in the current context!
Error: Unable to interpret <O4 - Startup: D:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\61871.lnk = D:\Users\Andrew\AppData\Local\Temp\mvNat.exe File not found> in the current context!
Error: Unable to interpret <O20 - AppInit_DLLs: (app_dll.dll) - File not found> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.> in the current context!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Andrew
->Temp folder emptied: 32927093 bytes
->Temporary Internet Files folder emptied: 2497736 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 434 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 34.00 mb

D:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.1.33.0 log created on 03042010_190300

Files\Folders moved on Reboot...
File\Folder D:\Users\Andrew\AppData\Local\Temp\fla46B3.tmp not found!
D:\Users\Andrew\AppData\Local\Temp\flaB734.tmp moved successfully.
D:\Users\Andrew\AppData\Local\Temp\~DF1C91C224C06C5924.TMP moved successfully.
D:\Users\Andrew\AppData\Local\Temp\~DF22F259FC0245778E.TMP moved successfully.
D:\Users\Andrew\AppData\Local\Temp\~DF94D4B00B43CBEE70.TMP moved successfully.
D:\Users\Andrew\AppData\Local\Temp\~DFA7EBB24E9D875B93.TMP moved successfully.
D:\Users\Andrew\AppData\Local\Temp\~DFDFAE3C1DFD0719AB.TMP moved successfully.
D:\Users\Andrew\AppData\Local\Temp\~DFFFBB43789B61A635.TMP moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4M1Y84C\ads[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4M1Y84C\BuddyList[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4M1Y84C\button[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4M1Y84C\InboxLight[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4M1Y84C\meebo_com[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4M1Y84C\post1148963[1].html moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4M1Y84C\promotionalGalleryAdEmbed[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4M1Y84C\rollover_blipblipblip[1].html moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4M1Y84C\ToastFull[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKCZ46RP\01[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKCZ46RP\adbrite[2].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKCZ46RP\diggthis[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKCZ46RP\facebook_com[2].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKCZ46RP\google[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKCZ46RP\history_manager[2].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKCZ46RP\im[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKCZ46RP\promotionalGalleryAdEmbed[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKCZ46RP\radioAdEmbed[2].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKCZ46RP\ToastMini[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS445OA5\10[2].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS445OA5\homepageBackButtonFrameIE[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS445OA5\httpsokay[1].html moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS445OA5\optn=64[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS445OA5\pandora_com[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS445OA5\promotionalGalleryAdEmbed[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS445OA5\promotionalGalleryAdEmbed[2].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS445OA5\pyv_watch_request_ad[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS445OA5\sh11[1].html moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JBNV2YCL\ads[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JBNV2YCL\default[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JBNV2YCL\login_status[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JBNV2YCL\radioAdEmbed[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JBNV2YCL\redirectiframe[1].html moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JBNV2YCL\watch[1].htm moved successfully.
D:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...

Not really seeing anything else there. Maybe you will need to remove all references to Chrome from the registry and try installing it again.

how do i go about doing that?

Uninstall Chrome.

Go here http://www.billsway.com/vbspage/ and download, unzip and run the Registry Search Tool.

• Type chrome in the dialog box.
• Let it run and after a few minutes, a prompt will appear.
• Click OK to write the results to Notepad and post them here.

REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "chrome" 3/5/2010 1:38:29 PM

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chrome_RASAPI32]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chrome_RASMANCS]

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Clients\StartMenuInternet]
@="Google Chrome"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Google\Update]
"LastInstallerSuccessLaunchCmdLine"="\"D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\""

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}]
"LastInstallerSuccessLaunchCmdLine"="\"D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\""

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e6dea3f9_0]
@="{0.0.0.00000000}.{27f2bf90-593b-44cb-b408-c39eaa3cefc2}|\\Device\\HarddiskVolume2\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids]
"ChromeHTML"=hex(0):

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
"Progid"="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithProgids]
"ChromeHTML"=hex(0):

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
"Progid"="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithList]
"b"="chrome.exe"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids]
"ChromeHTML"=hex(0):

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
"Progid"="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
"Progid"="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
"Progid"="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice]
"Progid"="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice]
"Progid"="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice]
"Progid"="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe"=dword:00000001

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Classes\.htm]
@="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Classes\.html]
@="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Classes\.shtml]
@="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Classes\.xht]
@="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Classes\.xhtml]
@="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Classes\ftp\DefaultIcon]
@="D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe,0"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Classes\ftp\shell\open\command]
@="\"D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Classes\http\DefaultIcon]
@="D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe,0"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Classes\http\shell\open\command]
@="\"D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Classes\https\DefaultIcon]
@="D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe,0"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Classes\https\shell\open\command]
@="\"D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001_Classes\.htm]
@="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001_Classes\.html]
@="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001_Classes\.shtml]
@="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001_Classes\.xht]
@="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001_Classes\.xhtml]
@="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001_Classes\ftp\DefaultIcon]
@="D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe,0"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001_Classes\ftp\shell\open\command]
@="\"D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001_Classes\http\DefaultIcon]
@="D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe,0"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001_Classes\http\shell\open\command]
@="\"D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001_Classes\https\DefaultIcon]
@="D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe,0"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001_Classes\https\shell\open\command]
@="\"D:\\Users\\Andrew\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\" -- \"%1\""

Please back your Registry with ERUNT.
Follow the link and scroll down to ERUNT and download it.
http://aumha.org/freeware/freeware.php
For the version with the Installer:
Use the setup program to install ERUNT on your computer
For the zipped version:
Unzip all the files into a folder of your choice.
Click Erunt.exe to backup your registry to the folder of your choice.

Note: To restore your registry, go to the folder and start ERDNT.exe

============

Download the attached zip file and unzip fixme.reg. Close all browser windows. Double click the file to run it and when asked if you want to merge with your registry, answer yes.
Reboot when done and check if the entries are gone.
[attach]13939[/attach]

Okay I ran the fixme and i rebooted. What now? (what did you mean by check if the entries are gone?)

Re-run the registry search tool again.

Haha sorry. That's what I thought you meant but just wanted to check.

REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "chrome" 3/6/2010 8:21:57 PM

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\DefaultIcon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\shell]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\shell\Edit]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\shell\Edit\command]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\shell\Print]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\shell\Print\command]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\ShellEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\ShellEx\IconHandler]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\ChromeHTML]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared\HTML]
"KnownIDs"="htmlfile;ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
"Progid"="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
"Progid"="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
"Progid"="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
"Progid"="ChromeHTML"

[HKEY_USERS\S-1-5-21-410888586-2273857637-1047589884-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
"Progid"="ChromeHTML"

Did you try re-installing Chrome?

Yes I have. It still does not work. I also noticed another problem. Whenever I use the google search engine, the search result links do not work properly. I click on the link and it takes me to another page non-related to my search entry.

You do still have Chrome uninstalled, don't you??

If yes, do the following. If no, we have to start again.

Download the attached zip file and unzip fixme.reg. Close all browser windows. Double click the file to run it and when asked if you want to merge with your registry, answer yes.
Reboot when done run the registry script again.
fixme.zip

============

Pleasedownload ComboFix by sUBs from HERE or HERE You must download it to and run it from your Desktop
Physically disconnect from the internet.
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log to post in your next reply along with a fresh HJT log
Re-enable all the programs that were disabled during the running of ComboFix..
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Run Combofix ONCE only!!

I think I'm just going to reformat my hard drive. I just reformatted it last week so I'm not losing much :P
Thank you so much for helping me.
Sorry for wasting your time.
I really appreciate the help/

Thanks,
Andrew

No problem :)

Umm... I tried to format my hard drive.
But it says that the drive is unable to be formatted.

How are you trying to do it?

I boot from my other hard drive. I go to My Computer, I right click the other drive that I'm trying to format.

Try booting from the OS CD and format and install that way.