Angels have the Phone Box
Just a mention here - the 2 hits in MBAM were quarantined by ADWCleaner already.
MBAM logs looks good; HMP log looks good; RKILL log makes me think we might want to run a system file check to fix some bad images in your OS.
Please open an admin command prompt and enter
Notice the space preceding the forward slash.
We're looking for the result "No integrity violations found". If it's anything other than that, please reboot, run it again, rinse and repeat. If you still have no luck with the scan results, please grab a log so we can have a look at the problem(s) in detail:
Open an admin command prompt and type:
This will place a text file on your desktop called sfcdetails.txt. (Note: If you have relocated your user files, you may have to manually find this file.) Please upload the file and PM me when that is completed, as I am not around at present.
findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"
For the step 24 (certificates):
Sounds to me like that cert will be found on your system since that's the infection we identified. I'd like you to please verify that cert is not found:
Type certmgr in the search box and click on Manage Computer Certificates.
Expand Trusted Root Certification to show the sub-folder Certificates.
In the right pane, scroll all the way down - www.cloudguard... should be at the very bottom (it's alphabetical).
Note: If you are not sure how to reset ALL browsers on the system, or how to turn off browser syncing, please ask and we'll be happy to provide instructions.
Please be sure to flush your DNS after clearing cache, resetting, etc.: at an admin command prompt:
Open your NICs' properties one at a time, and make sure your DNS is set to dynamic, or use OpenDNS DNS servers:
Control Panel>Network and Sharing Center>Change Adapter Settings
right-click on each NIC (Network Adapter), select Properties, highlight IPv4, select Properties to verify/change:
It's my understanding that DNSUnlocker may have modified these settings.
Also, please be careful as to what extensions you add to your browsers, as it appeared one of them was a problem.