Hello again, I think I got infected trying to download a repair manual. Hope I've got this right. Thanks in advance, You guys are awesome!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041
Run by HP-1 at 19:58:13 on 2014-05-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2811.1571 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
c:\programdata\allaboutapp\sw-booster\SW-Booster.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Microsoft Money\System\mnyexpr.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.bing.com/
mStart Page = hxxp://websearch.searchsun.info/?pid=2464&r=2014/05/14&hid=10398662062609684627&lg=EN&cc=US&unqvl=52
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: save aneit: {2BEA4B86-9407-C692-3671-8E96C4F301C4} - C:\Program Files (x86)\save aneit\KHaB.dll
BHO: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - <orphaned>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: {C2210FCF-FBF5-8B8D-569B-C67FDF4A5100} - <orphaned>
BHO: {C89EA58C-3A51-2F17-2549-491D8F8F7EE1} - <orphaned>
BHO: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - <orphaned>
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - <orphaned>
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [MoneyAgent] "C:\Program Files (x86)\Microsoft Money\System\mnyexpr.exe"
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRunOnce: [CryptoUpdate] C:\Windows\System32\rundll32.exe "C:\Users\HP-1\AppData\Roaming\Microsoft\Crypto\RSA\cert_v45_0.tpl",Crypt
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{8F45A79E-3270-4E9C-84B5-AA192F4ED359} : DHCPNameServer = 192.168.2.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
AppInit_DLLs= c:\progra~2\sw-boo~1\assist~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: save aneit: {2BEA4B86-9407-C692-3671-8E96C4F301C4} - C:\Program Files (x86)\save aneit\KHaB.x64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-4-3 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-4-3 202752]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-4-4 2211000]
R2 d0e87c27;SW-Sustainer;C:\Windows\System32\rundll32.exe [2009-7-13 45568]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-4-19 315392]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2014-4-3 1153368]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-4-3 245792]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2014-4-3 38456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-22 111616]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-5 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-4-4 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2014-05-17 23:49:22 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B83BD16-CAF0-44FF-80FF-8F7C7C8096CB}\offreg.dll
2014-05-16 18:15:56 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B83BD16-CAF0-44FF-80FF-8F7C7C8096CB}\mpengine.dll
2014-05-14 22:58:15 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-14 22:58:15 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-14 22:11:06 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-14 22:11:06 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-14 19:11:29 -------- d-----w- C:\ProgramData\SNT
2014-05-14 19:11:28 -------- d-----w- C:\Program Files (x86)\SNT
2014-05-14 19:09:39 -------- d-----w- C:\Users\HP-1\AppData\Local\Programs
2014-05-14 19:09:19 -------- d-----w- C:\ProgramData\AllaboutApp
2014-05-14 19:09:09 -------- d-----w- C:\Program Files (x86)\SW-Booster
2014-05-14 19:08:11 -------- d-----w- C:\ProgramData\YoutubeAdblocker
2014-05-14 19:07:54 -------- d-----w- C:\Users\HP-1\AppData\Local\Packages
2014-05-14 19:07:54 -------- d-----w- C:\ProgramData\save aneit
2014-05-14 19:07:53 -------- d-----w- C:\Program Files (x86)\save aneit
2014-05-14 19:07:37 -------- d-----w- C:\Users\HP-1\AppData\Local\Torch
2014-05-14 19:07:37 -------- d-----w- C:\Users\HP-1\AppData\Local\Google
2014-05-14 19:07:37 -------- d-----w- C:\Users\HP-1\AppData\Local\Comodo
2014-05-14 19:07:37 -------- d-----w- C:\Users\HP-1\AppData\Local\Chromatic Browser
2014-05-14 19:07:37 -------- d-----w- C:\ProgramData\d2808d5d71b70d18
2014-05-14 19:06:39 -------- d-----w- C:\ProgramData\InstallMate
2014-05-14 15:52:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2014-05-14 15:52:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2014-05-14 15:52:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2014-05-14 15:52:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2014-05-14 15:52:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2014-05-13 16:13:35 -------- d-----w- C:\Program Files (x86)\iPhoneSMSExport
2014-05-13 16:08:00 -------- d-----w- C:\Users\HP-1\AppData\Local\Apple Computer
2014-05-13 16:07:52 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2014-05-13 16:07:15 -------- d-----w- C:\Program Files\iPod
2014-05-13 16:07:14 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-13 16:07:14 -------- d-----w- C:\Program Files\iTunes
2014-05-13 16:07:14 -------- d-----w- C:\Program Files (x86)\iTunes
2014-05-13 16:06:15 -------- d-----w- C:\Users\HP-1\AppData\Local\Apple
2014-05-13 16:05:40 -------- d-----w- C:\Program Files\Bonjour
2014-05-13 16:05:40 -------- d-----w- C:\Program Files (x86)\Bonjour
2014-05-12 16:22:39 400168 ----a-w- C:\Windows\System32\SynCOM.dll
2014-05-12 16:22:39 271144 ----a-w- C:\Windows\System32\SynCtrl.dll
2014-05-12 16:22:39 215336 ----a-w- C:\Windows\System32\SynTPAPI.dll
2014-05-12 16:22:39 214312 ----a-w- C:\Windows\SysWow64\SynCtrl.dll
2014-05-12 16:22:39 173352 ----a-w- C:\Windows\SysWow64\SynCOM.dll
2014-05-12 16:22:39 147752 ----a-w- C:\Windows\System32\SynTPCo4.dll
2014-05-12 16:22:39 1390640 ----a-w- C:\Windows\System32\drivers\SynTP.sys
2014-05-12 16:22:39 107816 ----a-w- C:\Windows\SysWow64\SynTPCOM.dll
2014-05-12 16:09:14 439808 ----a-w- C:\Windows\System32\athihvs.dll
2014-05-12 16:09:14 -------- d-----w- C:\Windows\Options
2014-05-08 13:48:42 227704 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-05-03 21:48:15 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2014-05-02 11:27:38 -------- d-s---w- C:\Windows\System32\CompatTel
2014-04-26 15:20:43 -------- d-----w- C:\Users\HP-1\AppData\Roaming\HpUpdate
2014-04-22 22:50:23 -------- d-sh--w- C:\Users\HP-1\AppData\Local\EmieUserList
2014-04-22 22:50:23 -------- d-sh--w- C:\Users\HP-1\AppData\Local\EmieSiteList
2014-04-18 01:33:14 -------- d-----w- C:\Windows\Migration
.
==================== Find3M ====================
.
2014-05-14 14:23:20 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 14:23:20 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-06 22:26:39 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-06 01:29:47 175616 ----a-w- C:\Windows\System32\msclmd.dll
2014-04-06 01:29:47 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2014-04-03 22:21:42 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2014-04-03 22:21:41 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-04-03 22:21:41 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2014-04-03 22:12:23 0 ----a-w- C:\Windows\ativpsrm.bin
2014-03-31 13:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll
2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-03-04 09:47:01 5550016 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:20 39936 ----a-w- C:\Windows\System32\wincredprovider.dll
2014-03-04 09:44:10 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-03-04 09:44:08 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-03-04 09:44:06 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-03-04 09:44:03 722944 ----a-w- C:\Windows\System32\objsel.dll
2014-03-04 09:44:03 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-03-04 09:44:00 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-03-04 09:44:00 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2014-03-04 09:43:56 57344 ----a-w- C:\Windows\System32\cngprovider.dll
2014-03-04 09:43:56 52736 ----a-w- C:\Windows\System32\dpapiprovider.dll
2014-03-04 09:43:56 44544 ----a-w- C:\Windows\System32\dimsroam.dll
2014-03-04 09:43:56 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-03-04 09:43:55 56832 ----a-w- C:\Windows\System32\adprovider.dll
2014-03-04 09:43:55 53760 ----a-w- C:\Windows\System32\capiprovider.dll
2014-03-04 09:43:50 455168 ----a-w- C:\Windows\System32\winlogon.exe
2014-03-04 09:20:11 3969984 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2014-03-04 09:20:11 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-03-04 09:16:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
2014-03-03 00:48:02 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2014-03-03 00:48:02 608080 ----a-w- C:\Windows\System32\msvcp100.dll
2014-03-02 23:23:56 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2014-03-02 23:23:56 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
.
============= FINISH: 19:58:56.57 ===============


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-05-17 20:02:31
-----------------------------
20:02:31.817 OS Version: Windows x64 6.1.7601 Service Pack 1
20:02:31.817 Number of processors: 2 586 0x603
20:02:31.817 ComputerName: HP-1-HP UserName: HP-1
20:02:33.080 Initialize success
20:22:39.489 AVAST engine defs: 14051700
20:25:53.709 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000054
20:25:53.709 Disk 0 Vendor: WDC_WD32 02.0 Size: 305245MB BusType: 11
20:25:53.865 Disk 0 MBR read successfully
20:25:53.881 Disk 0 MBR scan
20:25:53.881 Disk 0 unknown MBR code
20:25:53.912 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
20:25:53.928 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287180 MB offset 409600
20:25:53.974 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17761 MB offset 588554240
20:25:53.990 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
20:25:54.162 Disk 0 scanning C:\Windows\system32\drivers
20:26:07.905 Service scanning
20:27:01.491 Modules scanning
20:27:01.507 Disk 0 trace - called modules:
20:27:01.554 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
20:27:01.569 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80031b0060]
20:27:01.585 3 CLASSPNP.SYS[fffff8800197543f] -> nt!IofCallDriver -> [0xfffffa80021d8b80]
20:27:01.600 5 amdxata.sys[fffff880010727a8] -> nt!IofCallDriver -> \Device\00000054[0xfffffa800302c0e0]
20:27:02.973 AVAST engine scan C:\Windows
20:27:05.703 AVAST engine scan C:\Windows\system32
20:31:30.253 AVAST engine scan C:\Windows\system32\drivers
20:31:45.587 AVAST engine scan C:\Users\HP-1
20:34:49.371 AVAST engine scan C:\ProgramData
20:34:50.619 File: C:\ProgramData\AllaboutApp\SW-Booster\SW-Booster.exe **INFECTED** Win32:Agent-ASOC [Adw]
20:35:38.761 Scan finished successfully
20:36:56.746 Disk 0 MBR has been saved successfully to "C:\Users\HP-1\Desktop\MBR.dat"
20:36:56.761 The log file has been saved successfully to "C:\Users\HP-1\Desktop\aswMBR.txt"

hi,

Download and run the free version of Malwarebytes. It will help clean stuff up and you can keep and use it as another antimalware app.

Please download the free version of Malwarebytes (http://www.malwarebytes.org/products/malwarebytes_free) to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.

Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.

Be sure that everything is checked, and click *Remove Selected.*

*A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*

When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Post the log in your reply.

Do you have a resident antivirus installed on your machine?

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/19/2014
Scan Time: 11:12:19 AM
Logfile: 5-19-2014 mwb log.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.19.05
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: HP-1

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 279855
Time Elapsed: 17 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.MultiPlug.A, C:\ProgramData\AllaboutApp\SW-Booster\SW-Booster.exe, 1764, Delete-on-Reboot, [f051a9aa5e1dd561c1e839f88879d62a]

Modules: 1
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\save aneit\KHaB.dll, Delete-on-Reboot, [80c154ff413a6bcb996fae9ce02158a8],

Registry Keys: 15
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\S-5944234096, Quarantined, [f051a9aa5e1dd561c1e839f88879d62a],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2BEA4B86-9407-C692-3671-8E96C4F301C4}, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2BEA4B86-9407-C692-3671-8E96C4F301C4}, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2BEA4B86-9407-C692-3671-8E96C4F301C4}, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\naet, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\naet.5.14, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\naet, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\naet.5.14, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{2BEA4B86-9407-C692-3671-8E96C4F301C4}, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{2BEA4B86-9407-C692-3671-8E96C4F301C4}\INPROCSERVER32, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-1146045571-2913081947-568738549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2BEA4B86-9407-C692-3671-8E96C4F301C4}, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-1146045571-2913081947-568738549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2BEA4B86-9407-C692-3671-8E96C4F301C4}, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{2BEA4B86-9407-C692-3671-8E96C4F301C4}, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{2BEA4B86-9407-C692-3671-8E96C4F301C4}, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.YoutubeAdblocker.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, Quarantined, [90b1c98ab8c3c76f2264740289799070],

Registry Values: 1
Trojan.Agent.ED, HKU\S-1-5-21-1146045571-2913081947-568738549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|CryptoUpdate, C:\Windows\system32\rundll32.exe "C:\Users\HP-1\AppData\Roaming\Microsoft\Crypto\RSA\cert_v45_0.tpl",Crypt, Quarantined, [fe4323309fdc76c0698aed8ac43d47b9]

Registry Data: 2
Trojan.SProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\progra~2\sw-boo~1\assist~1.dll, Good: (), Bad: (c:\progra~2\sw-boo~1\assist~1.dll),Replaced,[053c21323942241281e12b2f9869b44c]
PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://websearch.searchsun.info/?pid=2464&r=2014/05/14&hid=10398662062609684627&lg=EN&cc=US&unqvl=52, Good: (http://www.google.com), Bad: (http://websearch.searchsun.info/?pid=2464&r=2014/05/14&hid=10398662062609684627&lg=EN&cc=US&unqvl=52),Replaced,[e859b1a254271f17ea7ed272778d29d7]

Folders: 2
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT, Quarantined, [c180a1b20a71fb3bc8d18b120df523dd],
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, Quarantined, [90b1c98ab8c3c76f2264740289799070],

Files: 11
PUP.Optional.MultiPlug.A, C:\ProgramData\AllaboutApp\SW-Booster\SW-Booster.exe, Delete-on-Reboot, [f051a9aa5e1dd561c1e839f88879d62a],
Trojan.SProtector, C:\Program Files (x86)\SW-Booster\Assistant.dll, Delete-on-Reboot, [053c21323942241281e12b2f9869b44c],
Trojan.SProtector, C:\Program Files (x86)\SW-Booster\AssistantSvc.dll, Delete-on-Reboot, [c57cc291532864d2016225352cd5b947],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\save aneit\KHaB.dll, Delete-on-Reboot, [80c154ff413a6bcb996fae9ce02158a8],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\save aneit\KHaB.x64.dll, Quarantined, [80c154ff413a6bcb996fae9ce02158a8],
Trojan.Agent.ED, C:\Users\HP-1\AppData\Roaming\Microsoft\Crypto\RSA\cert_v45_0.tpl, Delete-on-Reboot, [fe4323309fdc76c0698aed8ac43d47b9],
PUP.Optional.SWBooster.A, C:\Windows\Tasks\SW-Booster-S-5944234096.job, Quarantined, [5de4f65d3b400a2ca95c2868d72b13ed],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT\kl8Zs4N.tlb, Quarantined, [c180a1b20a71fb3bc8d18b120df523dd],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT\kl8Zs4N.dat, Quarantined, [c180a1b20a71fb3bc8d18b120df523dd],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SNT\kl8Zs4N.dll, Quarantined, [c180a1b20a71fb3bc8d18b120df523dd],
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker\kDjuFAHVRi.exe, Quarantined, [90b1c98ab8c3c76f2264740289799070],

Physical Sectors: 0
(No malicious items detected)


I got a warning on reboot that something wasn't found and I had to open the malwarebytes log from inside the program and export it.


I have no antivirus installed



Thanks

(end)

Ok lets get some AV installed then we can come back to where we started. Here are some free choices for AV. On my Window machines I have used Avria and Panda Cloud. But its just a personal preference. You could try them all out if you really wanted to and keep the one you like.....One at a time of course. In any case download one and get it installed and do a full sytem scan with it, then post back afterwards.

Avria (https://www.avira.com/en/avira-free-antivirus)
Avast (http://www.avast.com/index)
AVG Free (http://free.avg.com/us-en/free-antivirus-download)
Bitdefender (http://www.bitdefender.com/solutions/free.html)
Comodo AV (http://antivirus.comodo.com/)
Panda Cloud AV (http://www.cloudantivirus.com/en/)
Forticlient (http://forticlient.com/)

Installed Avira, scan looks good.



Avira Free Antivirus
Report file date: Tuesday, May 20, 2014 13:16


The program is running as an unrestricted full version.
Online services are available.

Licensee : Avira Antivirus Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : SYSTEM
Computer name : HP-1-HP

Version information:
BUILD.DAT : 14.0.4.642 57086 Bytes 5/9/2014 11:16:00
AVSCAN.EXE : 14.0.4.632 1030736 Bytes 5/9/2014 15:16:43
AVSCANRC.DLL : 14.0.4.620 52304 Bytes 5/9/2014 15:16:43
LUKE.DLL : 14.0.4.620 57936 Bytes 5/9/2014 15:16:56
AVSCPLR.DLL : 14.0.4.620 89680 Bytes 5/9/2014 15:16:43
AVREG.DLL : 14.0.4.632 261200 Bytes 5/9/2014 15:16:43
avlode.dll : 14.0.4.638 583760 Bytes 5/9/2014 15:16:43
avlode.rdf : 14.0.4.22 64276 Bytes 5/20/2014 01:49:45
VBASE000.VDF : 7.11.70.0 66736640 Bytes 4/4/2013 15:16:59
VBASE001.VDF : 7.11.74.226 2201600 Bytes 4/30/2013 15:16:59
VBASE002.VDF : 7.11.80.60 2751488 Bytes 5/28/2013 15:16:59
VBASE003.VDF : 7.11.85.214 2162688 Bytes 6/21/2013 15:16:59
VBASE004.VDF : 7.11.91.176 3903488 Bytes 7/23/2013 15:16:59
VBASE005.VDF : 7.11.98.186 6822912 Bytes 8/29/2013 15:16:59
VBASE006.VDF : 7.11.139.38 15708672 Bytes 3/27/2014 15:16:59
VBASE007.VDF : 7.11.145.136 2117120 Bytes 4/28/2014 15:16:59
VBASE008.VDF : 7.11.145.137 2048 Bytes 4/28/2014 15:16:59
VBASE009.VDF : 7.11.145.138 2048 Bytes 4/28/2014 15:16:59
VBASE010.VDF : 7.11.145.139 2048 Bytes 4/28/2014 15:16:59
VBASE011.VDF : 7.11.145.140 2048 Bytes 4/28/2014 15:16:59
VBASE012.VDF : 7.11.145.141 2048 Bytes 4/28/2014 15:16:59
VBASE013.VDF : 7.11.146.20 166912 Bytes 4/29/2014 15:16:59
VBASE014.VDF : 7.11.146.131 194048 Bytes 5/1/2014 15:16:59
VBASE015.VDF : 7.11.146.243 167936 Bytes 5/3/2014 15:16:59
VBASE016.VDF : 7.11.147.97 122368 Bytes 5/5/2014 15:16:59
VBASE017.VDF : 7.11.147.207 169472 Bytes 5/6/2014 15:16:59
VBASE018.VDF : 7.11.148.61 174080 Bytes 5/8/2014 15:16:59
VBASE019.VDF : 7.11.148.149 257024 Bytes 5/9/2014 01:49:48
VBASE020.VDF : 7.11.148.241 135168 Bytes 5/12/2014 01:49:49
VBASE021.VDF : 7.11.149.61 139264 Bytes 5/13/2014 01:49:50
VBASE022.VDF : 7.11.149.169 160256 Bytes 5/15/2014 01:49:52
VBASE023.VDF : 7.11.150.31 189440 Bytes 5/17/2014 01:49:55
VBASE024.VDF : 7.11.150.119 157696 Bytes 5/20/2014 01:49:58
VBASE025.VDF : 7.11.150.120 2048 Bytes 5/20/2014 01:49:58
VBASE026.VDF : 7.11.150.121 2048 Bytes 5/20/2014 01:49:58
VBASE027.VDF : 7.11.150.122 2048 Bytes 5/20/2014 01:49:59
VBASE028.VDF : 7.11.150.123 2048 Bytes 5/20/2014 01:49:59
VBASE029.VDF : 7.11.150.124 2048 Bytes 5/20/2014 01:49:59
VBASE030.VDF : 7.11.150.125 2048 Bytes 5/20/2014 01:49:59
VBASE031.VDF : 7.11.150.164 152064 Bytes 5/20/2014 15:39:25
Engine version : 8.3.18.22
AEVDF.DLL : 8.3.0.4 118976 Bytes 5/9/2014 15:16:42
AESCRIPT.DLL : 8.1.4.204 528584 Bytes 5/20/2014 01:49:42
AESCN.DLL : 8.3.0.2 135360 Bytes 5/9/2014 15:16:42
AESBX.DLL : 8.2.20.24 1409224 Bytes 5/9/2014 15:16:42
AERDL.DLL : 8.2.0.138 704888 Bytes 5/9/2014 15:16:42
AEPACK.DLL : 8.4.0.24 778440 Bytes 5/20/2014 01:49:40
AEOFFICE.DLL : 8.3.0.4 205000 Bytes 5/9/2014 15:16:42
AEHEUR.DLL : 8.1.4.1066 6705352 Bytes 5/20/2014 01:49:35
AEHELP.DLL : 8.3.0.0 274808 Bytes 5/9/2014 15:16:42
AEGEN.DLL : 8.1.7.26 450752 Bytes 5/9/2014 15:16:42
AEEXP.DLL : 8.4.1.312 569544 Bytes 5/9/2014 15:16:42
AEEMU.DLL : 8.1.3.2 393587 Bytes 5/9/2014 15:16:42
AECORE.DLL : 8.3.0.6 241864 Bytes 5/9/2014 15:16:42
AEBB.DLL : 8.1.1.4 53619 Bytes 5/9/2014 15:16:42
AVWINLL.DLL : 14.0.4.620 24144 Bytes 5/9/2014 15:16:44
AVPREF.DLL : 14.0.4.632 50256 Bytes 5/9/2014 15:16:43
AVREP.DLL : 14.0.4.620 219216 Bytes 5/9/2014 15:16:43
AVARKT.DLL : 14.0.4.632 225872 Bytes 5/9/2014 15:16:43
AVEVTLOG.DLL : 14.0.4.620 182352 Bytes 5/9/2014 15:16:43
SQLITE3.DLL : 14.0.4.620 452176 Bytes 5/9/2014 15:16:58
AVSMTP.DLL : 14.0.4.620 76368 Bytes 5/9/2014 15:16:43
NETNT.DLL : 14.0.4.620 13392 Bytes 5/9/2014 15:16:57
RCIMAGE.DLL : 14.0.4.620 4980816 Bytes 5/9/2014 15:16:57
RCTEXT.DLL : 14.0.4.620 73296 Bytes 5/9/2014 15:16:58

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended

Start of the scan: Tuesday, May 20, 2014 13:16

Start scanning boot sectors:
Boot sector 'HDD0(C:, D:)'
[INFO] No virus was found!

Starting search for hidden objects.

The scan of running processes will be started:
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'atiesrxx.exe' - '26' Module(s) have been scanned
Scan process 'svchost.exe' - '95' Module(s) have been scanned
Scan process 'svchost.exe' - '130' Module(s) have been scanned
Scan process 'svchost.exe' - '81' Module(s) have been scanned
Scan process 'svchost.exe' - '143' Module(s) have been scanned
Scan process 'atieclxx.exe' - '30' Module(s) have been scanned
Scan process 'svchost.exe' - '74' Module(s) have been scanned
Scan process 'WLANExt.exe' - '35' Module(s) have been scanned
Scan process 'conhost.exe' - '16' Module(s) have been scanned
Scan process 'spoolsv.exe' - '94' Module(s) have been scanned
Scan process 'taskhost.exe' - '56' Module(s) have been scanned
Scan process 'sched.exe' - '60' Module(s) have been scanned
Scan process 'Dwm.exe' - '34' Module(s) have been scanned
Scan process 'Explorer.EXE' - '171' Module(s) have been scanned
Scan process 'svchost.exe' - '66' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'AERTSr64.exe' - '8' Module(s) have been scanned
Scan process 'avguard.exe' - '106' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '76' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '35' Module(s) have been scanned
Scan process 'CinemanowSvc.exe' - '47' Module(s) have been scanned
Scan process 'OfficeClickToRun.exe' - '98' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'HPWMISVC.exe' - '36' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '27' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'Avira.OE.ServiceHost.exe' - '124' Module(s) have been scanned
Scan process 'SDWinSec.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '34' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '51' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '60' Module(s) have been scanned
Scan process 'RtkNGUI64.exe' - '46' Module(s) have been scanned
Scan process 'LightScribeControlPanel.exe' - '38' Module(s) have been scanned
Scan process 'mnyexpr.exe' - '77' Module(s) have been scanned
Scan process 'iCloudServices.exe' - '77' Module(s) have been scanned
Scan process 'ApplePhotoStreams.exe' - '121' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '99' Module(s) have been scanned
Scan process 'SynTPHelper.exe' - '17' Module(s) have been scanned
Scan process 'hpwuschd2.exe' - '24' Module(s) have been scanned
Scan process 'HPMSGSVC.exe' - '58' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '33' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '77' Module(s) have been scanned
Scan process 'Avira.OE.Systray.exe' - '134' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '55' Module(s) have been scanned
Scan process 'hpqwmiex.exe' - '46' Module(s) have been scanned
Scan process 'iPodService.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'hpqSTE08.exe' - '62' Module(s) have been scanned
Scan process 'hpqbam08.exe' - '34' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '106' Module(s) have been scanned
Scan process 'hpqgpc01.exe' - '56' Module(s) have been scanned
Scan process 'APSDaemon.exe' - '83' Module(s) have been scanned
Scan process 'MOM.exe' - '69' Module(s) have been scanned
Scan process 'CCC.exe' - '160' Module(s) have been scanned
Scan process 'hpsa_service.exe' - '54' Module(s) have been scanned
Scan process 'HPWA_Service.exe' - '71' Module(s) have been scanned
Scan process 'RtVOsdService.exe' - '29' Module(s) have been scanned
Scan process 'RtVOsd.exe' - '32' Module(s) have been scanned
Scan process 'HPWA_Main.exe' - '89' Module(s) have been scanned
Scan process 'avcenter.exe' - '118' Module(s) have been scanned
Scan process 'avscan.exe' - '127' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '66' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned

Starting to scan executable files (registry):
The registry was scanned ( '2134' files ).


Starting the file scan:

Begin scan in 'C:\'
Begin scan in 'D:\' <RECOVERY>


End of the scan: Tuesday, May 20, 2014 14:46
Used time: 1:29:30 Hour(s)

The scan has been done completely.

29507 Scanned directories
981380 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
981380 Files not concerned
3441 Archives were scanned
0 Warnings
0 Notes
1055970 Objects were scanned with rootkit scan
0 Hidden objects were found


Thanks! What's next?

Ok good. Based on what MBAM found you can run Adwcleaner:

Please download [URL="http://www.bleepingcomputer.com/download/adwcleaner/dl/125/"]AdwCleaner to your desktop.
Rt click and select run as admin.
Click on SCAN. Once the scan completes, click on report.
Please copy/paste the report in your next reply.
Exit Adwcleaner with File>Exit.

# AdwCleaner v3.210 - Report created 20/05/2014 at 21:17:56
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : HP-1 - HP-1-HP
# Running from : C:\Users\HP-1\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Program Files (x86)\save aneit
Folder Found : C:\Program Files (x86)\SW-Booster
Folder Found : C:\ProgramData\save aneit
Folder Found : C:\ProgramData\SNT
Folder Found : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ancoojpdihofopaphknkbacijhcimokf
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjdokncjbcfcpjafkaoflkkhjlbnojj
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ancoojpdihofopaphknkbacijhcimokf
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjdokncjbcfcpjafkaoflkkhjlbnojj
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ancoojpdihofopaphknkbacijhcimokf
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjdokncjbcfcpjafkaoflkkhjlbnojj
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Found : C:\Users\HP-1\AppData\Local\Chromatic Browser
Folder Found : C:\Users\HP-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ancoojpdihofopaphknkbacijhcimokf
Folder Found : C:\Users\HP-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjdokncjbcfcpjafkaoflkkhjlbnojj
Folder Found : C:\Users\HP-1\AppData\Local\torch

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL
Key Found : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Key Found : HKLM\Software\SW-Booster
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [4634 octets] - [20/05/2014 21:17:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4694 octets] ##########

ok good.Now rerun adwcleaner like before and after the scan is finished this time click on the clean button to remove all the items it found.

# AdwCleaner v3.210 - Report created 21/05/2014 at 11:47:49
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : HP-1 - HP-1-HP
# Running from : C:\Users\HP-1\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\SNT
Folder Deleted : C:\ProgramData\save aneit
Folder Deleted : C:\Program Files (x86)\SW-Booster
Folder Deleted : C:\Program Files (x86)\save aneit
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\HP-1\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HP-1\AppData\Local\torch
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ancoojpdihofopaphknkbacijhcimokf
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ancoojpdihofopaphknkbacijhcimokf
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ancoojpdihofopaphknkbacijhcimokf
Folder Deleted : C:\Users\HP-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ancoojpdihofopaphknkbacijhcimokf
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjdokncjbcfcpjafkaoflkkhjlbnojj
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjdokncjbcfcpjafkaoflkkhjlbnojj
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjdokncjbcfcpjafkaoflkkhjlbnojj
Folder Deleted : C:\Users\HP-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjdokncjbcfcpjafkaoflkkhjlbnojj

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\SW-Booster
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [4786 octets] - [20/05/2014 21:17:56]
AdwCleaner[R1].txt - [4846 octets] - [21/05/2014 11:41:07]
AdwCleaner[S0].txt - [4714 octets] - [21/05/2014 11:47:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4774 octets] ##########



done

ok, good. So hows it all looking on your end now?

Everything is cleared up and it's running great!
Thanks for your help!
Can I download and run Malwarebytes and Avira on my other computer. It's not showing any signs of being infected.

Again Thanks,
John

ok Good. Your welcome. Download MBAM to the other machine and use it. Remember the free version must be updated manually and a scan started manually. Avria can be downloaded also but only need one Antivirus installed on a machine.