Do I have the w32 Blaster?

cottonball and VistaKing, Prescottbob still has adware and can't use Internernet Explorer ... therefor, he's apparently not able to update the Windows "Critical" section!

I'm going to suggest that (YOU) Prescottbob, download AdWareCleaner, save to AdwCleaner Download your desktop.
1.Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
2.Click on Delete button.
3.Confirm each time with OK.
4.Your computer will be rebooted automatically.

A text file will open after the restart. Please post the content of that logfile in your reply.

Once we have this report, we can proceed accordingly.

@cottonball ... CF may be in order here.

Jacee

I noticed that Prescottbob had adware . I didn't say anything to not get in the way of cottonball's instructions .

@Jacee,

Was going to run AdwCleaner next, but, you beat me to it. Trying to work another thread elsewhere...

As far as ComboFix, will give it a whirl, but, it would surprise me if it took care of all those services.

@Prescottbob,

Please do the following before moving on to the next step: System Restore Point - Create

Now, download ComboFix:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Save ComboFix.exe to the Desktop <<---

If it goes to the Downloads folder, please move it to the Desktop using Windows Explorer, or download it to a USB flash drive, and then move to the Desktop..

Now, please disable your AntiVirus and AntiSpyware applications, as they interfere with tools and their removal.
Info on how to disable security applications: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides

Next, double-click combofix.exe and follow the prompts.

When done, ComboFix produces a log: C:\ComboFix.txt
Please attach the ComboFix.txt in your reply. <<---

NOTE: If the following message appears, please reboot to resolve the issue:
"Illegal operation attempted on Registry key that has been marked for deletion."


When done with ComboFix, please run the Farbar Service Scanner, and post its results.

BTW, the command was:

Code:

 
notepad C:\windows\system32\drivers\etc\hosts

The word notepad was left out...

Prescottbob said:

# AdwCleaner v2.300 - Logfile created 05/09/2013 at 18:55:24
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Binnie - BINNIE-PC
# Boot Mode : Normal
# Running from : K:\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****
Folder Found : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\ConduitEngine
Folder Found : C:\Program Files (x86)\IncrediMail_MediaBar_2
Folder Found : C:\Program Files (x86)\IncrediMail_MediaBar_2
Folder Found : C:\Users\Binnie\AppData\Local\Conduit
Folder Found : C:\Users\Binnie\AppData\LocalLow\Conduit
Folder Found : C:\Users\Binnie\AppData\LocalLow\ConduitEngine
Folder Found : C:\Users\Binnie\AppData\LocalLow\IncrediMail_MediaBar_2
Folder Found : C:\Users\Binnie\AppData\LocalLow\IncrediMail_MediaBar_2
***** [Registry] *****
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_2
Key Found : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_2
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Key Found : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\ImInstaller
Key Found : HKLM\Software\IncrediMail_MediaBar_2
Key Found : HKLM\Software\IncrediMail_MediaBar_2
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B5405C27-F93F-42AB-BA7E-5784714FF2D1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B5405C27-F93F-42AB-BA7E-5784714FF2D1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E5EA5D6-B3A2-43F8-83A3-B7A6A1DF99D7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{815CC026-074B-4380-A3E5-E098B2015708}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0092BD7-35DC-49AC-87CE-6CF2D811C0FF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail_MediaBar_2 Toolbar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKU\S-1-5-21-429565886-468534743-1202395684-1000\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Found : HKU\S-1-5-21-429565886-468534743-1202395684-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}]
***** [Internet Browsers] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry is clean.
-\\ Google Chrome v26.0.1410.64
File : C:\Users\Binnie\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [7503 octets] - [09/05/2013 18:50:53]
AdwCleaner[R2].txt - [7442 octets] - [09/05/2013 18:55:24]
########## EOF - C:\AdwCleaner[R2].txt - [7502 octets] ##########

Re-run AdwCleaner and click the button that says DELETE
We need to get rid of this crap!!!


Your computer will be rebooted (once again) automatically. A text file will open after the restart. Please post the content of that logfile in your reply.