j - thanks again. don't remember updating the service pack, couldve been a while ago.

i did go into msconfig and actually, after physically disconnecting my modem, unchecked the following startup items: AVG tray (Antivirus), CFP (firewall), ITunesHelper (i'm not sure what that even does), msmsgs (which is apparently MSN messenger - which i no longer even have installed), WMUAgent (wake me up - alarm clock, which is corrupted, and i cant uninstall it), and HP Digital Imaging.

i guess one of these things was getting in the way of the safe mode startup because it worked on the restart, at which point i did run SDFix exactly as you'd instructed. the report is here:


SDFix: Version 1.233
Run by Pat on Wed 10/08/2008 at 21:35

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :

Name :
tdssserv

Path :
\systemroot\system32\drivers\TDSSserv.sys

tdssserv - Deleted



Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found






Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-08 21:45:14
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\explorer.exe"="C:\\WINDOWS\\explorer .exe:*:Enabled:Windows Explorer"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Tue 7 Oct 2008 41,472 A..H. --- "C:\Program Files\WakeMeUp\DelSvc.exe"
Tue 7 Oct 2008 43,008 A..H. --- "C:\Program Files\WakeMeUp\KillProc.exe"
Sun 30 Mar 2008 95 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti35.tmp"
Fri 14 Mar 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Mon 25 Jun 2007 1,171 A..H. --- "C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy\EN6HYalzQ8i\JVgO92mRuBHmF.tmp"
Mon 4 Feb 2008 1,193 A..H. --- "C:\Documents and Settings\Pat\Local Settings\Application Data\HYalzQ8iO\JVgO92mRuBHmF.tmp"

Finished!

-------------------------------

i don't know what tdssserv is, and don't want to jinx anything, because i'm still a little worried what will happen when i forego the selective startup - are any of those startup programmes responsible for any of this? should i try enabling them one by one and run the sdfix on each one like that? or doesn't it work like that?

but anyways, after rebooting this time my AVG Antivirus was finally able to connect to the network and update its definitions, i tested out some links in google and got no redirects, and i was finally able to download .exe files (including ATF-Cleaner and ComboFix) directly from the board here which was all impossible before. there is also no rogue iexplore.exe popping up in my task manager as of yet or any other strange shenanigans.

dont know if you have any further advice (aside from obviously, getting used to my new firewall and anti-virus being mandatory, despite the slight processor slow down, i am definitely not doing this again EVER). let me know what you think, if i'm not out of the woods yet, or anything else you would recommend to make sure we've got to the root of the problem.

in any case, thanks so much again for all your time and help! you are amazing.