Need help, caught a virus!

[itzbilly]

Hi, looking for some help here.

I use Windows Seven 32 Bit Ultimate.

Last night, while trying to watch a downloaded video, my sister clicked on the "Download codec" link that came up from the video. It was one of those WMV videos that are fake files of popular TV shows.

Well, I woke up this morning and was met with 7 infected files (through my auto scans from Malwarebytes and AVG). Malwarebytes had frozen when I attempted to heal and remove the files so I re-scanned and cleaned the files in Safe Mode.

Right now, I cannot find any additional malicious files with either Malwarebyte nor AVG but I am met with this message when I try to go to certain sites, such as weather.com or even Facebook.com:

Restricted Site!
This web site is restricted based on your security preferences.

Your system is infected. Please activate your antivirus software.

In addition to this showing up on certain sites, eBay listings are also showing up without their proper CSS designs. Once colorful listings are now restricted to black and white with Times New Roman font.


I have followed the instructions on this thread here before posting this: http://forum.networktechs.com/showthread.php?t=49c

I did not find any suspicious programs in the Add or Remove Programs screen.

Results of Microsoft Windows Malicious Software Removal Tool:
Backdoor:WinNT/Rustock.gen!B, which was removed. The rest were not infected.

I was able to, and have, run ATF-Cleaner.

This is my MBAM log:

Malwarebytes' Anti-Malware 1.44
Database version: 3622
Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

2/17/2010 8:42:49 PM
mbam-log-2010-02-17 (20-42-49).txt

Scan type: Full Scan (C:\|F:\|)
Objects scanned: 347570
Time elapsed: 49 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

ESETScanLog:

C:\Windows\System32\warnings.html Win32/TrojanDownloader.FakeAlert.AUD trojan
F:\backup for format\downloadss\CW.ESU.2010.MSIZ\CW.ESU.2010.MSI Z\Jcberry526 -CW-\[WinXP] Extreme Se7en 2010 Ultimate [Final + SP3] Created By Jcberry526 [CW OS Team].iso probably a variant of Win32/Agent trojan
F:\backup for format\USB_MultiBoot_10\MULTI_CONTENT\wintools\oth ertools\ProduKey.exe Win32/PSWTool.ProductKey.126 application
F:\backup for format\Windows_XP_Genuine_Maker\Windows XP SP2 Genuine Maker\keyfinder.exe a variant of Win32/PSWTool.RAS.A application
F:\Downloads\Nero 7.10.1.0\Nero 7.10.1.0\Nero 7.10.1.0.exe Win32/Toolbar.AskSBar application

HJT Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:55:08 AM, on 2/18/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Razer\Diamondback 3G\razerhid.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Razer\Diamondback 3G\razertra.exe
C:\Program Files\Razer\Diamondback 3G\razerofa.exe
C:\Users\xFIREx\Desktop\windows-kb890830-v3.4.exe
c:\7ec4433555c1576162aaf51a620f65\mrtstub.exe
C:\Windows\system32\MRT.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\xFIREx\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe
O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Security essentials 2010] C:\Program Files\Securityessentials2010\SE2010.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Security essentials 2010] C:\Program Files\Securityessentials2010\SE2010.exe (User 'Default user')
O4 - Startup: Logitech Touch Mouse Server.lnk = C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\helpers32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\helpers32.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.buy-security-essentials.com
O15 - Trusted Zone: http://*.download-soft-package.com
O15 - Trusted Zone: http://*.download-software-package.com
O15 - Trusted Zone: http://*.get-key-se10.com
O15 - Trusted Zone: http://*.is-software-download.com
O15 - Trusted Zone: http://*.buy-security-essentials.com (HKLM)
O15 - Trusted Zone: http://*.get-key-se10.com (HKLM)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 8490 bytes

Uninstall List:

µTorrent
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
Adobe AIR
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe Creative Suite 4 Design Premium
Adobe Creative Suite 4 Design Premium
Adobe CSI CS4
Adobe Default Language CS4
Adobe Dynamiclink Support
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Fireworks CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Player
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe SING CS4
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Advanced Audio FX Engine
AIM 7
Aion: Collector's Edition
Apple Mobile Device Support
Apple Software Update
AVG 9.0
Bonjour
Call of Duty Modern Warfare 2
Connect
Convert MP4 to MP3 1.5
Creative Live! Cam Optia Pro (VF0380) Driver (1.03.03.00)
Creative Live! Central
Dragon Age: Origins
EditPlus 3
ESET Online Scanner v3
Foxit Reader
HijackThis 2.0.2
InterVideo Home Theater
iPhoneBrowser
iTunes
iTunesKeys v1.57
Java(TM) 6 Update 16
Java(TM) 6 Update 17
K-Lite Mega Codec Pack 5.5.1
kuler
Left 4 Dead 2
Logitech GamePanel Software 3.04.137
Logitech Touch Mouse Server 1.0
Malwarebytes' Anti-Malware
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.5.8)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Ultra Edition
neroxml
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
ooVoo
PDF Settings CS4
Photoshop Camera Raw
Pixel Bender Toolkit
QuickTime
Ralink RT2870 Wireless LAN Card
Razer Diamondback 3G
Realtek High Definition Audio Driver
Steam
Suite Shared Configuration CS4
TomTom HOME 2.7.3.1894
TomTom HOME Visual Studio Merge Modules
TuneUp Utilities 2009
WBFS Manager 2.5
Windows Mobile Device Center
WinRAR archiver
WinSCP 4.2.5

I have also noticed that certain sites redirect to different search engines. Ex: I click on a wikiHow link through google search results and it would bring me to addresses.com with the search results that I had entered through Google. This had never happened to me before.

Please help asap! Thank you!

[itzbilly]

Upon further inspection on my post, I noticed these two things in my Uninstall list that I don't see when trying to uninstall a program:

Connect
kuler

Should I be worried?

[jholland1964]

Turn off the uTorrent program and LEAVE IT OFF until the computer is clean. Cannot believe you are putting a new system at such a risk by using P2P file sharing. This is the easiest way to get an infection, as you are now seeing and your system IS infected.

Your HJT scan shows that the ESET online scan was running when you ran the HJT scan AND your antivirus program was active during that scan. The instructions clearly say, both on this site AND on the ESET site that your antivirus program must be fully turned OFF during the scan.

Your MBA-M program is out of date. Please update it and run a full scan again. You are showing database version Database version: 3622 and the most current version is 3758 so you are 130 behind. You now need to run it in Normal Mode. It doesn't load all of its drivers in safe mode and therefore does not scan all files. Please update and do it again. Reboot the computer.

Run HiJackThis again and post back here with the MBA-M log and the HiJackThis log. Please just copy/paste the logs don't enclose them in quote boxes.

[itzbilly]

Sorry about the running of AVG (wasn't running a scan) and Windows malicious removal tool at the same time, just hoped to get this post up asap for some help. As for utorrent, nothing is being downloaded and uploaded and I am sure it wasn't open at the time of the scan so this is news to me. I will post up the results asap, but I am unable to run any scans, it seems, since my Internet is currently down and I cannot download the newest version of mbam, nor run eset. Thanks for the quick reply, I look forward to more help on my next post!

[jholland1964]

Sorry about the running of AVG (wasn't running a scan) and Windows malicious removal tool at the same time, just hoped to get this post up asap for some help.

Makes no difference if AVG or Windows Malicious Removal tool were running scans or not the instructions are very clear, they are supposed to be turned off COMPLETELY when running the ESET scanner.
But what I was pointing out in the HJT log were all of this are these entries in RUNNING PROCESSES, meaning these programs WERE running when the HJT log was also run:
C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
These should NOT have been showing in the running processes when the HJT scanner was running. They would not have been running if the computer had been rebooted after the ESET Scan was 100% complete.

And while the HJT was doing It's scan AND the ESET ONLINE SCANNER was also doing It's scan the HJT log clearly shows that AVG was TURNED on...No it was not scanning but it was TURNED ON as shown by this entry in the HJT log:
C:\Program Files\AVG\AVG9\avgtray.exe
. The instructions for ESET clearly state:

You will need to temporarily Disable your current Anti-virus program.

, meaning it should be completely TURNED OFF. This is likely one reason ESET Scanner obviously was not finished because the log you posted was incomplete, the other reason being you ran HiJackThis in the middle of the ESET scan. The ESET scan will take more than one hour and if it didn't run at least one hour it was an incomplete scan.

As for utorrent, nothing is being downloaded and uploaded and I am sure it wasn't open at the time of the scan so this is news to me.

I didn't say it was doing anything, what I said was be sure it is turned off and NOT turned back on for the duration. I should have added it should not be set to auto start when the computer is booted up, ever. In fact the program shouldn't be on there at all. This is likely how you became infected in the first place.

Run HiJackThis and put check marks next to the following:
O15 - Trusted Zone: http://*.buy-security-essentials.com
O15 - Trusted Zone: http://*.download-soft-package.com
O15 - Trusted Zone: http://*.download-software-package.com
O15 - Trusted Zone: http://*.get-key-se10.com
O15 - Trusted Zone: http://*.is-software-download.com
O15 - Trusted Zone: http://*.buy-security-essentials.com (HKLM)
O15 - Trusted Zone: http://*.get-key-se10.com (HKLM)

Click the Fix Checked button and Exit HJT. Reboot the computer. See if you can update MBA-M and run it again.

[itzbilly]

I updated mbam by downloading it off a laptop and transferring the file but it says no malicious files were found. I removed the selections on HJT but I'm still unable to access the Internet and as a result, I also cannot run eset. What do you recommend i do? Please reply asap, thx.

[jholland1964]

Doesn't matter if MBA-M log shows clean, we still need to see it.
For the inability to connect try the steps given here.
http://support.microsoft.com/kb/299357

You may also try this tool here, though I don't honestly know if it will work on Windows 7
http://www.cexx.org/lspfix.htm

[itzbilly]

Neither solution was able to get me back online. I think I'll just reformat..