Same result. Automatic safe mode. Cannot access internet or change to regular mode.
So the status of my troubleshooting so far:
Per the guides, I have successfully downloaded and run CCleaner, Adwcleaner, and Malwarebytes. The first two found nothing out of the ordinary. Malwarebytes found 4 malicious programs, trojan horses, root kit malware, etc., and removed all of them. I then tried the last stage, by downloading DDS. I put it on my flash drive and transferred that to the affected computer. Unlike the previous applications, DDS would not run because apparently it needs to access the Internet in order to do so.
I rebooted after the Malwarebytes cleaning but got the same result: automatically into Safe Mode and not internet access.
I include below the two logs that I did generate, i.e. from the Adwclean and Malwarebytes scans. Is it possible that all I need to do now is adjust the affected computer so it knows that I want to access the internet in the normal mode?
Here are the logs:
# AdwCleaner v2.301 - Logfile created 05/25/2013 at 15:34:00
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Ramond - RAMOND-PC
# Boot Mode : Safe mode
# Running from : I:\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry is clean.
-\\ Mozilla Firefox v [Unable to get version]
File : C:\Users\Ramond\AppData\Roaming\Mozilla\Firefox\Profiles\5916rq97.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v25.0.1364.172
File : C:\Users\Ramond\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [808 octets] - [25/05/2013 15:34:00]
########## EOF - C:\AdwCleaner[R1].txt - [867 octets] ##########
------------------
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.orgDatabase version: v2013.04.04.07
Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 9.0.8112.16421
Ramond :: RAMOND-PC [administrator]
5/25/2013 4:11:44 PM
mbam-log-2013-05-25 (16-11-44).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 232613
Time elapsed: 1 minute(s), 45 second(s)
Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 900 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\Users\Ramond\AppData\Roaming\InstallShield\InstallShield\lfbegkzq.dll (Trojan.Happili.XGen) -> Quarantined and deleted successfully.
C:\Windows\Installer\{e1a7a147-9811-f771-6555-c4ccee02b023}\U\80000032.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.
(end)
I greatly appreciated your continued assistance.