At a loss to fix Son's PC pls look Hijack Log

Reloaded latest network card driver, Manually set network settings,Ran Spybot search and destroy (it found nothing) ran verylatest AdAware6 (it cleared out some minor stuff), Computer still is unable to access the web. Network card is working and the computer claims that it is connected. IE and netscape can't connect.Here is the Hijack this log file.
Can ANYONE help ? I'm not too techie, am actually machinist.
Thanks T'ster

Logfile of HijackThis v1.97.7
Scan saved at 6:12:15 AM, on 6/26/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE
C:\PROGRA~1\SEEKDE~1\Thatlocks.exe
C:\Program Files\Wacom\TabUserW.exe
C:\WINDOWS\System32\devldr32.exe
D:\ANTI SPYWARE\Spybot - Search & Destroy\TeaTimer.exe
D:\ANTI SPYWARE\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://allaboutsearching.com/passthrough/index.html?http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
N3 - Netscape 7: user_pref("browser.startup.homepage", "allaboutsearching.com"); (C:\Documents and Settings\Kon\Application Data\Mozilla\Profiles\default\48vsex4e.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\Kon\Application Data\Mozilla\Profiles\default\48vsex4e.slt\prefs.js)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\ANTI SPYWARE\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: procfacegrey - {7C31C85F-8DBB-539B-336D-5F16FC1C76A9} - C:\PROGRA~1\CAKEOP~1\Surf time.dll
O4 - HKLM\..\Run: [Auto EPSON Stylus C84 Series on cdrw-bu] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P39 "Auto EPSON Stylus C84 Series on cdrw-bu" /O18 "\\CDRW-BU\EPSONc84" /M "Stylus C84"
O4 - HKLM\..\Run: [Auto EPSONc84 on DOTS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P21 "Auto EPSONc84 on DOTS" /O15 "\\DOTS\EPSONc84" /M "Stylus C84"
O4 - HKLM\..\Run: [Auto EPSON Stylus C84 Series on cdrw-bu (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P48 "Auto EPSON Stylus C84 Series on cdrw-bu (Copy 1)" /O44 "\\CDRW-BU\EPSON Stylus C84 Series on CDRW-BU" /M "Stylus C84"
O4 - HKLM\..\Run: [\\cdrw-bu\EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P33 "\\cdrw-bu\EPSON Stylus C84 Series" /O5 "LPT1:" /M "Stylus C84"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Cash Free] C:\PROGRA~1\SEEKDE~1\Thatlocks.exe
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [Ad-aware] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe" +c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\ANTI SPYWARE\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: TabUserW.lnk = C:\Program Files\Wacom\TabUserW.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_41.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38115.3869907407
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED1AB05D-C585-47BD-842B-B91EE8B04C27}: NameServer = 63.240.76.4,204.127.198.4

 

Hi Truthster

Open Task Manager, click Processes tab. End the following process:

WToolsA.exe

Close Task Manager.

Check the following items in HijackThis - close ALL windows\browsers except Hijackthis and click "Fix checked":

Any idea what this is ?
O3 - Toolbar: procfacegrey - {7C31C85F-8DBB-539B-336D-5F16FC1C76A9} - C:\PROGRA~1\CAKEOP~1\Surf time.dll
if UNKNOWN - pls. check

C:\PROGRA~1\SEEKDE~1\Thatlocks.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://allaboutsearching.com/passthrough/index.html?http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa

N3 - Netscape 7: user_pref("browser.startup.homepage", "allaboutsearching.com"); (C:\Documents and Settings\Kon\Application Data\Mozilla\Profiles\default\48vsex4e.slt\prefs.js)

N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\Kon\Application Data\Mozilla\Profiles\default\48vsex4e.slt\prefs.js)
Could you pls. check this one !

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Cash Free] C:\PROGRA~1\SEEKDE~1\Thatlocks.exe
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe

NOTE....even in safe mode you may have to open taskmanager and end task on some of them before you can delete them.

Make sure you can view hidden and system files: Instructions here

Then Boot to safe mode: Instructions here

Delete the following files\folders IF still present:

C:\PROGRA~1\SEEKDE~1
C:\Program Files\Common files\WinTools

Then reboot and use AdAware as described here:
https://www.wilderssecurity.com/showthread.php?t=15913

Then use the Disk Cleanup Utility to empty all your Temp folders.

Then Disable system restore: Instructions here
Reboot

Enable System Restore.

Pls. post another log.