adware/spyware big time problem

I must delete over 300 files of adware and spyware a day from ad-aware 6 and Spybot. Well, the files keep duplicating or something..
I'm running win98, IE 5.5, Cable internet. HD space and all that is fine. Anymore info you need to help, please ask.

in my results, i get the following:
virtumundo
vx2.betterinternet
about 10000000 possible browser hijack attempt - from allaboutsearch.com

i didn't save the actual log, but here is the quarantine list.

"POSS: c:\windows\favorites\ adult entertainment\photos.url
obj[59]=File : c:\windows\favorites\ adult entertainment\fetish.url

VIRTUMUNDO
¯Â¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯Ã‚¯
obj[12]=LSP : inetadpt over [MS.w95.spi.tcp] (c:\windows\system\inetadpt.dll)
obj[13]=LSP : inetadpt over [MS.w95.spi.udp] (c:\windows\system\inetadpt.dll)
obj[14]=LSP : inetadpt over [MS.w95.spi.raw] (c:\windows\system\inetadpt.dll)
obj[15]=LSP : inetadpt over [MS.w95.spi.rsvptcp] (c:\windows\system\inetadpt.dll)
obj[16]=LSP : inetadpt over [MS.w95.spi.rsvpudp] (c:\windows\system\inetadpt.dll)
obj[17]=LSP : inetadpt (c:\windows\system\inetadpt.dll)
obj[18]=RegKey : SOFTWARE\TargetSoft
obj[19]=File : c:\windows\system\inetadpt.dll
obj[27]=File : c:\windows\system\winhost32.exe
obj[28]=File : c:\windows\system\winupd.dll
obj[29]=File : c:\windows\system\wincore.dll
obj[30]=File : c:\windows\system\cidrules.dll
obj[31]=File : c:\windows\system\inetadpt.dll "



Pest patrol and other sites have said to delete this "inetadpt.dll ", well when i searched two of these showed up. i was only able to delete one, the other said "in use, cannot delete file"


i have more i need to post, but it says my post is too long.

 

sorry for the double post. here's more info


that's about it. my computer is really slow with all of this, and my (cable) internet shuts down sometimes, web browsers stop responding, AIM doesn't work. Low memory.. i suppose LSP or winsock problems from all of this? please help, thanks in advance.


here's a hijack this! log. i don't know much about this, but i heard people often request you to do this.

"Logfile of HijackThis v1.97.7
Scan saved at 8:23:21 PM, on 5/6/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\COMPAQ\CPQINET\CPQINET.EXE
C:\COMPAQ\INTERNET\ISDBDC.EXE
C:\WINDOWS\CPQDIAG\CPQDFWAG.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MOZILLA.ORG\MOZILLA\MOZILLA.EXE
C:\PROGRAM FILES\WINAMP\WINAMP.EXE
C:\WINDOWS\NOTEPAD.EXE
C:\PROGRAM FILES\AIM\AIM.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\TOOLBAR\TOOLBAR.DLL/sa
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\TOOLBAR\TOOLBAR.DLL/sa
R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no file)
O2 - BHO: (no name) - {72DE5936-797C-7FE1-5343-DACB05A29B31} - C:\PROGRAM FILES\MEDIA 16 RECT\PLAY PLUS.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file)
O3 - Toolbar: bowscdrom - {9BF1D619-BCDF-67D6-4950-E710FC70180A} - C:\PROGRAM FILES\MEDIA 16 RECT\PLAY PLUS.DLL
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EM_EXEC] c:\mouse\system\em_exec.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe
O4 - HKLM\..\Run: [Service Connection] c:\cpqs\bwtools\sccenter.exe
O4 - HKLM\..\Run: [AvconsoleEXE] C:\Program Files\Network Associates\McAfee VirusScan\avconsol.exe /minimize
O4 - HKLM\..\Run: [VsecomrEXE] C:\Program Files\Network Associates\McAfee VirusScan\VSECOMR.EXE
O4 - HKLM\..\Run: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
O4 - HKLM\..\Run: [VsStatEXE] C:\Program Files\Network Associates\McAfee VirusScan\VSSTAT.EXE /SHOWWARNING
O4 - HKLM\..\Run: [CompaqPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe C:\PROGRA~1\AIM\DeadAIM.ocm,ExportedCheckODLs
O4 - HKLM\..\Run: [each two] C:\PROGRA~1\ISOBLA~1\Okayarmy.exe
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] c:\windows\SYSTEM\mstask.exe
O4 - HKLM\..\RunServices: [CPQInet Runtime Service] c:\compaq\CPQInet\CpqInet.exe
O4 - HKLM\..\RunServices: [isdbdc] c:\compaq\internet\isdbdc.exe
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\cpqdiag\CpqDfwAg.exe
O4 - HKLM\..\RunServices: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
O4 - HKLM\..\RunServices: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ares] "C:\PROGRAM FILES\ARES\ARES.EXE" -h
O8 - Extra context menu item: AltaVista Home - http://jump.altavista.com/avie5/home
O8 - Extra context menu item: AV Search This Term - http://jump.altavista.com/avie5/search
O8 - Extra context menu item: AV Translate this Web Page - http://jump.altavista.com/avie5/babelfish
O8 - Extra context menu item: AV Translate Selection - http://jump.altavista.com/avie5/babelfish
O9 - Extra 'Tools' menuitem: &AltaVista Home (HKLM)
O9 - Extra button: Translate (HKLM)
O9 - Extra 'Tools' menuitem: AV &Translate (HKLM)
O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL (HKLM)
O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab "

 

You do have a fair amount of junk that needs to go and with Hijackthis removing it is simple. But I'm going to leave specifics to the pros since I don't want to give you bad advice on removals or miss things and force you to do it more than once.

A couple of suggestions though.

There is a great list Here of known ad servers that clutter things up. If you add all the listed items to your hosts file (text file that will be in windows\system on your OS I think) you will never be bothered with any of those sites again.

Have you used the 'immunize' feature of Spybot? It blocks over 500 of the most common pieces of spyware from ever getting to your PC.

Take a look at Spywareblaster. I think you'd do well to install it.

Likewise, using the download from IE-SPYAD will add a huge list of bad sites to your IE restricted sites and help stop even more junk from getting to you in the first place.

 

Alright, thank you for your time. I'll try all of that.

 

All of it will help. Getting rid of specific critters will help even more but as I said, security is not my strong suite so I'll leave that for the pros.

 

Newt what do I do with this list? Can you explain please? How do I use it?

 

Hosts is a simple text file. Located differently on NT vs. non-NT systems. Just open the file in notepad, add the list to the file contents, save and close the file, and you are good to go.

 

Hi katie


vx2.betterinternet aka look2me allaboutsearch.com
is a little hard to get rid of

Lets address the others first , in the meantime dont fix anything with hijackthis, adaware or spybot please. post a new log