Deluge of Adware

I have a Gateway Essential 866 that I had purchased from a woman who kept an immaculate house. Pentium III 866 MHz, 64MB RAM, WinME, dial-up ISP PeoplePC Accelerated. A big surprise, the computer wasn’t in the same shape as the house! LOL!
I first became suspicious when I got some popups from the Bullseye Network. Plus the computer was so slow! I noticed some processes I did not recognize as ones that needed to be there when I brought up Windows Task Mgr, such as Internet Optimizer, Webrebates 0, Webrebates 1 and Rxmy. I could “end task” on the first three, but not that Rxmy. So I installed EZTrust Pest Patrol antispyware and to my horror found 80+ spyware/adware items and tracking cookies! I quarantined all but the tracking cookies immediately. The previous owner had Norton Internet Security and AdAware personal SE on the computer, but I don't know if she had them there before or after she got infected with all this stuff!
I ran the Pest Patrol antispyware program four days in a row before that nasty Webrebates quit rearing its ugly head. It came back as Topsearch, and Toprebates and some Trojan name in the subsequent scans. And, when I went to Add/remove programs in Control Panel that nasty Webrebates was still there. Although it would not let me uninstall it the first time I tried, it did uninstall on a subsequent try.
There was one process still in Windows Task Mgr I googled for and could not find: Rxmy. I searched for it on my computer and it came up in C:\program files\Zmru as rxmy.exe with Avenue Media N.V. on one tab when I clicked its properties. EZTrust did not recognize it. I found The Process Library from Uniblue (?spelling) and it was not there either. I wondered if it is another variant of one of the other spywares; on googling Avenue Media I found out they are a company that seems to do nothing other than make spyware.
After I looked in Process Library, it told me psapi.dll was missing from my computer
( I don’t know what that means). The next day, I began getting the horrid res://C:\WINDOWS\SYSTEM\SHDOCLC.DLL/dnserror.htm when I try to connect to the internet via dial-up, ISP PeoplePC. It looks as if everything is connecting correctly as always, but I cannot view my homepage or go to any other website. I have googled for this too and it seems to be a spyware-related thing too. I looked in my BIOS and it said I do not have either serial or parallel ports and they don’t show in Device Manager. My modem was supposed to be on COM3. The previous owner had had a HP PSC1200 printer installed which she did not give me; I had deleted the printer files.
Help!! Any suggestions on how to proceed next would be much appreciated. I have followed the READ ME as much as I could (not step 6A. No internet access, so no Bitdefender or Panda). I didn’t know if you’d even want to see the PestPatrol quarantine files; I think they are in the four .zip files in the quarantine folder. I ran them before I heard of your site.
Spybot found Rotue with registry key HKLM Software Microsoft Windows.
SuperAntispyware found 9 total threats. Adware.Avenue Media(3), Adware.Bargain Buddy(1), Adware.eXact Advertising(3), Adware.Zesoft(1) and Windows ad control(1). I jotted down the files; I wasn’t sure how to get a log of these to send you.
When I rebooted to normal mode, the computer hung up when SuperAntispyware loaded. I had to turn it off and go back in safe mode to copy off to a floppy GetRunKey, ShowNew and HJT; files are attached. Thanks!

 

Thanks, Chaslang. I had not even thought about a hardware problem. Perhaps that’s why she did not include the printer—maybe it would no longer work on the parallel port. Then again, the keyboard and mouse are USB; HP 1200’s very well might be USB also.

I had no trouble connecting to the internet and viewing whatever I wanted
(albeit slow and with pop-ups galore) BEFORE I started trying to get rid of the adware. Have not turned the computer back on since last checking with you. With your permission, though, I would like to run HJT again and fix that first R1 with appswebservice.com and get rid of it. I have a strong feeling that it is related to that dreaded Rxmy.exe.

In any cases, looks like I have ample opportunities to learn more.

 

Since I could not get into normal mode to do anything, I turned the computer back on in safe mode. I ran HJT again and fixed that first R1 with appswebservice.com.

I found the HJT tutorial and read through it line by line. I decided to get rid of the R3. Then I googled for the O16 with adshooter, since it also sounded suspicious, and I found it was Trojan-Dropper.Win32.Agent.cy. I was able to get in normal mode after I had fixed R1. I ran HJT and fixed the R3 and O16. I rebooted in normal mode and looked in Task Manager and Add/remove Programs and both looked just fine.

Before I go back and see if I can get on the internet, I am going to have to decide whether I am going to reinstall Norton Internet Security or choose something else. Should I Toggle System Restore at this point?