Spyware won't go away after following your instructions

For the DSO Exploit problem with Spybot, get this: Spybot - Search and Destroy DSO Exploit Fix

Did you run all the steps in the Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

If so, and you still have a problem, follow the guidelines below.

Make sure you have HJT Version 1.98.2 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Now post a HijackThis log file as an attachment to your message. All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT

 

Please do not post inline logs. Post them as requested, as an attachment to your message.
I will change it for you this time. But the typical process (unless we are not busy) is to delete inline logs.

 

Please give the below 15 day trial of Giant Antispyware a run.

http://www.giantcompany.com/download.aspx?prodID=70

Let me know if it finds anything. If it does, tell me what it finds and if it fixes it. (Save the log an post it as an attachment.)

 

You also need to fix a broken LSP chain.

Download LSP-Fix from here first: http://www.majorgeeks.com/download4180.html
And run it. Check the "I know what I am doing" box Click on problem dll on the left window (in your case that dll is osmim.dll) and click on the arrow pointing to the right. Click Finish and follow the prompts.

Now post a new HJT log attachment.

Questions:
1) Is this next line something you install and know about:
O4 - HKLM\..\Run: [Create A Monster] "C:\Program Files\Kudd.com\createAMonster.exe" -run

2) Do you know what this IEMenuExtension Toolbar is:
O3 - Toolbar: IEMenuExtension toolbar - {6b95678d-30a4-4ff8-a72f-4208340c1f7f} - C:\Program Files\IEMenuExtension\tbextn.dll
O4 - HKLM\..\Run: [IE Menu Extension toolbar] rundll32.exe "C:\PROGRA~1\IEMENU~1\tbextn.dll" DllShowTB

 

You probably lost the ability to connect due to the O10 line I wanted you to repair with LSP-Fix.

Fix it and see what happens.

You did not answer my questions.

 

Okay! Run LSP-Fix again and with it in the remove pane, click finish or remove.

For the other items:

Make sure you have system restore disabled and viewing of hidden files enabled (per the tutorial).

Please bring up Task Manager by hitting CTRL-ALT-DEL and click the Processes tab. Find the below processes and End them (if found):
createAMonster.exe

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O3 - Toolbar: IEMenuExtension toolbar - {6b95678d-30a4-4ff8-a72f-4208340c1f7f} - C:\Program Files\IEMenuExtension\tbextn.dll
O4 - HKLM\..\Run: [Create A Monster] "C:\Program Files\Kudd.com\createAMonster.exe" -run
O4 - HKLM\..\Run: [IE Menu Extension toolbar] rundll32.exe "C:\PROGRA~1\IEMENU~1\tbextn.dll" DllShowTB

Boot into safe mode and use Windows Explorer to delete:
C:\Program Files\IEMenuExtension\tbextn.dll
C:\Program Files\Kudd.com <--- the whole directory

Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

Okay! Ask other family members before removing items that you may need. Be careful, sometimes things people say they need are actually malware programs. They just don't know it until it is explained to them.

Yes, you can remove Giant at anytime.

 

You log looks good now. For your Win98 system it would be better to start a new thread to avoid confusion with other info in the current thread that only relates to you XP SP2 system. As usual, make sure all steps from the READ ME FIRST are run before posting, and when you do post explain "momentary" and what makes you think it is not normal computer delay.

 

You're welcome!