Is it spyware? I don't know what is wrong.

I don’t know if my problem is spyware related or not. The Gateway email tech guy seemed to think was. Any help would be greatly appreciated!!

I am unable to access my "appearance and themes". When I right click on my desktop and then left click on properties nothing happens. When I go to the control panel and choose "appearances and themes" and I try to "pick a task" nothing happens. I have tried several system restores going back as far as 2 weeks. I ran PC-Doctor for Windows. I ran AOL computer check-up. I ran "error-checking". None of these programs can detect that there is a problem. All my Windows updates are up to date. All my drivers are current. If I launch my "windows task manager” and try to access "appearance and themes" I can see that the CPU usage gets to about 16 for just a second then it just goes back to about 2. I emailed Gateway and after confirming that I had the Windows Service Pack2 installed the tech referred me to MajorGeeks.com to remove spyware. I followed ALL the instructions for “How to: Spyware, Trojan And Virus Removal” and installed updated and ran Ad-aware SE, Ad-Aware VX2 Cleaner Plug- In, Spybot, Ccleaner, SpywareBlaster, McAfee AVERT Stinger, CWShredder, Kill2me, about:Buster and HSRemove. (I also updated and ran Norton anti-virus.) I am uneasy about doing “HIJACK This” since I am not an advanced computer user.

I did remove a number of problems running all these spywares however I still can’t open my “appearance and themes”. Do you think that the problem really is spyware related or am I looking in the wrong direction? Two other recent symptoms, when I boot and the blue log on screen appears often the music does not play. Then when I click on my name sometimes it just plays a note or two of the music and abruptly stops. Today I could not put the computer in “stand by” or “turn off” when I clicked on them nothing happened. I preformed system restore and am now able to shut down the system.

I have no idea what else to try. Any help would be greatly appreciated.

Thank You!!
Elizabeth
My system specs are:

Model: Gateway E-1800
BIOS: Intel Corp. EA81520A.15A.0009.P06.0109191538 09/19/2001
CPU: Intel Celeron, 1200 MHz

== OS AND BROWSER ==

OS version: Windows XP 5.1.2600 Service Pack 2
First installed: Fri Jan 18 16:23:56 EST 2002
Browser: MSIE 6.0; AOL 9.0; Windows NT 5.1; SV1; (R1 1.3); .NET CLR 1.1.4322

== MEMORY ==

Total RAM: 256MB (BIOS), 255MB (Windows)
Resources: 90 %
Memory slots: 2 total, 0 free (128+128)

== RUNNING APPLICATIONS ==

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe v2.0.20.1.US.1
C:\WINNT\System32\drivers\CDAC11BA.EXE v4.16.050
C:\Program Files\Norton AntiVirus\navapsvc.exe v8.07.17
C:\WINNT\wanmpsvc.exe v9,0,0,0
C:\WINNT\System32\igfxtray.exe v3,0,0,1757
C:\WINNT\System32\hkcmd.exe v3,0,0,1757
C:\WINNT\system32\SK9910DM.EXE v1,0,9,0
C:\WINNT\GWMDMMSG.exe v3.3.1710/31/200120:10:32
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe v5.10(121)
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe v6.00.3215.0
C:\PROGRA~1\NORTON~1\navapw32.exe v8.07.17
C:\Program Files\PhoneTools\CapFax.EXE v1.01
C:\Program Files\Common Files\Real\Update_OB\realsched.exe v0.1.0.1566
C:\WINNT\GWHotKey.exe v6.5
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe v2,3,0,0\ 162
C:\WINNT\System32\ezSP_Px.exe v1,0,0,0
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe v1,0,0,69
C:\WINNT\goidr.exe v1,0,0,2
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe v7.0.0.1134
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe v2.0.20.1.US.1
C:\Program Files\QuickTime\qttask.exe v6.5
C:\Program Files\Messenger\msmsgs.exe v4.7.3000
C:\PROGRA~1\AIM95\aim.exe v4.7.2480
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe v2,6,0, 162
C:\Program Files\America Online 9.0a\aoltray.exe v9.00.001
C:\Program Files\Greetings Workshop\GWREMIND.EXE v2,0,1,1470
C:\Program Files\America Online 9.0a\waol.exe v9.00.001
C:\Program Files\America Online 9.0a\shellmon.exe v9.00.001
C:\Program Files\Common Files\Aol\aoltpspd.exe v1,1,0,0
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE v10.0.2627
C:\Program Files\Microsoft Works\MSWorks.exe v6.00.1911.0
C:\Program Files\AOL Companion\companion.exe v1,6,2,0

== DRIVES ==

C:\ (NTFS) 19092 MB total, 8923 MB free
D:\ (CD-ROM)

== DEVICES ==

CDROM: LITE-ON LTR-16102B (7-1-2001)
COMPUTER: ACPI Uniprocessor PC (7-1-2001)
DISKDRIVE: WDC WD200EB-11CSF0 (7-1-2001)
DISPLAY: Intel Corporation Intel(R) 82815 Graphics Controller (7-23-2002)
HDC: Intel(r) 82801BA Bus Master IDE Controller (7-1-2001)
HDC: Primary IDE Channel (7-1-2001)
HDC: Secondary IDE Channel (7-1-2001)
HIDCLASS: Logitech USB WheelMouse (7-1-2001)
IMAGE: Hewlett-Packard HP Scanjet 3970 (6-3-2003)
MEDIA: Analog Devices, Inc. SoundMAX Integrated Digital Audio (8-24-2001)
MEDIA: Microsoft Unimodem Half-Duplex Audio Device (1-26-1999)
MODEM: GTW V.92 Voice Modem (10-31-2001)
MONITOR: Default Monitor (6-6-2001)
MOUSE: Logitech USB WheelMouse (7-1-2001)
MOUSE: Microsoft PS/2 Mouse (7-1-2001) *** PROBLEM CODE 24 ***
NET: Intel(R) PRO/100 VE Network Connection (9-17-2003)
NET: Microsoft Direct Parallel (7-1-2001)
PORTS: Communications Port (COM1) (7-1-2001)
PORTS: ECP Printer Port (LPT1) (7-1-2001)
PRINTER: Canon i320 (9-5-2002)
USB: Intel(r) 82801BA/BAM USB Universal Host Controller - 2442 (7-1-2001)
USB: Intel(r) 82801BA/BAM USB Universal Host Controller - 2444 (7-1-2001)
USB: Microsoft USB Printing Support (7-1-2001)

== VIDEO / MONITOR ==

Video: Intel(R) 82815 Graphics Controller(1024x768, 24-bit)
Monitor: Default Monitor

 

Liz,
all we need to see is your HJT log. Don't select anything and don't press fix. Post it as an attachment and we'll walk you through the rest.

 

Thanks for your quick responses.
I have attached my HJT text log.

Elizabeth

 

Elizabeth,
did you run the online scanners that were listed in the tutorial? I don't see them listed in your log. It's important that you do this.

Additionally,
Please download and run this program in safe mode
a-squared (a²) Personal Edition 1.1 (requires free registration)

Once you've completed these instructions, post another log.

 

When I first did all the scans as directed in "READ ME FIRST..." in safe mode I was unable to log onto the internet. My AOL browser ran through my dial-up numbers and then said "The communication port is invalid". I have now run them in regular mode and I also ran a2.

I have attached a new log.

THANK YOU!!
Elizabeth

 

Okay, I followed all the steps in order and everything went fine until I got to:

I couldn't find c:\installer\id53.exe. I did a search for it. All I could find was c:\installer (an empty folder). When I pressed CTRL-ALT-DEL nothing happened. I then deleted aqadcup.exe and rebooted in reg. mode. When I then pressed CTRL-ALT-DEL nothing happened. So... I winged it and went to my recycle bin and restored C:\WINNT\system32\taskmgr.exe. I was then able to pull up Task Manager. I did not see c:\installer\id53.exe running. Further, I still can't access my "appearance and themes".

I have attached a new log.

THANK YOU!!
Elizabeth

 

The problem does happen with other users, however, when I tried to access "appearance and themes" in safe mode I was able to access it. I was not able to apply any changes. When I back to reg mode I was still unable to access it from the desktop and through the control panel, but, when I switched the control panel to "classic view" (like in safe mode) I was able to access display and make changes. SO..... I still have something wrong, but at least I can do what I need.

I'm not sure if I should keep digging for the problem. If it isn't spyware I have no idea what to do.

Thank You for your help!
Elizabeth