Flakey Computer or Virus?

Runner Error - Result of Spyware Removal?

After recently running Spybot S&D, I removed Backweb lite and a DSO Exploit, now when I boot my PC (HP Pavilion P4 2.8 GHz, 1.5 GB of RAM, XP Home SP2) I get an "Runner Error" which reads: "Runner file name (Updates from HP.exe) lacks a '-' (the app id separator)" I can click OK to get rid of the error, which goes away and then everything is normal. However, I wonder what this means, if it's bad and if I have an underlying problem. I regularly scan for viruses, keep my spyware blaster, adaware and spybot S&D updated and run Zone Alarm - so I'm a bit surprised that I'd get a virus - but obviously something has happpened. My question is - should I try restoring what Spybot removed to get rid of this error and then go back and use all the cleaning tools from the Major Geeks sticky post on spyware removal? Or should I just go forward and use the tools without restoring what spybot caught? If anyone else has come across this error, I'd appreciate their input as well. Thanks -
albionmoon

 

Hi -

My computer (HP P4 2.8GHz, 1.4 GB RAM, Windows XP SP2) has always been a bit flakey - I had to send it back after a month after it completely died and had to do a full destructive restore a couple months after that when it would no longer boot up in Safe Mode.

Now it's acting up again and I can't figure out if it's just continuing to be a pain, or if it's infected with something. Current symptoms include: DVD Burning software suddenly no longer recognizesDVD burner, System Restore no longer works, and for a little while it couldn't access most websites (though that seemed to clear up after a reboot).

I'm normally pretty vigilant about viruses - I run Anti-virus protection, as well as Spybot S&D, Adaware, Spywareblaster and Zone Alarm (no, I'm not also running Windows Firewall at the same time). But, still worried that I could be infected, I followed all the steps in the Virus Sticky Post. Here are the only things the various scans found:

Spybot S&D found 2 problems:
HKEY_LOCAL_MACHINE\Software\Microsoft\SecurityCenter\AntivirusDisableNotify!=dword:0
HKEY_LOCAL_MACHINE\Software\Microsoft\SecurityCenter\FirewallDisableNotify!=dword:0

HS Remove said that 8 items were removed - but I don't know what was removed.

That's it. I was wondering if I could post an HJ file just to have you take a look. I'd really appreciate it.

Thanks -
Albionmoon

 

http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting