Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP! Virus/malware makes zz's - attached is Combo Report


  • Please log in to reply
2 replies to this topic

#1 gothamgoddess

gothamgoddess

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:New York
  • Local time:01:27 PM

Posted 15 May 2014 - 01:10 PM

Hi Bleeping Computer Peeps
 
 
Computer Stats:  Lenovo ThinkPad Edge
operating 7 Professional 64 bit

Mod Edit ..Removed Email address to protect from spamBots ~~ boopme
 
 I have been struggling to get rid of a nasty bug that doesn't go away. It started on my PC two days after XP was put to pasture. The PC got it but at first I thought it was Conduit which I found in the Internet explorer and reset explorer while also removing it from the registry keys (I had found you guys on the internet and read what to do) Well it wasn't safe because the exterior hard drive that i thought was clean (since I thought I had cured the PC) gave it to this laptop.  This sucker got by Malwarebytes pro and Avast (that I paid for) .  Let me describe it:  a document shows up in the Computer drive (c drive) that has many numbers as a name starting with a 3..   It is 0 kilobytes.   Then as time goes on and you try to work the computer gets weird, slows down, messes with your antivirus etc.  When you look at the document again, it is now a folder with files inside, millions of files that say zzz in various lengths... zzzz zzzzzzzz.  on and on.  It slows down the computer and when I erase the files through c cleaner, the volume size increases tremendously to many gigabytes.  I can't get on the internet without it misdirecting me, hijacking programs to download junk and it morphs and downloads stuff that pretends to be for the programs.  I used Rogue Killer, Rkiller etc. I would try and find it with ccleaner, and it would disappear then reappear!  There would be short periods of peace and quiet but again it would start. It made itself out to be a driver etc.  I did a clean install by using disks sent by Lenovo and frankly I don't think it completely reformatted the drive because a lot of black screens popped up and it wasn't normal.  Anyway a couple of days ago I reloaded the programs and it was fine till yesterday when I inserted a usb which had some documents on it I need and the computer said that a "driver was being downloaded" so I tore the usb out but that damned zzz thing was back.  My editor had used the USB in the PC I guess.  Internet downloads were next to impossible much less getting advice from this forum. That is why I downloaded and used the comboset so I could get to you the report and later I have to uninfect my main PC operating Windows XP which has years of documents on it.  Years of writing and work there. Please help me. if we can uninfect this laptop maybe I can use it to uninfect my pc?  The main PC does not go on the internet anymore.  My plan is to fix this laptop then reformat the exterior hard drive of the Main PC with it (which was infected and that's how I go this bug). If I install combofix into the PC can I stop the bug long enough to safely load the the documents into an exterior hard drive.  Also how do I check to see if an exterior hard drive or USB is uninfected and how do I clean an exterior hard drive?
 I'm exhausted and panicked so excuse me if my explanation here is less then perfect. How do I attach the report of Combofix??


Edited by boopme, 16 May 2014 - 08:59 PM.


BC AdBot (Login to Remove)

 


#2 davidb231

davidb231

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:27 PM

Posted 15 May 2014 - 01:21 PM

Please go to this page http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/ and follow the the posted instructions. :)



#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:27 PM

Posted 16 May 2014 - 07:15 PM

ComboFix logs are not permitted in this forum. If you are dealing with a malware infection, please be aware that using ComboFix is only one part of the disinfection process. Preliminary scans from other tools like DDS, OTL, RSIT and GMER should be used first because they provide comprehensive logs with specific details about files, folders and registry keys which may have been modified by malware infection. Analysis of those logs allows planning a strategy for effective disinfection and a determination if using ComboFix is necessary.

Please follow the instructions in the Preparation Guide For Requesting Help starting at Step 6.
  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running DDS which will create two logs. (Note: Windows 8.1 Users will not be able run DDS and create a log)
When you have done that, start a new topic and post the required logs to include your ComboFix log in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts.

After doing this, please reply back in this thread with a link to the new topic so we can closed this one.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users