Inactive Strange file name of letters and numbers comprising of ZZZZZ's

[buffy]

Sorry if this is vague but I started to follow the instructions on another persons thread to try and sort it out myself.
These are the steps I've followed so far from this website but after I re-started the computer I wasn't sure if I've finished of if there is something else to do?

ComboFix 11-01-25.05 - Fay 26/01/2011 19:52:44.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3327.2291 [GMT 0:00]
Running from: c:\users\Fay\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2010-12-26 to 2011-01-26 )))))))))))))))))))))))))))))))
.

2011-01-26 19:55 . 2011-01-26 19:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-26 19:15 . 2011-01-26 19:15 -------- d-----w- c:\program files\CCleaner
2011-01-26 19:07 . 2006-10-26 19:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-01-26 19:07 . 2006-10-26 19:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2011-01-26 19:05 . 2011-01-26 19:05 -------- d-----w- c:\program files\Microsoft Works
2011-01-25 08:09 . 2011-01-25 08:09 -------- d-----w- c:\programdata\HP
2011-01-25 08:07 . 2011-01-25 08:07 -------- d-----w- c:\programdata\NVIDIA
2011-01-25 07:12 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2011-01-25 07:11 . 2009-11-25 12:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-01-25 07:11 . 2009-11-25 12:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-01-25 07:11 . 2009-11-25 12:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-01-25 07:11 . 2009-11-25 12:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-01-25 07:11 . 2009-11-25 12:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-01-25 07:04 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-01-25 07:04 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-01-25 07:04 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2011-01-25 07:02 . 2011-01-25 07:02 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-01-25 07:02 . 2011-01-25 07:03 -------- d-----w- c:\program files\NVIDIA Corporation
2011-01-25 06:57 . 2010-12-13 08:40 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-01-25 06:57 . 2010-12-13 08:40 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-01-25 06:57 . 2011-01-25 06:57 -------- d-----w- c:\programdata\Avira
2011-01-25 06:57 . 2011-01-25 06:57 -------- d-----w- c:\program files\Avira
2011-01-25 06:55 . 2009-10-02 04:06 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-25 06:54 . 2010-06-29 04:57 4247040 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2011-01-25 06:53 . 2011-01-25 06:53 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-01-25 06:53 . 2011-01-26 19:32 -------- d-----w- c:\program files\Spyware Terminator
2011-01-25 06:53 . 2011-01-26 11:08 -------- d-----w- c:\programdata\Spyware Terminator
2011-01-25 06:50 . 2010-06-14 06:12 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-01-25 06:41 . 2010-10-20 03:00 2327552 ----a-w- c:\windows\system32\win32k.sys
2011-01-25 06:41 . 2011-01-25 06:41 -------- d-----w- c:\programdata\InstallShield
2011-01-25 06:40 . 2007-04-28 00:12 78784 ----a-w- c:\windows\system32\ISUSPM.cpl
2011-01-25 06:40 . 2011-01-25 06:40 -------- d--h--w- c:\program files\InstallShield Installation Information
2011-01-25 06:40 . 2011-01-25 06:40 -------- d-----w- c:\program files\Common Files\InstallShield
2011-01-25 06:33 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2011-01-25 06:33 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
2011-01-25 06:33 . 2011-01-26 18:04 -------- d-----w- c:\windows\system32\wbem\Performance
2011-01-25 06:29 . 2011-01-25 06:39 -------- d-----w- c:\users\Fay
2011-01-25 06:28 . 2011-01-25 06:28 -------- d-----w- C:\Recovery

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-01-25 3318784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2011-01-25 2216960]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-25 1343400]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-01-25 142592]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]

.
.
------- Supplementary Scan -------
.
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\users\Fay\AppData\Roaming\Mozilla\Firefox\Profiles\ix4sv3rd.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60049&qkw=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files\Crawler\Toolbar\firefox
FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-01-26 19:56:51
ComboFix-quarantined-files.txt 2011-01-26 19:56

Pre-Run: 204,083,269,632 bytes free
Post-Run: 204,000,849,920 bytes free

- - End Of File - - 72E96F26727CE3B266E0F223D151E802

 

[Bobbye]

I started to follow the instructions on another persons thread

Do Not follow instructions given to others:https://www.techspot.com/vb/topic156572.html

Do NOT run Combofix without our guidance:https://www.techspot.com/vb/topic138086.html

==============================================
Let restart, which will be better for you:

Uninstall ComboFix and all Backups of the files it deleted

• Click START> then RUN
• Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  
  

If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

When you have finished, leave the logs for review in your next reply .
NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.

Important!
Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.

 

[buffy]

Thank you

I just wanted to say thank you for your quick response, I will take your advice about other peoples threads. I have now started the process and removed the programme.

thanks again

 

[buffy]

Hi

My computer had been blue screening, then cutting off the internet to my computer. It would also loose 2GB of space on the hard drive every time.
(as in it would be fuller)
I would do regular disk checks and defrag but my C-drive is always fragmented.

Yesterday I wiped my computer using system restore and recovery disks.
I kept seeing a strange file in the C-Drvie: 3590F75ABA9E485486C100C1A9D4FF06Z.ZZZZ..Z..ZZ.ZZ

I assumed it was a virus. I had it before and after the system restore.

I've now downloaded: Avira anti virus/ Spyware terminator/ Ccleaner/ malwarebytes
I have windows firewall and Defender running.

I am hoping I've done the right things

thanks

 

[Bobbye]

I've now downloaded: Avira anti virus/ Spyware terminator/ Ccleaner/ malwarebytes

You should follow the steps in the thread link I left. Then paste the logs in for review.

There is a specific note asking you not to run any other scans while I am helping you.

 

[buffy]

Hi

I followed the first steps you left but then I felt a bit stupid asking what a log was and where you find them, as I have no idea.

Thanks again

 

[buffy]

ah yes sorry I see the note in red, shall I disable them all?

 

[Bobbye]

The logs list what has been found in the scan. I need to see each one.

Yes, please disable or uninstall any other scanning or cleaning program while I am helping you.

 

[buffy]

ah the only thing I could find was that thing I posted earlier, I've tried looking for log files on the C-drive but they don't seem to be there.

 

[buffy]

also I've un-installed the Combofix

 

[Bobbye]

Please use the Edit feature instead of a new post for a 1 line reply. I get email feedback for every one of those replies. They add up.

Run the scans, then leave the logs. Run only what's in the link I left. Do not do any system restores while I'm helping you. Unless you give me something to work with, I can't help you.