Com Surrogate replication

J

Jim H.

New Member
Thread author
Nov 4, 2014
4
0
2
71
Would appreciate any help you can provide in eliminating the problems with the replicating com surrogate processes. I've stopped (or slowed down) the replication for now, but I'm sure the infection is still there.
 

Attachments

Re-run FRST.exe as you did before ...

  • Download fixlist.txt that you find attached at the bottom of this post and save it same place you
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt and will keep that log in the same folder where FRST.exe is.


> Attach here fixlog.txt logreport.
 

Attachments

argus said:
Re-run FRST.exe as you did before ...

  • Download fixlist.txt that you find attached at the bottom of this post and save it same place you
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt and will keep that log in the same folder where FRST.exe is.


> Attach here fixlog.txt logreport.
Click to expand...
I downloaded the fixlog.txt file and reran frst.exe. It ran to completion and the machine rebooted. Norton Security Suite restarted and automatically removed the frst.exe file. Should I remove the program rule in Norton's firewall to allow access for COM surrogate? I had changed this setting originally to keep it from replicating. So far, so good.
 
argus said:
Is everything ok now?
Click to expand...
I don't see COM surrogate running. I had changed the program rule in Norton's firewall to block access by COM surrogate to prevent it from replicating prior to seeking help, should I change the rule back to allow access? What should I change to prevent this from happening again?
 
I had changed the program rule in Norton's firewall to block access by COM surrogate to prevent it from replicating prior to seeking help, should I change the rule back to allow access?
Click to expand...

Yes settings default Norton.





The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
checkmark.png
Remove disinfection tools
checkmark.png
Create registry backup
checkmark.png
Purge System Restore
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
 
argus said:
Yes settings default Norton.





The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
checkmark.png
Remove disinfection tools
checkmark.png
Create registry backup
checkmark.png
Purge System Restore
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
Click to expand...


I ran DelFix and it ran to completion. I'll reset my Norton Firewall program rule back to allow access for COM surrogate. Thanks for the help. Hope you enjoy your beer.
 

You may also like...