Help needed to remove com surrogate virus and maybe others that malware bytes can't find.

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

TwinHeadedEagle

Removal Expert
Staff member
Mar 8, 2013
21,984
2,659
Operating System
Windows 10
Installed Antivirus
ESET
#3
Hello,


Check Disk
  • Press the
    on your keyboard. Type cmd and right click >> Run as Administrator.
  • Copy/Enter the command below and press Enter:
  • Code:
    chkdsk C: /r
  • You should get a message to schedule Check Disk at next system restart. Please type Y and press Enter.
  • All you should do now is to restart your PC and let the Check Disk process finish uninterrupted.
Check Disk report:
  • Press the
    + R on your keyboard at the same time. Type eventvwr and click OK.
  • In the left panel, expand Windows Logs and then click on Application.
  • Now, on the right side, click on Filter Current Log.
  • Under Event Sources, check only Wininit and click OK.
  • Now you'll be presented with one or multiple Wininit logs.
  • Click on an entry corresponding to the date and time of the disk check.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.
 

SamyxX

New Member
Jul 8, 2017
12
0
Operating System
Windows 10
Installed Antivirus
Malwarebytes
#4
hello.
Code:
Nome do registo:Application
Origem:        Microsoft-Windows-Wininit
Data:          08/07/2017 22:01:26
ID do evento:  1001
Categoria de Tarefa:Nenhum
Nível:         Informações
Palavras-chave:Clássica
Utilizador:    N/D
Computador:    LAPTOP-E0M6M67B
Descrição:

Checking file system on C:
The type of the file system is NTFS.
Volume label is Acer.
A disk check has been scheduled.
Windows will now check the disk.                         
Stage 1: Examining basic file system structure ...
  489216 file records processed.                                                       
File verification completed.
  19117 large file records processed.                                   
  0 bad file records processed.                                     

Stage 2: Examining file name linkage ...
  547148 index entries processed.                                                       
Index verification completed.
  0 unindexed files scanned.                                       
  0 unindexed files recovered to lost and found.                   

Stage 3: Examining security descriptors ...
Cleaning up 10833 unused index entries from index $SII of file 0x9.
Cleaning up 10833 unused index entries from index $SDH of file 0x9.
Cleaning up 10833 unused security descriptors.
CHKDSK is compacting the security descriptor stream
Security descriptor verification completed.
  28967 data files processed.                                           
CHKDSK is verifying Usn Journal...
  36606424 USN bytes processed.                                                           
Usn Journal verification completed.
Stage 4: Looking for bad clusters in user file data ...
  489200 files processed.                                                               
File data verification completed.
Stage 5: Looking for bad, free clusters ...
  233544459 free clusters processed.                                                       
Free space verification is complete.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.
No further action is required.
 975593471 KB total disk space.
  40700764 KB in 121138 files.
     90188 KB in 28970 indexes.
         0 KB in bad sectors.
    624679 KB in use by the system.
     65536 KB occupied by the log file.
 934177840 KB available on disk.
      4096 bytes in each allocation unit.
 243898367 total allocation units on disk.
 233544460 allocation units available on disk.
Internal Info:
00 77 07 00 66 4a 02 00 3d 15 04 00 00 00 00 00  .w..fJ..=.......
37 00 00 00 3d 0d 00 00 00 00 00 00 00 00 00 00  7...=...........
Windows has finished checking your disk.
Please wait while your computer restarts.
Evento Xml:
<Event xmlns="[URL]http://schemas.microsoft.com/win/2004/08/events/event[/URL]">
  <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2017-07-08T21:01:26.317816400Z" />
    <EventRecordID>268</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>LAPTOP-E0M6M67B</Computer>
    <Security />
  </System>
  <EventData>
    <Data>
Checking file system on C:
The type of the file system is NTFS.
Volume label is Acer.
A disk check has been scheduled.
Windows will now check the disk.                         
Stage 1: Examining basic file system structure ...
  489216 file records processed.                                                       
File verification completed.
  19117 large file records processed.                                   
  0 bad file records processed.                                     

Stage 2: Examining file name linkage ...
  547148 index entries processed.                                                       
Index verification completed.
  0 unindexed files scanned.                                       
  0 unindexed files recovered to lost and found.                   

Stage 3: Examining security descriptors ...
Cleaning up 10833 unused index entries from index $SII of file 0x9.
Cleaning up 10833 unused index entries from index $SDH of file 0x9.
Cleaning up 10833 unused security descriptors.
CHKDSK is compacting the security descriptor stream
Security descriptor verification completed.
  28967 data files processed.                                           
CHKDSK is verifying Usn Journal...
  36606424 USN bytes processed.                                                           
Usn Journal verification completed.
Stage 4: Looking for bad clusters in user file data ...
  489200 files processed.                                                               
File data verification completed.
Stage 5: Looking for bad, free clusters ...
  233544459 free clusters processed.                                                       
Free space verification is complete.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.
No further action is required.
 975593471 KB total disk space.
  40700764 KB in 121138 files.
     90188 KB in 28970 indexes.
         0 KB in bad sectors.
    624679 KB in use by the system.
     65536 KB occupied by the log file.
 934177840 KB available on disk.
      4096 bytes in each allocation unit.
 243898367 total allocation units on disk.
 233544460 allocation units available on disk.
Internal Info:
00 77 07 00 66 4a 02 00 3d 15 04 00 00 00 00 00  .w..fJ..=.......
37 00 00 00 3d 0d 00 00 00 00 00 00 00 00 00 00  7...=...........
Windows has finished checking your disk.
Please wait while your computer restarts.
</Data>
  </EventData>
</Event>
 
Last edited by a moderator:

SamyxX

New Member
Jul 8, 2017
12
0
Operating System
Windows 10
Installed Antivirus
Malwarebytes
#5
So i don't understand much but after reading i just want to say that the pc seems the same, slow and system interrupts and com surrogate still there.
Sorry for the english,
Thanks.
 

TwinHeadedEagle

Removal Expert
Staff member
Mar 8, 2013
21,984
2,659
Operating System
Windows 10
Installed Antivirus
ESET
#6
Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on
    icon and select
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition.txt option is checked.


  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please attach report into your next reply.
 

TwinHeadedEagle

Removal Expert
Staff member
Mar 8, 2013
21,984
2,659
Operating System
Windows 10
Installed Antivirus
ESET
#8
Your computer isn't infected. Did you check temperatures of your computer?
 

TwinHeadedEagle

Removal Expert
Staff member
Mar 8, 2013
21,984
2,659
Operating System
Windows 10
Installed Antivirus
ESET
#17
I don't see infection on your PC. Can you remember what did you do when this started to happen?
 

SamyxX

New Member
Jul 8, 2017
12
0
Operating System
Windows 10
Installed Antivirus
Malwarebytes
#18
I don't really know. Maybe it's a problem with the drivers or an update