Help needed to remove com surrogate virus and maybe others that malware bytes can't find.

Discussion in 'Malware Removal Assistance For Windows' started by SamyxX, Jul 8, 2017.

Need Malware Removal Help?

We offer free malware removal assistance to our members. Sign Up now, and get free malware removal support.

  1. SamyxX

    SamyxX New Member

    Jul 8, 2017
    12
    0
    Portugal
    Windows 10
    Malwarebytes
    Operating System:
    Windows 10
    Are you using a 32-bit or 64-bit operating system?:
    64-bit (x64)
    Infection date and initial symptoms:
    1 week ago
    PC freezes sometimes and overuse of disc
    Appeared system interruptions and com surrogate in the task manager
    Current issues and symptoms:
    Same as in the beggining
    Steps taken in order to remove the infection:
    I tried to do a clean install of the windows again. Format several times and check for virus with a lot of programs.
    Logs added to help request:
    • I did not upload the FRST logs (I understand that this will increase the time need it to clean-up the PC)
    Need help.
    Thanks.
     
  2. SamyxX

    SamyxX New Member

    Jul 8, 2017
    12
    0
    Portugal
    Windows 10
    Malwarebytes
    Here.
     

    Attached Files:

  3. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,444
    2,634
    Malware Removal, Gaming
    Windows 7
    ESET
    Hello,


    Check Disk
    • Press the [​IMG] on your keyboard. Type cmd and right click >> Run as Administrator.
    • Copy/Enter the command below and press Enter:
    • Code:
      chkdsk C: /r
    • You should get a message to schedule Check Disk at next system restart. Please type Y and press Enter.
    • All you should do now is to restart your PC and let the Check Disk process finish uninterrupted.
    Check Disk report:
    • Press the [​IMG] + R on your keyboard at the same time. Type eventvwr and click OK.
    • In the left panel, expand Windows Logs and then click on Application.
    • Now, on the right side, click on Filter Current Log.
    • Under Event Sources, check only Wininit and click OK.
    • Now you'll be presented with one or multiple Wininit logs.
    • Click on an entry corresponding to the date and time of the disk check.
    • On the top main menu, click Action > Copy > Copy Details as Text.
    • Paste the contents into your next reply.
     
  4. SamyxX

    SamyxX New Member

    Jul 8, 2017
    12
    0
    Portugal
    Windows 10
    Malwarebytes
    #4 SamyxX, Jul 8, 2017
    Last edited by a moderator: Jul 9, 2017
    hello.
    Code:
    
    Nome do registo:Application
    Origem:        Microsoft-Windows-Wininit
    Data:          08/07/2017 22:01:26
    ID do evento:  1001
    Categoria de Tarefa:Nenhum
    Nível:         Informações
    Palavras-chave:Clássica
    Utilizador:    N/D
    Computador:    LAPTOP-E0M6M67B
    Descrição:
    
    Checking file system on C:
    The type of the file system is NTFS.
    Volume label is Acer.
    A disk check has been scheduled.
    Windows will now check the disk.                         
    Stage 1: Examining basic file system structure ...
      489216 file records processed.                                                       
    File verification completed.
      19117 large file records processed.                                   
      0 bad file records processed.                                     
    
    Stage 2: Examining file name linkage ...
      547148 index entries processed.                                                       
    Index verification completed.
      0 unindexed files scanned.                                       
      0 unindexed files recovered to lost and found.                   
    
    Stage 3: Examining security descriptors ...
    Cleaning up 10833 unused index entries from index $SII of file 0x9.
    Cleaning up 10833 unused index entries from index $SDH of file 0x9.
    Cleaning up 10833 unused security descriptors.
    CHKDSK is compacting the security descriptor stream
    Security descriptor verification completed.
      28967 data files processed.                                           
    CHKDSK is verifying Usn Journal...
      36606424 USN bytes processed.                                                           
    Usn Journal verification completed.
    Stage 4: Looking for bad clusters in user file data ...
      489200 files processed.                                                               
    File data verification completed.
    Stage 5: Looking for bad, free clusters ...
      233544459 free clusters processed.                                                       
    Free space verification is complete.
    Correcting errors in the Volume Bitmap.
    Windows has made corrections to the file system.
    No further action is required.
     975593471 KB total disk space.
      40700764 KB in 121138 files.
         90188 KB in 28970 indexes.
             0 KB in bad sectors.
        624679 KB in use by the system.
         65536 KB occupied by the log file.
     934177840 KB available on disk.
          4096 bytes in each allocation unit.
     243898367 total allocation units on disk.
     233544460 allocation units available on disk.
    Internal Info:
    00 77 07 00 66 4a 02 00 3d 15 04 00 00 00 00 00  .w..fJ..=.......
    37 00 00 00 3d 0d 00 00 00 00 00 00 00 00 00 00  7...=...........
    Windows has finished checking your disk.
    Please wait while your computer restarts.
    Evento Xml:
    <Event xmlns="[URL]http://schemas.microsoft.com/win/2004/08/events/event[/URL]">
      <System>
        <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
        <EventID Qualifiers="16384">1001</EventID>
        <Version>0</Version>
        <Level>4</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2017-07-08T21:01:26.317816400Z" />
        <EventRecordID>268</EventRecordID>
        <Correlation />
        <Execution ProcessID="0" ThreadID="0" />
        <Channel>Application</Channel>
        <Computer>LAPTOP-E0M6M67B</Computer>
        <Security />
      </System>
      <EventData>
        <Data>
    Checking file system on C:
    The type of the file system is NTFS.
    Volume label is Acer.
    A disk check has been scheduled.
    Windows will now check the disk.                         
    Stage 1: Examining basic file system structure ...
      489216 file records processed.                                                       
    File verification completed.
      19117 large file records processed.                                   
      0 bad file records processed.                                     
    
    Stage 2: Examining file name linkage ...
      547148 index entries processed.                                                       
    Index verification completed.
      0 unindexed files scanned.                                       
      0 unindexed files recovered to lost and found.                   
    
    Stage 3: Examining security descriptors ...
    Cleaning up 10833 unused index entries from index $SII of file 0x9.
    Cleaning up 10833 unused index entries from index $SDH of file 0x9.
    Cleaning up 10833 unused security descriptors.
    CHKDSK is compacting the security descriptor stream
    Security descriptor verification completed.
      28967 data files processed.                                           
    CHKDSK is verifying Usn Journal...
      36606424 USN bytes processed.                                                           
    Usn Journal verification completed.
    Stage 4: Looking for bad clusters in user file data ...
      489200 files processed.                                                               
    File data verification completed.
    Stage 5: Looking for bad, free clusters ...
      233544459 free clusters processed.                                                       
    Free space verification is complete.
    Correcting errors in the Volume Bitmap.
    Windows has made corrections to the file system.
    No further action is required.
     975593471 KB total disk space.
      40700764 KB in 121138 files.
         90188 KB in 28970 indexes.
             0 KB in bad sectors.
        624679 KB in use by the system.
         65536 KB occupied by the log file.
     934177840 KB available on disk.
          4096 bytes in each allocation unit.
     243898367 total allocation units on disk.
     233544460 allocation units available on disk.
    Internal Info:
    00 77 07 00 66 4a 02 00 3d 15 04 00 00 00 00 00  .w..fJ..=.......
    37 00 00 00 3d 0d 00 00 00 00 00 00 00 00 00 00  7...=...........
    Windows has finished checking your disk.
    Please wait while your computer restarts.
    </Data>
      </EventData>
    </Event>
     
  5. SamyxX

    SamyxX New Member

    Jul 8, 2017
    12
    0
    Portugal
    Windows 10
    Malwarebytes
    So i don't understand much but after reading i just want to say that the pc seems the same, slow and system interrupts and com surrogate still there.
    Sorry for the english,
    Thanks.
     
  6. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,444
    2,634
    Malware Removal, Gaming
    Windows 7
    ESET
    [​IMG] Scan with Farbar Recovery Scan Tool

    Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
    • Right-click on [​IMG] icon and select [​IMG] Run as Administrator to start the tool.
      (XP users click run after receipt of Windows Security Warning - Open File).
    • Make sure that Addition.txt option is checked.

      [​IMG]
    • Press Scan button and wait.
    • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
    Please attach report into your next reply.
     
  7. SamyxX

    SamyxX New Member

    Jul 8, 2017
    12
    0
    Portugal
    Windows 10
    Malwarebytes
    Here :)
     

    Attached Files:

  8. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,444
    2,634
    Malware Removal, Gaming
    Windows 7
    ESET
    Your computer isn't infected. Did you check temperatures of your computer?
     
  9. SamyxX

    SamyxX New Member

    Jul 8, 2017
    12
    0
    Portugal
    Windows 10
    Malwarebytes
    The temperatures are normal. Since the system interrupts appeared on the task manager the PC freezes a lot. And high disk usage
     
  10. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,444
    2,634
    Malware Removal, Gaming
    Windows 7
    ESET
    That could very possible be a malfunctioned hard drive.
     
  11. SamyxX

    SamyxX New Member

    Jul 8, 2017
    12
    0
    Portugal
    Windows 10
    Malwarebytes
    Possible :( the PC is kinda new and having that problem already. Well thanks :) gonna check the hard drive.
     
  12. SamyxX

    SamyxX New Member

    Jul 8, 2017
    12
    0
    Portugal
    Windows 10
    Malwarebytes
    Do you know any good program to check the disk?
     
  13. SamyxX

    SamyxX New Member

    Jul 8, 2017
    12
    0
    Portugal
    Windows 10
    Malwarebytes
    upload_2017-7-11_14-38-37.png

    doesn't seem like hard disk tho
     
  14. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,444
    2,634
    Malware Removal, Gaming
    Windows 7
    ESET
  15. SamyxX

    SamyxX New Member

    Jul 8, 2017
    12
    0
    Portugal
    Windows 10
    Malwarebytes
  16. SamyxX

    SamyxX New Member

    Jul 8, 2017
    12
    0
    Portugal
    Windows 10
    Malwarebytes
    upload_2017-7-12_14-50-49.png
    sorry didn't send
     

    Attached Files:

  17. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,444
    2,634
    Malware Removal, Gaming
    Windows 7
    ESET
    I don't see infection on your PC. Can you remember what did you do when this started to happen?
     
  18. SamyxX

    SamyxX New Member

    Jul 8, 2017
    12
    0
    Portugal
    Windows 10
    Malwarebytes
    I don't really know. Maybe it's a problem with the drivers or an update
     
  19. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,444
    2,634
    Malware Removal, Gaming
    Windows 7
    ESET
    It is possible.
     
Loading...
Similar Threads Forum Date
Help desperately needed to remove Respectsale ads Malware Removal Assistance For Windows Jul 21, 2015
Cannot remove HTML\iframe.B.gen virus - help needed Malware Removal Assistance For Windows Jan 8, 2015
Help needed to remove dllhost.exe Com Surrogate virus Malware Removal Assistance For Windows Jan 8, 2015