Jump to content

Recommended Posts

Hi,

a few times I reinstalled Windows 10 on my laptop. The reason; sudden high activity of the fan although no action by me on the laptop. Veryfying the Task Manager shows 4 times Com Surrogate. A few fresh installs ago ESET found a Rogue virus and deleted it. Unfortunately this multiple Com Surrogate listing comes back after every new install of Windows 10. I ran Malwarebytes Premium which didn't find anything. Then I ran Frst64 that came up with the following files (see attachment) I can't read (understand) being a "non-nerd". Can anybody tell me if I still have a rootkit virus? Thank you very much in advance.

Kornelis Jan

 

Addition.txt

FRST.txt

Shortcut.txt

Link to post
Share on other sites

Hello kjd and welcome to Mawarebytes,

I do not see any obvious malware or infection in your logs, COM Surrogate is a basic Windows process, it is only usually noticed if/when it crashes. Have a read of the following link: https://blogs.msdn.microsoft.com/oldnewthing/20090212-00/?p=19173

Run a scan with ESET and post the produced log...

user posted imageScan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.

Click there Run ESET Online Scanner.

If using Internet Explorer:
 
  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:
  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.


To perform the scan:
 
  • Select "Enable detection of potentially unwanted applications"
  • Make sure that Remove found threats is unchecked.
  • Scan archives is checked.
  • In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
  • Under “Enable Stealth Technology select “Change” select any extra drives in that window.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.



Please include this logfile in your next reply.

Don't forget to re-enable security software!

Thank you,

Kevin

 

 

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Hi Kevin,

it took a while but finally I could make the scan with ESET. The onlinescanner didn't find anything but didn't make a logfile. Then I installed the scanner through firefox which made the logfile you'll find in the attachment. Thanks in advance for your reply.

Kornelis Jan

log.txt

Link to post
Share on other sites

  • 2 weeks later...

Hi Kevin,

as a matter of fact I don't know. I sent you a log file of  ESET lately. Perhaps you could see how the status is.

The reason that I came here is a multiple activity of com surrogate in the task manager together with high speed of the fan. Being a complete "non-nerd" I did some research on the internet and read that the cause could be malware. But the information was a bit to complicated. Therefore I asked you for help. Meanwhile I know that com surrogate is used by other programs. But I can't figure out if it's okay that com surrogate shows up a few times simultaneously in the taskbar.

Kornelis Jan 

Link to post
Share on other sites

Hi Kevin,

thanks for your answer where I might have been a bit unclear about what I would like to know. First I wanted to know if there is malware on my computer. The software you told me to use didn't find anything suspicious which means "so far so good". :-) 

However, Com Surrogate still shows up a few times simultaneously in the task manager and I would like to know if that is nothing to worry about or if it is an indication of possible presence of malware? If I see Com Surrogate listed 3, 4 times the cooler makes a lot of noise.

In short: could I still have malware on my laptop and if so, do you know another program that could find and eliminate it?

You can imagine I'd be luckier if, based on the information I gave, you could guarantee that my laptop is virus free.

Thanks for all your effort so far. Really appreciate.

Kornelis Jan

Link to post
Share on other sites

My system has Com Surrogate entries running, sometimes one sometims two or three, really depends what is happening... Check your entries as follows..

Open Taskmanager, then select Processes. Right click on first "Com Surrogate" entry then select "Open File Location" The file location will open and the file will be highlighted.

Right Click on the file and select "Properties" in the Properties window select "Digitals Signatures" make a note of that result. Repeat for each Com Surrogate entry...

 

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.