Jump to content

com surrogate in Bonjour


Marnie

Recommended Posts

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Your Addition.txt log is clean.
What I need to look at is the FRST.TXT log that was created by the Farbar program.

Please post it for my review.

p.s.
If you have more information of this error please let me know.

Link to post
Share on other sites

Thank you for your help. My spouse allowed ms computers into our computer to "fix it".  We isolated that computer that they infected and are tossing it. We Purchased a new one. Hooked it up to the old router and modem. Then we were told they could infect our new computer via the IP address. So we purchased new router and modem and factory reset the new computer. They tried to get into our financial account. So absolutely paranoid and double checking everything. File is attached.

On a different note, I replaced my android phone as it was losing 1% battery per minute even when plugged in and many calls had echos which I read was possible they got into my phone via wifi connection and were listening in. Wondering if they could also get into my laptop via wifi and if that needs to be rebuilt? Again, probably I am paranoid and really appreciate your help to calm my nerves. 

FRST.txt

Link to post
Share on other sites

Hi.

Your logs are clean.

Wondering if they could also get into my laptop via wifi and if that needs to be rebuilt?

If you Sync Edge there could be some Syncing issues.

https://www.tenforums.com/tutorials/36286-turn-off-sync-favorites-reading-list-microsoft-edge.html
===

Do you have any issues with this computer?
Explain.

Link to post
Share on other sites

Thank you so much. That is good news on our desktop. Edge was off on our desktop. On on my laptop and is now off. Since the attack I have not used the laptop much. Only hooked occasional to Guest access on the router so not sure.  I did notice the com surrogate running in processes. So, Yesterday I ran Malwares and did not detect anything. Noticed that adwCleaner all settings were turned off. (hmmmm) Turned them on and found the attached file named yesterday that is attached. Re-ran malwares and adwCleaner  today and also ran Farbar. All reports attached for you. Network discovery is now turned off for some reason, so will be working on that. Suspect I did that when I did the adwcleaner repair. Seriously,  thank you for your help!

AdwCleaner[C01] today.txt

malwares today file.txt

AdwCleaner[S00] yesterday report.txt

FRST.txt

Addition.txt

Link to post
Share on other sites

Hi,

Unless you need this you can delete it. Your call.
Remove it via the Control Panel > Programs > Programs and Features.
Amazon 1Button App (HKLM-x32\...\{4D875057-4353-4B8F-93E5-8C3DC7F34EA9}) (Version: 1.0.8 - Amazon) <==== ATTENTION

---

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.