Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Does anyone know if there is a virus connected to com surrogate?


  • Please log in to reply
5 replies to this topic

#1 UnkownBmovieActress

UnkownBmovieActress

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Texas&Georgia
  • Local time:10:49 AM

Posted 12 November 2014 - 02:43 PM

Com Surrogate Moasuk.exe virus?

Hp G60 notebook Windows 7 home Premium 86
Intel pentium
Internet Explorer 10
Microsoft Security Essentails
Windows Defender is on machine, has never worked, cannot be turned on

Problem started yesterday, Nov 10, 2014, during Google image search.

Computer slowed to no response, alternately froze and lagged to point of unuseability.
Scores of standard as well as unrecognized processes (never before seen in at least five years of use on this computer) appeared in task manager. Multiple, unstoppable, uncloseable extra copies of Windows Explorer, Com Surrogate (30 or more copies, first time I have ever seen this process), and Internet Explorer. The applications tab in Task Manager shows these internet pages as "page cannot be shown" something "journal" "celebrity" something, and others. None show as tabs or windows on desktop or anywhere but in Task Manager, hidden, wherebouts unknown. If closed with "end process', they replace themselves immediately, often more than to begin with. As well as other never before seen processes and programs showing in taskbar processes tab, including but not complete:
Interacrtive service detection,
Com surrogate (30 copies) ,
CTF loader - many copies,
Google update installer (previously deleted)
And Especially*
Maosuk.exe, one copy appeared once only, not since.
pyepu.exe appears constantly, many copies, reopens multiples of itself each time I try to end process. Before that process appeared, there was something like afsiciz.exe*32, (went off too fast to copy) like 50 copies, which hasn't reappeared so far, seems to have been replaced by the puepu.exe.

All processes are fluctuating constantly and changing within seconds, using 100% CPU at all times. Right after reboot.

Almost all personalizations & settings changed after reboot.

I did a restore, seems to have changed some settings back, but no effect on any of the other problems. Did not delete or quarantine maosuk.exe, which looks like may be the source.

100% CPU at all times
No control of curser or anything else because of minutes long response time. Computer unusuable, currently shut down.

Located in c>owner>AppData>Roaming
Moasuk.exe Apparently within following folders

Folder: Kodazox:
Contains one file: pyepu.exe (orig name in properties details - maosuk.exe)

Folder: Lezyu:
Contains one file: etuwaz.exe (orig name in properties details - maosuk.exe)

Neither folders nor files can be deleted bcz multiples are open & cannot be closed and or are supposedly open in another unnamed program. If one is closed in Task Manager, multiples immediately pop up & replace the closed process, more than were there to begin with.

Have received multiple malware /spyware alerts, before,during, and since this started. All say problem has been contained. Microsoft Security Essentals finds malware on a scan, but then does nothing about it.
Additionally Security essentials is unable to scan the selected files individually. Error notice to that effect.
Virus & spyware definitions: connection was failing even tho full internet access. Now showing up to date, although I am not sure i trust this to actually be the case.

I have seen other posts on the Net that Microsoft, Macafee, Norton, and other antivirus and antimalware programs are not recognizing nor stopping this virus or whatever it is. Microsoft is claiming this is a Windows bug from an update and offering a fix that is not working for many.
Yesterday it appeared a number of websites that were attempting to discuss this were being masked or corrupted. Could be my imagination. There is precious little even reference to it out there.

Task Manager disabled or corrupted.
Error msg:
Failure to display security and shut down options:
The logon process was unable to display security and logon options when control+alt+delete was pressed. If the operating system does not respond, press ESC or restart the computer by using the power switch.

Edited by Queen-Evie, 12 November 2014 - 02:48 PM.
moved from Windows 7 to Am I Infected


BC AdBot (Login to Remove)

 


m

#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:49 AM

Posted 12 November 2014 - 07:32 PM

Welcome aboard p22002758.gif

 

Please download Powelikscleaner (by ESET) and save it to your Desktop.

1. Double-click on ESETPoweliksCleaner.exe to start the tool.

2. Read the terms of the End-user license agreement and click Agree.

3. The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.

newtool1_zpsa1caa06e.png

4. If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.

newtool2_zps0e6d39b1.png

The tool will produce a log in the same directory the tool was run from.

Please copy and paste the log in your next reply.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 UnkownBmovieActress

UnkownBmovieActress
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Texas&Georgia
  • Local time:10:49 AM

Posted 14 November 2014 - 09:57 AM

Welcome aboard p22002758.gif
 
Please download Powelikscleaner (by ESET) and save it to your Desktop.

1. Double-click on ESETPoweliksCleaner.exe to start the tool.

2. Read the terms of the End-user license agreement and click Agree.

3. The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.

newtool1_zpsa1caa06e.png

4. If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.

newtool2_zps0e6d39b1.png

The tool will produce a log in the same directory the tool was run from.

Please copy and paste the log in your next reply.



#4 UnkownBmovieActress

UnkownBmovieActress
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Texas&Georgia
  • Local time:10:49 AM

Posted 14 November 2014 - 10:09 AM

Hello and thank you very much for your advice. In the time before I received your message, i was directed to Proboards, who had me download and run Farbar Recovery Scan Tool, which is also from Bleeping Computer. So that program completed a scan, but when I have tried to post the results in a reply to Proboards, as I was advised to, their security service blocks me from the site altogether. So I'm still trying to carry through with this tool. If not able to I will terminate that process and try the one you reccomend, start over I guess. Thanks so much again and I may be back.

#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:49 AM

Posted 14 November 2014 - 11:20 AM

I'm not sure what you're doing.

You were supposed to download and run Powelikscleaner


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 UnkownBmovieActress

UnkownBmovieActress
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Texas&Georgia
  • Local time:10:49 AM

Posted 14 November 2014 - 12:18 PM

Hi, sorry I'm not explaining too well. Before you answered I had started working with qmalwareremoval.freeforums.net.? Aka ProBoard? I got there from Bleeping Computer somehow.
They downloaded a different removal tool from Bleeping Computer to my system, with strict instructions to follow that through until finished.
I was trying to apologise that I am not able to download the one you reccomended at this point, and to thank you for answering. If the one working now is not successful I will delete it and try the one here? Seems No one wants you to have tried any other removal tools before theirs though, so not sure what I will be allowed to do in event this one (Farbar Recovery Tool) doesn't work. Will let you know, but thank you again so much for your advice. Really appreciate it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users