COM Surrogate Infection
Description:
Lately there have been reports of viruses that do not infect the file system except by dumping huge amounts of files in the %temp% directory. Follow these steps to remove the infection. Initial complaints from end users will be that the computer is so slow they cannot open anything.
To Resolve:
- Find out if you have this particular infection by running
taskmgr.msc
. Processes running will look like legitimate processes but will not be. Examples include: COM Surrogate, CTF Loader, Windows Picture Acquision Wizard, etc. (see screenshot below).
- After doing a bit of searching, I found that if you run ESET Poweliks Cleaner (found here), it will target this infection and remove it. You just need to reboot afterwards.
Comments