COM Surrogate Infection
Lately there have been reports of viruses that do not infect the file system except by dumping huge amounts of files in the %temp% directory. Follow these steps to remove the infection. Initial complaints from end users will be that the computer is so slow they cannot open anything.
- Find out if you have this particular infection by running
taskmgr.msc. Processes running will look like legitimate processes but will not be. Examples include: COM Surrogate, CTF Loader, Windows Picture Acquision Wizard, ect. (see screenshot below).
- After doing a bit of searching, I found that if you run ESET Poweliks Cleaner (found here), it will target this infection and remove it. You just need to reboot afterwards.