A co-worker has entrusted me to clean his PC, because he said it was running slow. I figured it was just bloatware or needed a dusting, but it seems it's infected with something. He said he uses it for browsing, shopping and it's just an old HP desktop. It's not really dirty and the temps aren't bad. So I looked into resource monitor and saw multiple instances of regsvr32.exe and under networking it was connecting to all sorts of amazon servers. I unhooked it from my network and the CPU activity returned to normal. After researching I find regsvr32.exe is a MS script to service applications, I guess, and it could be anything. So I started searching and stumbled on this forum. Hope someone can help out. I took FRST logs as requested.
Attached Files
Edited by dyermaker504, 28 November 2017 - 01:39 AM.