Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Where to begin? regsvr.exe multiple instances on resource monitor


  • Please log in to reply
9 replies to this topic

#1 ssmonty

ssmonty

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 23 June 2017 - 05:28 PM

I'm not pc savvy at all. Like to use Solidworks , Amazon and Youtube and tried War Thunder for a while. PCs getting very slow. Observing the Performance Monitor I see multiple instances of regsvr.exe running. I got to looking around and find many updates have failed to install over the years. I tried running sfc /scannow  and rebooting /restarting about 4x and still got "some files corrupted but was unable to correct some of them". I also ran DISM.exe /Online /Cleanup-Image /StartComponentCleanup today that was successfully completed. Then ran DISM....Restorehealth and got error 0x80240021 "DISM failed No operation performed".

 I have a Toshiba laptop with Winndows 8.1. Was originally 8.0 when purchased in 2013, but somehow got upgraded to 8.1? I have a copy of Solidworks that I can't replace and don't want to lose. I can work with it if I disconnect from the wifi, otherwise it seems to bogdown too much. Is there any way to reload or refresh or repair my system without losing Solidworks, or would I be better off just buying a new laptop and save this pc just for Solidworks projects. By the way, I'm just using Solidworks for home projects with no monetary gain. I might mention that I'm a veteran on social security, so funds are limited. Thank you very much for any and all replies!

ssmonty

PS Just installed Malwarebytes last week and found 2 files quarantined. Also uninstalled War Thunder over a week ago and that was when I started seeing things getting flakey if I'm not mistaken???

Tried to attach CBS log but got a reply that indicated "file too large"

Sorry if I didn't include all nessasary info. If anyone needs more just ask and I'll do my best to get it. 

Attached Files

  • Attached File  dism.log   424.06KB   1 downloads

Edited by ssmonty, 23 June 2017 - 05:32 PM.


BC AdBot (Login to Remove)

 


#2 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 23 June 2017 - 06:57 PM

Have you tried using System Restore to go back to a point before you uninstalled War Thunder?



#3 FreeBooter

FreeBooter

  • Members
  • 3,137 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Turkey - Adana
  • Local time:08:31 AM

Posted 24 June 2017 - 03:37 AM

The process known as Microsoft Corparation appears to belong to software Avast Free Antivirus by AVAST Software (www.avast.com).


2GvnEq2.gif


#4 ssmonty

ssmonty
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 24 June 2017 - 07:56 AM

 To jwoods301: No I haven't tried System Restore to a previous point. Don't know how or what parameters apply. I'll do some searching and reply later. I did try adding an external hard drive yesterday and saved a backup of personal data. I didn't know that was all the backup operation would perform before I bought the HD. I thought it would backup everything. I went ahead and saved all my solidworks stuff afterward. What do I have to do to save all my programs to the hard drive, or can I even do that without applicable disks, or should I even try?

 

To FreeBooter: I don't have a clue as to what you are referring to?

Thanks for the replies!

ssmonty


Edited by ssmonty, 24 June 2017 - 07:57 AM.


#5 ssmonty

ssmonty
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 24 June 2017 - 08:07 AM

Another question. Do I have to disable Windows Defender while using Malwarebytes premium? Sorry I didn't search this sooner. I'll do it now.



#6 FreeBooter

FreeBooter

  • Members
  • 3,137 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Turkey - Adana
  • Local time:08:31 AM

Posted 24 June 2017 - 09:19 AM

Do you have Avast Free Antivirus installed if yes then regsvr.exe executable file belongs to Avast Free Antivirus.

2GvnEq2.gif


#7 ssmonty

ssmonty
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 24 June 2017 - 11:23 AM

FreeBooter

I did have Avast installed but ran the uninstall program some time ago. I just saw something a few minutes ago about a special avg uninstall prog. on their site if I'm not mistaken. I'll try it shortly. Thank you very much!

jwoods301

I tried to run the System Restore and got the following reply:

"System Restore did not complete successfully

System Restore could not accesses a file. This is probably because antivirus program is running. Temporarily disable antivirus program and retry system Restore.

an unspecified error occurred during System Restore 0x80070005"

I opened Malwarebytes prog and it shows that these files are quarantined:

Rootkit.Fileless.MTGen  Registry Value

"            "                  ''          "         key

"            "                  "          "         file

"            "                  "          "         file

"            "                  "          "         file

I'm concerned about removing the files from quarantine. I also saw something recently about Malwarebytes putting required system files into quarantine by mistake???

I'm going to try to find the AVG ininstall download and run it and post results.

ssmonty

 

 

 



#8 ssmonty

ssmonty
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 24 June 2017 - 12:23 PM

I just lost my connection to Bleepingcomputer in the middle of typing a reply. Starting over.

I downloaded a removal program from AVG and ran it, and restarted the pc twice. Still have at least 2 instances of regsvr32.exe showing on the resource monitor. I opened Task Mgr and see 2 listings of Microsoft© Register Server (32... that seem to have the same properties? I tried to "end task" but it is still active? 

 I have another issue that may be related? I get a window at the bottom of the screen Showing" This webpage wants to run the following add-on: 'Adobe Flash Player' from 'Microsoft Windows Third Party Application Compon...'.

I've tried to install/update it at the Adobe website, but it shows that the latest version is installed and running properly???

ssmonty



#9 ssmonty

ssmonty
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 24 June 2017 - 02:16 PM

Well I fixed the Adobe Flash Player request window issue anyway. It was installed and operating except just on specific websites. Somehow a list of acceptable websites was generated that I have no recollection of doing. I didn't realize there even was such an option until moments ago. I enabled its use on all websites and so far so good.

ssmonty



#10 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 24 June 2017 - 02:22 PM

Some antivirus products will prevent System Restore from working properly.

 

The workaround is to boot into Safe Mode, and start the restore from there.

 

Then, boot into Safe Mode again to let the restore complete.

 

 

I do have a concern about Rootkit.Fileless.MTGen being found on your system.

 

https://blog.malwarebytes.com/detections/rootkit-fileless-mtgen/

 

I would suggest making no further changes to your system, and starting a thread in the Virus, Trojan, Spyware, and Malware Removal Logs forum

Please read the Preparation Guide before proceeding.

https://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/


Edited by jwoods301, 24 June 2017 - 02:27 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users