Alexander: Unexplained PC activity is probably malware

December 12, 2017 at 10:27PM
Security researchers Eric Chien, left, and Vikram Thakur at Symantec, where Chien has been tracking ransomware schemes, in Culver City, Calif., Nov. 21, 2012. Ransomware -- when a virus freezes a user's computer and criminals demand money to unlock it -- has become a lucrative online scheme.
Security researchers Eric Chien, left, and Vikram Thakur at Symantec, where Chien has been tracking ransomware schemes, in Culver City, Calif., Nov. 21, 2012. Ransomware -- when a virus freezes a user's computer and criminals demand money to unlock it -- has become a lucrative online scheme. (New York Times/The Minnesota Star Tribune)

Q: After my Windows 7 PC has been running for a while, the Windows Task Manager shows as many as 17 "regsvr32.exe" processes running at once. They keep using more and more of the processor chip's capacity until the speed of the PC slows to a crawl. If I cancel these processes, or restart the PC, all is well for a while, then the processes start running again. I have antivirus software, but it hasn't detected anything. What's wrong?

Ed Lavallee, Manchester, N.H.

A: The "regsvr32.exe" file is a legitimate part of Windows that gives programs access to the PC. But it's often misused to install malware.

Excessive "regsvr32.exe" activity that doesn't trigger an error message suggests that your PC is infected. Why haven't you been able to detect malware on the PC? A virus sometime conceals itself as a normal regsvr32.exe file; your security software may simply have missed it (no antivirus program catches everything.)

To rid your PC of malware, try running System Restore to return your PC settings to an earlier date, called a "restore point." If you choose a restore point before the infection occurred, it will effectively eliminate any malware installed on your PC since that time. (To run System Restore, see the Windows 7 section at tinyurl.com/kxanto5).

But that might not be enough to prevent infections from reoccurring, because the malware installation files you inadvertently downloaded may still be present on the PC's hard disk. To clean these files from the PC, run the free version of the Malwarebytes security program (see tinyurl.com/jsdacdk). It's also a good idea to run the free versions of PC cleanup programs such as CCleaner (tinyurl.com/okyvdo7) or AdwCleaner (tinyurl.com/huoodp2).

If that doesn't solve the problem, your PC may suffer from a software flaw, a conflict between two programs or the accidental deletion of a Windows file (see tinyurl.com/y7s7hxxc).

More on the Windows 10 upgrade issue: Last month I suggested that Francis Larriviere of Opelousas, La., buy a new PC. It appeared that his HP PC could no longer be updated to newer versions of Windows 10, and the version he had was no longer receiving security updates from Microsoft (see tinyurl.com/yc7m5ekn).

But William Miller of Hamilton, New Zealand, said Larriviere's PC should be upgradeable, even though it's not listed among the HP PCs that can run newer versions of Windows 10.

He believes that any PC that ran an early version of the operating system should be upgradeable to the latest one if the owner uses the "Windows 10 Update Assistant" (download it at tinyurl.com/mommev8) instead of the built-in Windows Update. It seems worth a try.

Q: My Microsoft Surface tablet computer using Windows RT 8.1 won't download any updates. What can I do?

Roger Kern, Glenwood, Minn.

A: Your tablet computer needs a manual update so that it can automatically update itself in the future (see tinyurl.com/ychyn2uz). Other readers, note that this fix works only for Surface computers introduced before 2014; later models didn't use Windows RT.

E-mail tech questions to steve.j.alexander@gmail.com. Include name, city and telephone number.

about the writer

Steve Alexander

Columnist/Reporter

See More

More from Business

Bruce Bisping/Star Tribune. Minneapolis, MN., Friday, 4/1/2005. For years supermarkets have touted fresh produce as a way to counter the traditional price advantage of Wal-mart. One only has to look at the success of Whole Foods Market to see what fresh produce has done for a company's image and bottom line. Recognizing this trend, Supervalu is launching a stand-alone company to focus exclusively on produce which will get fresh produce to Cub stores more quickly. . But Wal-Mart is looking to blu

The supermarket joins a host of other retailers approved to accept the food assistance payments for online orders.

card image
card image