Ok, so I have my father set up on his Windows 10 PC as a non-admin user with UAC settings set on max. This was intentional. He's about as technologically inclined as a toaster.
Today, his computer started getting a UAC prompt for regsvr. It is trying to run:
regsvr.exe /s "C:\Users\[user]\AppData\LocalLow\{9ABBBE90-D314-493B-A298-B3D91AF855D3}\browser.dll"
This UAC prompt appears about every 2 minutes. I've checked background processes and servers for something that seems amiss, but I haven't found anything that jumps out at me.
I'm afraid it's something malicious. I'm downloading an antivirus suite from work right now, but is there any way I can interpret that GUID to see what exactly is trying to be registered? Or where this call for regsvr is being called from? I've tried typing the path of the dll in explorer and it doesn't take me anywhere.