Windows 10 Background Processes

Nezkeys79

Member
Joined
May 13, 2016
Messages
59
Hi guys. I was wondering if anyone could explain something weird I found today. I went to my recycle bin and found some files in there that while I have no idea what they are for, I have a feeling they are not supposed to be there. I'm using windows 10 64 bit btw. These are the files in there...

isa.dll
Microsoft.win32.TaskScheduler.dll
wbsvc (WebBarService)
wbsvc.exe.config
Unins000 (WeBarService)
 
Solution
Hi again,
Looks like these 2 highlighted in RED, are toolbar spyware viruses.

isa.dll
Microsoft.win32.TaskScheduler.dll
wbsvc (WebBarService)
wbsvc.exe.config
Unins000 (WeBarService)

Rescan with your existing AV virus scanner, and then download the free MALWAREBYTES from Malwarebytes.org and scan/disinfect any more found spyware viruses and retest your computer.

I would leave those alone until after you run your AV scans and MALWAREBYTES. Power-cycle your computer and then login to Windows again and see if the remaining 3 files are still in your Recycle bin. If they are, you can probably delete them now, as they are legitimate Windows processes being spawned by spyware viruses to further...

Thank you.
 
Like I said earlier they started out as two separate topics and just eventually became about the same thing. hodlum333 though just kept posting "other forums would wave the ban hammer for this" "I'm surprised the admins haven't noticed it we should report it" without actually trying to help me at all. Funnily enough everyone else who commented on the posts just tried to offer advice. Funny that. Eventually Hodlum offered a little bit of help (which was just an entire copy paste from the first google serach online) when I told them they weren't helping before that and just trying to cause trouble, but then after a few days when someone new replied on the other thread they started again trying to mini-mod and create drama.

Also when I used the F word it was a quote of something someone else said in referring to anti malware programs. Here is what I actually said...
"On the one hand I think...if the laptops registry is f..... up...how is it gonna be able to detect it, but on the other hand I think...do AV software programs just post fake errors scaremongering you into clicking "fix" and when you do it f..... something up, or deletes something you actually need." From that comment they said "I will respectfully bow out now your language needs to be cleaned up we are only trying to help. Be careful how you respond". < Again up until that point they had done absolutely nothing to help with my problems.

So basically the context in which I used the F word was not because I lost my temper and swore at them in a fit of rage so again hoodlum saying "i was just trying to help but he used the f bomb word so I respectfully bowed out" is pathetic and just further exacerbates my point that I know what hodlum333 was doing, and that none of it was helpful in the slightest.

Moving forward...if the best solution is to merge the threads then that's fine. Anyway...those files are no longer in my recycle bin, and I've had several people confirm that the background processes running are all normal. The only one that is there now that people have said is potentially suspicious is COM Surrogate. I don't get any errors pertaining to this though and apart from the occasional "Network Attack: Port Scan", or browser redirect which Bullguard AV blocks everything else on the malware/virus side of things appears to be in control. The main issues I am experiencing at the moment are motion blur graphical issues and application crashes (playonline viewer) in Final Fantasy XI and I'm not sure if this is the result of broken or damage registries. Juse because my computer appears to be virus free now doesn't mean any damage was already done to it is what I'm basically saying. Things just don't seem right. For example Microsoft Spotlight (the thing that posts pictures to you on startup) is on...but doesn't send any new pictures to me anymore.
 
Last edited by a moderator:
well guys moving forward I decided I want to try a fresh install of windows 10. In spite of not being sure what I needed to backup, or download pre-installation drivers wise I went ahead and used that recovery media tool. I uninstalled Bullguard and made sure I was on the admin account. It failed 3 times now and I get the same error message....

Attempted_Execute_of_No_Execute_Memory

I googled this and found a 2 step "fix". First step was perform a memory scan using . The scan came back clean. The second step was to locate out of date/faulty drivers. I used DriverDoc to run a scan and then wrote down the drivers. At this point it found 12 out of drivers that were "ancient" status lol but directed me to a payment screen to fix them. This made me really sceptical so I backed out and went back to my pc and looked for those hardware. Low and behold I found 12 of the 12 and they were all out of date so I let window update the drivers then rebooted.

Anyway, long story short I tried the windows 10 repair install again using the recovery tool method AND the iso>dvd drive method and both times they failed with the same error.

1) how do I fix this error?
2) If I choose remove everything does it actually remove EVERYTHING like the apps that came with the laptop on the day I bought it? or just the ones I've installed? What particular files and settings would I miss once deleted/hence need to be backed up? Is it an easy process to just get things back after the re install?
 
Last edited:
Attempted_Execute_of_No_Execute_Memory
If your getting blue screens then create a new thread in the bsod section. This sticky will advise you on what data we need to see and how to collect it:
How to ask for help with a BSOD problem

Also laptop drivers apart from some gpu drivers are supplied by the manufacturer. Applications like the one you tried to use are a big no no as they invariably get it wrong. Even Windows update is frowned on by many of us for similar reasons but don't get started on that one..
Usually it's quite easy to find ones support page by Googling the manufacturer and looking under support for your model.
 
Last edited:
Your sentence about memory scan was incomplete. Can you tell us did you use Windows Memory scan or other third party scanner?
If you used the windows scan I would discount that and run memtest86 instead:
www.memtest.org
 
well I did some more research and saw something about the wifi wireless adapter messing with the install so I disabled that and tried again selecting the keep apps, files, and personal settings option. It worked this time no hitches so would appear you do in fact need to disable your wifi adapter. It may not work for everyone but it certainly did for me.

Anyway I did a scan with windows defender when I was back on windows and it came back no threats. Gonna try a fresh install of the game I was playing to see if it's fixed the issues I was getting with that. Who knows maybe those 12 hardware devices that had out of date drivers were the reason for those issues.

Well I guess I am kind of on a new start. I wanted to do remove everything just in case I was keeping anything infected on the computer but I was too scared to do it...but hey ho will see how this goes for a while. If problems come back I'll consider the remove everything option. I'll be extra vigilant this time around in checking what I am clicking for in downloads and not installing web bars for example, and I have made a vow to never visit a single porn related site ever again. I already junk/block any suspicious emails so I should be ok now in terms of viruses/malware. I do have a file in background processes called COM surrogate which I remember reading about was a threat but if its still there after a clean install of windows 10 I assume it's something to do with windows 10. It doesn't appear to be doing anything dangerous though
 
Last edited:

I've been seeing a lot of scaremongering going on and it's worked with me because I was too scared to do "remove everything", and now I'm paranoid everytime I go to the internet but I heard someone say yesterday in a game I play "Windows 10 is a virus you think I'm joking" which is taking it a bit far lol.
 
well in task manager at the moment I have two COM surrogate and both are in background processes, and neither are in the windows processes just general background processes. One of them can be expanded to COM+System Application. The other one is a single process tree.

Tbh I'm sick of spending hours and days removing this cancerous scum only for more to pop up when you visit their sites, and it just leads you to a spiral of downloading more and more stuff again. The people who do this are oxygen stealing cretins imo. I'm actually too scared now to go down the path of using anti malware programs again because they seem to just post fake threats, sometimes quarantining/removing stuff that's harmless or even worse stuff that you actually need, then infect your computer with more threats. At one point I had like 6 of these programs on my laptop all coming back "your pc has no threats" from their scans, and I was still getting browser redirects and annoying popups that are outside of what adblock blocks. So if they aren't detecting threats they are useless and memory hogging. I'm just going to use Windows Defender on it's own for a while and see how I go.

Anyway whatever these two COM surrogate processes are they don't appear to be doing anything malicious. Before I did this clean install there was only one there btw. Odd thing is they are both in the exact same folder "This Pc/OS:C/Windows/System 32" as dllhost32.exe
 
Last edited:
Very interesting thread here. One thing I agree with here is to get rid of the Bullguard AV; which I am not familiar with and I've done a lot of work with AVs since 1980 and beta test many of the well know products. I'm not familiar with these guys, and that doesn't mean they are bad, just that they don't show up on any of the independent AV testing companies' annual Best AV products reviews. period. That's not a good sign, as no one reliable has tested that product. When new AV companies launch products they usually attempt to get reviewed in e-zines that are computer related such as PC World, PC Magazine, CNET, etc. They also attempt to get in the door in the corporate business world. To my knowledge this product has not been adopted by any of the Fortune500 companies; and I'm pretty familiar with all the products they run. Another bad sign IMO.

You might also consider that we see a lot of these so-called fantastic AV products that get shipped with new computers (mostly laptops) by the manufacturer since the manufacturer gets paid by the AV company to include their product free or trialware with their computers to the public to get it out there so to speak. In my experience, these products are not yet mature, they misbehave frequently, and can do serious damage to your laptop including damaging the hardware as you suspect. They also contain much spyware, which often is a lowly collusion between the AV maker, the computer manufacturer, and questionable marketing companies on the Internet *which abound you know*.

Speaking only for myself, I NEVER use or recommend any AV products unless I have thoroughly tested them out on my own personal home network and computers, and then slowly deploy them into my Business customer's being very careful there, as you can imagine if you pick a product that scrambles even 1 computer or their entire network of hundreds or thousands of computers, you certainly will not ever be asked back, not to mention possible litigation from the Customer for their downtime, cost of lost sales revenue, etc. etc.

You got some good advice from some of the Team here about doing an in-place upgrade repair or a Windows reset, and then just running only Windows Defender, which a lot of the guys run here and swear by; but it doesn't protect me or my Customers very well so I use other well-known and tested products such as Malwarebytes and TrendMicro to augment the WD.

It's also possible you've gotten a lemon computer, and that happens occasionally. If you've had it less than 1 yr. or you have an extended warranty up to 5 yrs. taking it back to your place of purchase would be a prudent decision. I'd recommend you get another brand of computer if the shop you got it from is offering you an exchange or a refund such as a Store Credit. We didn't hear back from you on the result of your test with an external monitor or a TV with HDMI or VGA port, so can't comment on that part. Generally, that's a fairly conclusive test.

Just some thoughts for you to consider.
Best of luck and let us know how it goes.
<<<BIGBEARJEDI>>>
 

Yeah it's just such an easy way to get your adware/malware/phishing scam whatever if you are one of these oxygen stealing cretins by just duping people into downloading malware removal programs promising their computer will be fixed when that usually doesn't happen, at least not in my experience.

In defence of Bullguard what I will say is that it was the only program I used that actually stopped threats as they were happening and blocked/quarantined them before they could do anything. All those other programs did was attempt to remove threats that had made their way on to your pc. Bullguard stops them before that happens. To be honest I am thinking of re installing it and then when the 90 days is up re paying for it. Compared to every other program I tried it was better. Tbh when bullguard detected 500 broken registry keys I actually think that was true I think many other viruses had worked their way into my system via all the shitty malware removal tools. When you install a malware removal tool like avira or spyhunter...and you can't uninstall it you know something isn't right

Regarding the testing of an external monitor...I hooked up my sanyo 32inch flat tv via hdmi...and all it did was project a worsened image of the laptop. I even tried "use only display 2" and it still displayed it really bad. This tv is not extremely modern but still HD ready so no idea where the blur was coming from
 
Bullguard has acceptable numbers at the VB 100 BBJ, but like you I have no experience with it and it also shows a bit of system drag as well so I am not as worried about it as you are. I think I ran a test of that product a few years ago with Centercode and I found it rather effective as I remember but I didn't adopt it at that time because of the system drag I saw.
 
Last edited:
Hi! The thing that bothers me is the OP said it found 500 broken registry keys. That would keep it off my PC.
My friend @BIGBEARJEDI has been around a long time,so I would take his advise and ditch Bullguard. Those all my thoughts!
Don't mess with my registry!! I think most members here would agree about programs that claim to clean the registry are snake oil programs and best to stay away from!
 

Well I'm not gonna deny that it does slow the system down a bit, and there are a lot of processes going on in task manager simultaneously but it gets the job done and blocks everything before it can do anything. None of those other programs I've tried did that. The only thing with bullguard that I didn't like is it told me 500 registry keys were broken and then had a link next to it saying remove. I couldn't see any way to view those files after hours of going through each menu so eventually assumed when I clicked on remove it would show me what was there to chose what to remove...to my horror it just started saying removing registry keys and within like 15 seconds they were gone. If they were indeed all broken then I guess there was no loss but it made me paranoid that there was something in there I would need. Weirdly a few days later I tried to open up the Final Fantasy XI Config Tool which I had used the previous day...and it woudnt let me...I went to the file directory and it was gone. Pretty sure it was deleted in that process. Mind you the config tool was doing strange things anyway...like resetting values id changed to default when I launched the game...so maybe it was broken and useless after all
 
Anyways on a brighter note...the fonts in playonline viewer are back to normal again Only time will tell if the game itself is back to normal. If not then my next process of thought will be all my troubles all along were compatibility/driver issues (running win10+dx12 on a game that uses dx8.1 and apparently more compatible in windows xp vista 7 or 8.1 for example), or possibly a faulty monitor or GPU as some have suggested but I ak kind if unwilling to accept that on two grounds...a) my refurbished laptop was only bought 1 month ago, b) it plays witcher 3, Skyrim, and GTA V on 1920x1280 max settings with no lag and they all look beautiful.

At the moment Im waiting for FFXI to update and its saying 6 hours lol. Trust me thats pretty fast for 13 years of updates because some people have to wait like 16-21 hours for these updates I've heard lol. Im on fibre broadband too (30-40download 10upload) which isnt exactly slow per say.
 
Last edited: