Windows 10 Background Processes

Nezkeys79

Member
Joined
May 13, 2016
Messages
59
Hi guys. I was wondering if anyone could explain something weird I found today. I went to my recycle bin and found some files in there that while I have no idea what they are for, I have a feeling they are not supposed to be there. I'm using windows 10 64 bit btw. These are the files in there...

isa.dll
Microsoft.win32.TaskScheduler.dll
wbsvc (WebBarService)
wbsvc.exe.config
Unins000 (WeBarService)
 


Solution
Hi again,
Looks like these 2 highlighted in RED, are toolbar spyware viruses.

isa.dll
Microsoft.win32.TaskScheduler.dll
wbsvc (WebBarService)
wbsvc.exe.config
Unins000 (WeBarService)

Rescan with your existing AV virus scanner, and then download the free MALWAREBYTES from Malwarebytes.org and scan/disinfect any more found spyware viruses and retest your computer.

I would leave those alone until after you run your AV scans and MALWAREBYTES. Power-cycle your computer and then login to Windows again and see if the remaining 3 files are still in your Recycle bin. If they are, you can probably delete them now, as they are legitimate Windows processes being spawned by spyware viruses to further...
I seem to remember your Bullguard is a suite and I never recommend those things however perhaps just the Antivirus is what I saw reviewed on VB 100 and that was really all I could ever recommend. 500 registry errors sounds like a reg cleaner in the suite and as Gary suggests we always suggest a walk away from those. The firewalls are unnecessary and the spam cleaners are worse than useless usually.
 


whats a suite? its just called Bullguard Internet Security and It came with a free 90 day licence when the laptop came. it has Virus Protection, Firewall, spamfilter, safe browser, vulnerability scanner, malware removal tools. I guess it also has a reg cleaner in there too but that's not advertised on the leaflet I got. And from my own experience the firewall was actually necessary because it stopped browser redirects and blocked the site, and also blocked something called "network attack: port scan" a few times whatever that is
 


Internet Security is a suite. It simply means there are more tools in there other than simply Antivirus.
 


Bullguard has acceptable numbers at the VB 100 BBJ, but like you I have no experience with it and it also shows a bit of system drag as well so I am not as worried about it as you are. I think I ran a test of that product a few years ago with Centercode and I found it rather effective as I remember but I didn't adopt it at that time because of the system drag I saw.
>>>
>>>Rich; interesting. I'm not familiar with the VB 100; it's a UK publication, so I don't know anyone using here it in the US; we have several other pubs I reference. I'll try and look up some I use for you. However, it appears to have a solid "street cred" since it was founded and is operated by the guys who do Sophos; and I have heard of them!:) Being from the IT world, I generally don't put much stock in these startup companies if they can't get adopted by the Fortune500.:ohno: As the testing you mentioned showed, it's an average product or maybe a little below average. It might be useful in the Academic or Non-Profit areas, but not F500! If I run across one of my AV testing articles, I'll take a look and see if they show up there and post the link back here. I think I already mentioned that if no IT department adopted this product, then I am certainly not interested!:noway: And based on what 1 person says; I'm not going to change over everything I've been doing on my security loads on my computers or client's computers <no offense, Nezkeys79>. If it works for him, that's great.:) Thanks for the post.<<<
<<<
EDIT: Rich, I found one of the places I use. It's called AV-TEST, and they are based in Madgeburg, Germany. Here's the link to their home page: AV-TEST – The Independent IT-Security Institute
Also, I found their Oct.2016 Top Twenty AV company products reviewed; the last one I had was in 2014; but I lost that link. Here's that link for you: Link Removed
***Click on the HOME USER large button, then click on OCTOBER 2016 for results list!** Interesting to note that they have constructed their list for all Windows platforms from XP - W10. You can click on each platform for their testing results list. Very nice!;)
What's interesting, is that BULLGUARD does show up on this annual testing review! Possibly they've been getting adopted by more companies in Europe than in the U.S. In the 2014 Review I have from Lifehacker; they weren't on the map. Here's that link: http://lifehacker.com/10-malware-re...rce=lifehacker_facebook&utm_medium=socialflow
Perhaps this product deserves a 2nd look--our OP will appreciate this, I think.;) To be fair, new AV products don't impress me much, and they have to work really hard to do so. I think for those of our forum users with interest in this area of study may comment further--if they've read this far in the post. I hope they do. It's actually quite a fascinating area:nerdie:.
There are also some U.S. based companies, both for-profit, and non-profit based who perform similar studies to AV-TEST. I will continue to look for them and post back for you if you're interested...
I believe the leader in the for-profit area is SYMANTEC-NORTON. Since you also do AV testing, you might have a look at this excellent community forum site of theirs for IT folks: Forums | Symantec Connect
I haven't been on this for several years now; but it's an excellent research resource, and it would be interesting to see what we would get if we posted inquiries about the effectiveness on the BULLGUARD product there in the IT world, don't you agree? Anyway, you might take a look when you get a minute. Ok, I'll shut up now. Thanks for listening!:silence:
<<<

<<<BBJ>>>
 


Last edited:
whats a suite? its just called Bullguard Internet Security and It came with a free 90 day licence when the laptop came. it has Virus Protection, Firewall, spamfilter, safe browser, vulnerability scanner, malware removal tools. I guess it also has a reg cleaner in there too but that's not advertised on the leaflet I got. And from my own experience the firewall was actually necessary because it stopped browser redirects and blocked the site, and also blocked something called "network attack: port scan" a few times whatever that is
>>>Bullguard certainly isn't the only product to Block threats before they get into your PC; almost all of the Top 5 selling Internet Security suites do this; some better than others. However, some of them have a very big "silicon footprint", and that means in lay terms they can be resource hogs. Home Users and Gamers such as yourself often detest these and remove them, exposing them to much worse threats than they might have had otherwise.:rolleyes: As Rich and a couple of the other guys here do, I run a different paradigm than most home users do. And that's one of my little hobbies; I collect Viruses!:eek: I intentionally go to questionable sites, and try to get my machines infected, and I do this for a couple of reasons. Learning how the viruses attack, and how to detect and remove them is my bread and butter;). A lot of my repair business comes from fixing what these virus hackers spend hours upon hours creating. I am also one of the people that actually reports and sends quarantined viruses to the major AV companies so that they can study them in order to create antidotes. Lots of people complain about viruses on the Internet, but few are actually doing anything about it.:zoned: I've been playing with viruses since 1980, and I even have been hired to deploy them into Company's networks to infect them and detect holes in their security defenses and then provide remedies to them. Just some fyi. Most of the large AV makers are also in a community which provides reporting tools both in their products and on their websites (Avast, Symantec-Norton, Intel-McAfee). Since it seems you've spent a fair amount of time investigating your particular problem, if you've gotten anywhere with identifying the viruses or bad websites involved in your PORT-SCAN attacks, it would be good if you could report them to the AV makers as I do.<<<
Best of luck,

<<<BBJ>>>
 


>>>
>>>Rich; interesting. I'm not familiar with the VB 100; it's a UK publication, so I don't know anyone using here it in the US; we have several other pubs I reference. I'll try and look up some I use for you. However, it appears to have a solid "street cred" since it was founded and is operated by the guys who do Sophos; and I have heard of them!:) Being from the IT world, I generally don't put much stock in these startup companies if they can't get adopted by the Fortune500.:ohno: As the testing you mentioned showed, it's an average product or maybe a little below average. It might be useful in the Academic or Non-Profit areas, but not F500! If I run across one of my AV testing articles, I'll take a look and see if they show up there and post the link back here. I think I already mentioned that if no IT department adopted this product, then I am certainly not interested!:noway: And based on what 1 person says; I'm not going to change over everything I've been doing on my security loads on my computers or client's computers <no offense, Nezkeys79>. If it works for him, that's great.:) Thanks for the post.<<<
<<<

<<<BBJ>>>

BBJ VB100 always was the standard in the industry for antivirus testing and I have been a member for many years. You are right it was founded by Sophos I always was a little cautious in accepting their results but again they are well accepted by Malware Professionals. I get so mad when I see the "PC Matic" ads on TV claiming to have the highest ratings from "the Professionals at VB100" because it is a blatant lie, they are not even listed and I do not understand how on national tv now for several years they get away with that. I know nothing about Bullguard as I said other than I believe I tested it a few years ago for Centercode and it passes at least the VB 100 tests but again that is the Antivirus not the Internet Security Suite so I would not recommend this product or any Internet Security Suite for that matter.
I have been a long time proponent of Nod32 and it has always puzzled me why my tests of Nod32 Antivirus and the Eset Smart Suite test as if they are completely unrelated products, the Smart Suite being nearly useless fighting Malware in my experience.
I
 


Interesting for sure. How can we spend so many years in a field of study (Malware) and not know all the players?? I think I may have seen one of those TV ads you mentioned too. It's certainly interesting that none of the big boys advertise on TV--they don't have to. The IT industry has their own standards. I guess if you look at the products that are bundled with computers on QVC or HSN; it's all over the map for consumer user products. One time, and you'll find this interesting, I saw an actual Rep from Symantec-Norton show up on one of these 1/2 hour segments selling Dell or HP computers on HSN; they now have a special programming segment to reach potential consumers looking at buying their next PC from a TV ad. The information was very condensed, but accurate, and they only gave the S-N guy about 90 sec. for his pitch. That's hard to cover an area like AV security-malware in 90 sec.! And on National TV to boot! Job well done. But, now the other guys are creeping in and are paying big bucks (probably like Bullguard) to get their products bundled with Dell, HP, Toshiba, etc. and even more to get TV infomercial coverage!
Separate topic here (hopefully Admins will move this soon!); I tried Nod32 a few times with very mixed results. It failed horribly on testing we did on corporate networks 15 years ago, and I haven't done much with it until I was at TSF. I actually used it to fix a virus that was on a Client computer that none of my other products I normally use was able to detect much less remove. That impressed me. After that though, on further testing, it did not do well and caused severe infections and windows corruption to the point that a Windows reset was required. Since then, I don't feel confident enough in it to deploy it to my home users (mostly Seniors) nor my Business customers. I think you will recall that I have devised a 5-layer anti-malware load on my computers which uses products from 3 companies: (1) Avast, (2) MBAM, and (3) TrendMicro. This particular load profile works good for me in a rural area I now live in where the computer illiteracy rate is quite high. I currently have a 99% non-return rate from Customer computers with this load profile. Yes, I experiment with other products such as Nod32, but I haven't been able to improve what I'm already using. Of course that could change as the threats landscape changes, and I'm now seeing a lot more "scareware" spyware viruses getting through my current load profile than before. So, I'm always looking at other products possibly as background or on-demand scanners such as MBAM, to perform prevention/detection/removal.
K. C U L8R!;)
<<<BBJ>>>
 


Actually I am repping Emsisoft AntiMalware (Antivirus and AntiMalware) and now that I have been around a year I suddenly realized I have yet to have a single computer infected with that on it. This is the first time in 15 years I can say that so I am impressed.

Eset has always had a business product so don't blame Nod32 for not working across a network BBJ and it is one of the best in the business and business network environment requires a totally different product. In all my years I have never heard of Nod32 pummeling a computer as you describe but I suppose anything is possible. My original client mixture had Nod32 coupled with Malwarebytes Pro and in most cases the Nod32 had the best response time seen on Malware. I always thought it was known for its heuristics that was the best defense "at the gate".
 


Well since the fresh repair install ive had no problems at all and only using windows defender now. Microsoft spotlight has decided to start working again too. To be honest apart from the asus pop up thing (which wasnt my fault really) on the first day i did download teamspeak3 (gaming comms program) but didnt pay attention to the bundles coming with it and thats how yahoo toolbar got in changed my default browser. That was when i started using the malware removal tools and things just went from bad to worse after that.

I was also visiting chaturbate on a regular basis which probably didn't help as I suppose its classed as a porn site really (if you dont know what it is its a cam site where you tip the cam users to do various things).

Anyway i learned my lesson with paying more attention to what was being clicked now and dont visit any dodgy sites anymore i just play my games now and use my old shitty xp laptop for everything else.
 


Nice job Nezkeys79!

A really good anti malware app which runs alongside Defender perfectly is Malwarebytes. You can either use the free version or pay the nominal fee for the Pro. Personally I use Defender coupled with Malwarebytes Pro (as well as safe surfing practices) and it works extremely well..
Malwarebytes Anti-Malware Premium
 


Thanks for your update my friend. I'm really glad you got it all sorted out. If you don't want a ticket, don't click it. Hey @kemical I like your choices. I use the same ones.# one best practice is "Use safe surfing habits YEA"
Safe surfing my friend.
 


I always used and recommended Mbam Pro and WD or MSE until recently when I am seeing way too many pc's heavily infected running Mbam and that is one of the reasons I stopped representing them. I think it is slipping badly.
 


Pretty sure MBAM relies entirely on signatures which now-a-days is pretty ineffective. I use Webroot. No signatures at all, completely based on behavior, 100% detection rate in tests and extremely lite on resources. 3-8MBs of RAM used.
 


Not so Neemobeer, Mbam has always claimed to be the only AntiMalware program that uses heuristics.
 


Back
Top