Bitsjobs cmd prompt random pop ups

Page 2 of 3 FirstFirst 123 LastLast

  1. Posts : 11
    Windows 10
    Thread Starter
       #11

    RKILL found nothing then closed

    Rkill 2.8.4 by Lawrence Abrams (Grinler)
    BleepingComputer.com - News, Reviews, and Technical Support
    Copyright 2008-2016 BleepingComputer.com
    More Information about Rkill can be found at this link:
    RKill - What it does and What it Doesnt - A brief introduction to the program - Anti-Virus, Anti-Malware, and Privacy Software


    Program started at: 08/13/2016 03:15:03 AM in x64 mode.
    Windows Version: Windows 10 Home


    Checking for Windows services to stop:


    * No malware services found to stop.


    Checking for processes to terminate:


    * No malware processes found to kill.


    Checking Registry for malware related settings:


    * No issues found in the Registry.


    Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


    Performing miscellaneous checks:


    * No issues found.


    Checking Windows Service Integrity:


    * gagp30kx [Missing Service]
    * IEEtwCollectorService [Missing Service]
    * IoQos [Missing Service]
    * nv_agp [Missing Service]
    * TimeBroker [Missing Service]
    * uagp35 [Missing Service]
    * uliagpkx [Missing Service]
    * WcsPlugInService [Missing Service]
    * wpcfltr [Missing Service]
    * WSService [Missing Service]


    * agp440 [Missing ImagePath]


    * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
    * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]


    * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
    * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]


    Searching for Missing Digital Signatures:


    * No issues found.


    Checking HOSTS File:


    * HOSTS file entries found:


    127.0.0.1 down.baidu2016.com
    127.0.0.1 123.sogou.com
    127.0.0.1 http://www.czzsyzgm.com
    127.0.0.1 http://www.czzsyzxl.com
    127.0.0.1 union.baidu2019.com
    127.0.0.1 platform.wondershare.com


    Program finished at: 08/13/2016 03:16:49 AM
    Execution time: 0 hours(s), 1 minute(s), and 46 seconds(s)




    JRK -





    File System: 1


    Successfully deleted: C:\Users\Alex\Appdata\LocalLow\company (Folder)






    Registry: 3


    Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_AD2529C7DB5B63D28C2336238 5276129 (Registry Value)
    Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A8C3BAA-AA11-45DB-9228-8F22C27379D1} (Registry Key)
    Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A8C3BAA-AA11-45DB-9228-8F22C27379D1} (Registry Key)








    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 13/08/2016 at 3:23:00.03
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    rest coming......
      My Computer


  2. Posts : 16,278
    W10Prox64
       #12

    Thanks. So far nothing major.
    I'll be back in the morning.
      My Computer


  3. Posts : 11
    Windows 10
    Thread Starter
       #13

    Final rkill before reboot -

    * No issues found in the Registry.


    Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


    Performing miscellaneous checks:


    * No issues found.


    Checking Windows Service Integrity:


    * gagp30kx [Missing Service]
    * IEEtwCollectorService [Missing Service]
    * IoQos [Missing Service]
    * nv_agp [Missing Service]
    * TimeBroker [Missing Service]
    * uagp35 [Missing Service]
    * uliagpkx [Missing Service]
    * WcsPlugInService [Missing Service]
    * wpcfltr [Missing Service]
    * WSService [Missing Service]


    * agp440 [Missing ImagePath]


    * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
    * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]


    * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
    * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]


    Searching for Missing Digital Signatures:


    * No issues found.


    Checking HOSTS File:


    * HOSTS file entries found:


    127.0.0.1 down.baidu2016.com
    127.0.0.1 123.sogou.com
    127.0.0.1 http://www.czzsyzgm.com
    127.0.0.1 http://www.czzsyzxl.com
    127.0.0.1 union.baidu2019.com
    127.0.0.1 platform.wondershare.com


    Program finished at: 08/13/2016 04:51:12 AM
    Execution time: 0 hours(s), 0 minute(s), and 18 seconds(s)
      My Computer


  4. Posts : 11
    Windows 10
    Thread Starter
       #14

    ADWcleaner log after reboot

    # AdwCleaner v5.201 - Logfile created 13/08/2016 at 04:49:21
    # Updated 30/06/2016 by ToolsLib
    # Database : 2016-08-12.4 [Server]
    # Operating system : Windows 10 Home (X64)
    # Username : Alex - ALEX
    # Running from : C:\Users\Alex\Downloads\adwcleaner_5.201.exe
    # Option : Clean
    # Support : ToolsLib - Forum: Ask for help or share your experience.


    ***** [ Services ] *****




    ***** [ Folders ] *****




    ***** [ Files ] *****




    ***** [ DLLs ] *****




    ***** [ WMI ] *****




    ***** [ Shortcuts ] *****




    ***** [ Scheduled tasks ] *****




    ***** [ Registry ] *****


    [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
    [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
    [-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp


    ***** [ Web browsers ] *****


    [-] [C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www1.delta-search.com/?affID=120519&babsrc=HP_ss&mntrId=F82F5E95AE021070
    [-] [C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://search.conduit.com/?ctid=CT3289847&SearchSource=48&CUI=UN68053831623824720&UM=2
    [-] [C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxps://uk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_freaudedtr_16_09&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dgb%26pa%3DWincy %26cd%3D2XzuyEtN2Y1L1Qzu0D0AyD0D0EtB0C0D0AyB0F0D0E0A0CyCtN0D0Tzu0StCyDtBtDtN1L2XzutAtFtCzztFtCtFtCtN 1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDtDyBtCtD0F0E0DtGtC0FzyyDtGyB0D0EtAtGyBzz0CtCtGyB0ByB0EyBtAyC0C0EyD yB0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0Azy0DtByE0C0BtGyDtCtD0AtGyEzyyBtCtGzz0FtDtBtGzy0DyEtBtAtBtAyE0FyBtC yD2QtN0A0LzuyE%26cr%3D784703646%26a%3Dwncy_freaudedtr_16_09%26os_ver%3D10.0%26os%3DWindows%2B10%2BHo me
    [-] [C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : khnpeclbnipcdacdkhejifenadikeghk
    [-] [C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lfmhcpmkbdkbgbmkjoiopeeegenkdikp
    [-] [C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www1.delta-search.com/?affID=120519&babsrc=HP_ss&mntrId=F82F5E95AE021070


    *************************


    :: "Tracing" keys deleted
    :: Winsock settings cleared


    *************************
      My Computer


  5. Posts : 16,278
    W10Prox64
       #15

    Did MBAR or TDSSKiller find anything? Have you flushed the DNS cache? Ran Ccleaner on all browsers to clear everything? Running ESET online scan now?
      My Computer


  6. Posts : 3,446
       #16

    @simrick, what I can't fathom is how it could still be happening with BITS disabled..
    Bitsadmin will only run if an error occurs with a (non-WU) download... but his queue is clear anyways. Very strange.
      My Computer


  7. Posts : 11
    Windows 10
    Thread Starter
       #17

    The problem has gone. I had no logs for MBAR, Everything else done apart from ESAT scan
      My Computer


  8. Posts : 16,278
    W10Prox64
       #18

    Superfly said:
    @simrick, what I can't fathom is how it could still be happening with BITS disabled..
    Bitsadmin will only run if an error occurs with a (non-WU) download... but his queue is clear anyways. Very strange.
    Very strange... He needs to enable it now though, right?
    nicpo said:
    The problem has gone. I had no logs for MBAR, Everything else done apart from ESAT scan
    Oh! Good news indeed!
    The ESET Online Scan will give you the final all-clear.
      My Computer


  9. Posts : 11
    Windows 10
    Thread Starter
       #19

    You're all a great brunch :) thanks
      My Computer


  10. Posts : 3,446
       #20

    simrick said:
    Very strange... He needs to enable it now though, right?
    Yep!

    nicpo said:
    You're all a great brunch :) thanks
    Glad!

    :)
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 14:36.
Find Us




Windows 10 Forums