New
#11
From some things that affect the early boot process (rootkits, boot sector virus) it does. For majority of malware, not. The main purpose is to prevent unauthorized access (especially if PC is lost). Once authenticated bitlocker encrypted volumes are mounted read-write and so it would do nothing to stop malware like the script discussed in this thread (or ransomware or whatever) running, BitLocker Drive Encryption Overview
Not saying it isn't useful (I use it) but it will not stop your PC getting infected - you need a AV as well.
Thank you everyone for getting back to me so quickly and with such enthusiasm :) I searched for task.vbs in the folders that the Exterminate it! website said they would show up, however I did not find them in those places. I did, however, run a ADWcleaner scan, and saved the log which I will post here. I did not clean anything as of yet.
Well I'm no AV expert, but I think pokki came up before as unwanted when dealing with this issue. I'd just clean the lot and see what happens.
So I went ahead with the ADWcleaner. After restarting the computer I was greeted with this message which I had never seen before, which I've added as the first screenshot. Secondly, I'm still getting Bitsadmin command prompts as before, though they have slightly different text this time around. I'm posting another screen shot to go with it, though it's a bit fuzzy since I just can't seem to get a perfect screen shot of the text.
The screen shots appear to be getting even fuzzier when I upload them for some reason. If you are having trouble reading them, the first screen has an "Application Error" window, which says "Exception EOIeSysError in module WSHelper.exe at 000CD5C9. Access is denied."
As for the command prompt, all the text appears the same as before, except for the new line at the bottom that says "Found 2 jobs named 'task3.'"
I downloaded Bitsadmin Buster and failed even to get anything to happen. It asked if it wanted to make changes to the computer and I clicked yes. It didn't ask for admin access or anything. I still get the Bitsadmin pop-up. Sorry to hijack the thread but every other person reporting this problem seems more tech savvy and able to get farther along than I can. Help?
I also didn't find task.vbs anywhere on my computer through the instructions linked in this thread.
Last edited by crocoshark; 19 Nov 2016 at 19:38.
At this point, I'm contemplating restoring to factory settings. Is there any chance that this is a rootkit that might survive me doing so?
Well chaps, I decided to go reset windows 10, after which bitsadmin stopped showing up and I wound up downloading and running GMER just for good measure. It didn't find anything that looked like a rootkit lingering around, so I'm gonna call it good as new. I won't personally close this thread, at least not right now, seeing as how there are still some people using it to get some info it would seem, but if an admin wants to close it early, feel free. Otherwise I'll check in from time to time, if only because I'm still curious.