I noticed a command prompt running, it only stayed for a couple seconds before closing, in this time I checked task manager to see what it was - "bitsadmin.exe"
I checked Google and found a bit of info on this, it's how Microsoft distributes updates or whatnot.
I checked the Event Viewer and found these logs:
I downloaded that Updater.exe file on a virtual machine to check it out, when executing it, it just closes again - not sure what it does and I'm not sure whether it's malicious.
I checked it with Virus Total:
https://www.virustotal.com/en/file/6...221b/analysis/
The only result is from Bkav with "HW32.Packed.980B", I can't find any information about this result on Google.
I checked Google and found a bit of info on this, it's how Microsoft distributes updates or whatnot.
I checked the Event Viewer and found these logs:
Code:
The BITS service created a new job: amijob, with owner PC\doko
BITS started the amijob transfer job that is associated with the hxxp://d17xr4aw9ok0me.cloudfront.net/Updater.exe URL.
(Changed http to hxxp as advised in the instructions topic)
The transfer job is complete.
User: PC\doko
Transfer job: amijob
Job ID: {bf7ab4ef-6ee1-485b-877c-e222c5a434c8}
Owner: PC\doko
File count: 1I checked it with Virus Total:
https://www.virustotal.com/en/file/6...221b/analysis/
The only result is from Bkav with "HW32.Packed.980B", I can't find any information about this result on Google.