Hello! Let me preface this by saying that I am on Windows 8.1 and prior to these problems I had no active AV whatsoever, not even the Windows Defender.
All this started(?) when I somehow got infected with a search redirector(luckysearches.com), Wajam, some bogus security software and something called Xtab(?). This prompted me to install MalwareBytes and i felt like it removed most of the problems and these might be leftover symptoms from that infection.
So there's something that keeps creating these processes on my computer. The name of the process is just a bunch of random letters and numbers with a .tmp extension and a bogus description like "Plug and Play Square Bracket". I thought I had gotten rid of it but it still keeps popping up. I've tried to google similar symptoms but I can't find a case close enough to mine.
On a possibly related note, I've had this console window popup named bitsadmin.exe. So I've found it's what Microsoft uses to push updates but I caught a window once (that I cancelled) and the description in the event viewer is: "BITS started the amijob transfer job that is associated with the hxxp://d2atxjfenx9iqu.cloudfront.net/Updater.exe URL". There's one other mention of this on google and the current situation of that posters computer seems ambiguous. So I just wanted to know if that means anything and if it's related to the .tmp processes.
Those are all the questions I have. Thank you!
EDIT: The IP 18.104.22.168 keeps getting detected by MalwareBytes as a malicious website inbound to my PC through svchost.exe. Should I be concerned? Yes I have a torrent program running but shouldn't it say that it's through that process instead?
Edited by hanzue, 19 April 2015 - 12:29 PM.