PRC - (Intel Corporation) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - (Acer Incorporated) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - (Adobe Systems Incorporated) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - (Dropbox, Inc.) - C:\Users\Maya\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - (AVG Technologies CZ, s.r.o.) - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe PRC - (Mozilla Corporation) - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe PRC - (AVAST Software) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - (AVAST Software) - C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - (AVG Technologies CZ, s.r.o.) - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe PRC - (AVG Technologies CZ, s.r.o.) - C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - (OldTimer Tools) - C:\Users\Maya\Desktop\OTL.exe
#Usb redirector client rootkit free
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)ĭrive C: | 457.60 Gb Total Space | 378.46 Gb Free Space | 82.70% Space Free | Partition Type: NTFSĭrive G: | 454.81 Gb Total Space | 307.57 Gb Free Space | 67.63% Space Free | Partition Type: NTFSĬomputer Name: Maya-PC | User Name: Maya | Logged in as Administrator.īoot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit ScansĬompany Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days Paging file location(s): ?:\pagefile.sys Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyyĥ.88 Gb Total Physical Memory | 2.95 Gb Available Physical Memory | 50.09% Memory freeġ1.76 Gb Paging File | 8.54 Gb Available in Paging File | 72.65% Paging File free OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maya\DesktopĦ4bit- Home Premium Edition Service Pack 1 (Version = ) - Type = NTWorkstation OTL logfile created on: 6:04:09 PM - Run 1 I'd appreciate some assistance with this pesky problem, as I've been unable to solve it myself.
I ran antivirus and anti-malware scans with AVGFree, Avast, Malwarebytes Anti-malware, Spybot S&D, and Sophos Antivirus, all to no avail. However, around this time my browsers started acting up in the manner I outlined above. When I discovered that it was indeed the wrong program-how could CNET mislead me like that? Very confusing-I uninstalled it and later found the program I was originally looking for.
#Usb redirector client rootkit install
When I navigated to that website and clicked on the download link, a program pop-up appeared asking me if I would like to install YouTubeDownloader I thought that was strange, but since the website itself clearly showed that it's the download page for the Xilisoft program, I thought nothing of it and went ahead with installation. I think I picked up this malware when I attempted to download Xilisoft Media Converter I did a search for the program using Chrome's URL field and one of the top link was to CNET. There's another intermediary redirection URL that pops up, something starting with, but it changes too quickly for me to screencap/copy it down. The redirect is through this site: search (a sample search for keywords "test search" entered in the URL field), followed by the appearance of a search results page with this URL: Hi, my computer was recently infected by what I think is called a rootkit.Įssentially, the homepage for my browsers (Chrome and Firefox) was changed to a fake-looking Google stand-in website: and when I try to do a search through the URL field in either browser I get redirected to another fake-looking Google-ripoff with my search results.