Posts: 3
Threads: 1
Joined: Feb 2016
Reputation:
0
Hello.so i have found a rootkit called Medlight.exe and i can't seem to remove.It infected my web browser and its redirecting me to a different home page and i can't change it.One of the files was located at : "file:///C:/ProgramData/Medlights/snp.sc" which I was able to remove,but i cannot remove the Medlight.exe from "file:///C:/ProgramData/Medlight".It also says that some files are also infected,but i saw other people complaining about medlight.I am trying some of the programs that Britec uses,and no luck.I haven't seen a video that he made about it (if he did please tell me),if not please help me through the forum.Thank you.
Posts: 5,029
Threads: 207
Joined: Feb 2015
Reputation:
145
so the virus is now remove ?
Posts: 4,727
Threads: 311
Joined: Sep 2014
Reputation:
102
Malwarebytes Anti-Rootkit (MBAR)
- Please download Malwarebytes Anti-Rootkit and save the file to your desktop.
- Double-click MBAR.exe to run the installer.
- Select a convenient location to extract the contents and click OK.Navigate to the location you selected.
- Double-click MBAR.exe to run the programme.
- Follow the prompts to update the programme and scan your computer.
- Upon completion, click Cleanup*and reboot your computer.
- After the reboot, rerun the programme to verify no threats remain. If threats are still detected, click the Cleanup button once more.
- Upon completion, two logs (mbar-log.txt and system-log.txt) will be created.*Copy the contents of both logs and paste in your next reply.
- Note: Both logs can be found in the MBAR folder.
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support!
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q">
<input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0">
</form>
</div></left>
Posts: 4,727
Threads: 311
Joined: Sep 2014
Reputation:
102
Solved - Thread Closed
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support!
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q">
<input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0">
</form>
</div></left>