Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Homepages hijacked?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Homepages hijacked?

Unread postby Gary R » July 19th, 2011, 1:46 am

No, the file found by E-Set is just an encrypted backup that OTL made. It can't re-infect you and we'll dispose of it when we remove OTL from your computer.

As far as I can see there's no further sign of infection on your computer.

Time for a little tidying up ......

Let's clear out OTL and the files and folders it created. This will also remove GMER (except for the random named file on your Desktop).
  • Double click OTL.exe to launch the programme.
  • Click on the CleanUp! button.
  • OTL will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
  • You will be prompted to allow the clean up procedure, click Yes
  • When finished exit out of OTL
  • Now delete OTL.exe (if still present).

Next

To remove ERUNT use Control Panel > Programs > Uninstall a program

Next

Delete the random named .exe file for GMER from your Desktop.

As far as I can see, your computer looks clear of infection now.

Are you still noticing any problems ?
  • If you are let me know about them.
  • If not it's time to make your computer more secure.

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.

If your computer is running slowly after your clean up, please read.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Re: Homepages hijacked?

Unread postby mightykotor » July 19th, 2011, 4:33 am

When I deleted GMER.exe Norton flashed up stating that it is processing security risk Trojan.Gen.2. - I presume this is a false alarm and is due to a "mis-diagnosis" by Norton due to the programming code inside GMER?

Other than that, all seems to be sorted.
Again thanks for all your help, and the prompt replies, I really appreciate it.
mightykotor
Active Member
 
Posts: 13
Joined: July 14th, 2011, 3:29 pm

Re: Homepages hijacked?

Unread postby Gary R » July 19th, 2011, 6:47 am

You're welcome, glad we could help. :)

As you suspected, GMER contains a number of processes that operate in a similar manner to some malware, it is sometimes false flagged by AV programs because of this.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Homepages hijacked?

Unread postby Gary R » July 20th, 2011, 1:21 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 21 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware