Hi,
Does anyone know how to get rid of "win32/olmarik.AJL trojan"?
I use
win7 & the Eset antivirus.
Searching the net I found many instruction about getting rid of this trojan but non of them works.
Please please help me.
Thank you
Arian
Hi,
Does anyone know how to get rid of "win32/olmarik.AJL trojan"?
I use
win7 & the Eset antivirus.
Searching the net I found many instruction about getting rid of this trojan but non of them works.
Please please help me.
Thank you
Arian
If you can't remove the trojan with AV software:
1) Find out how to quarantine. Then, quarantine the trojan with the same software to make it harmless.
2) OR: Wipe the drive and reinstall the OS.
3) AND: Be safer than you currently are on the internet.
Do I need to format all of the derives or the C drive would be enough?
Can I make a backup of my files on an external hard? Or connecting to the USB port will transfer the trojan to the external hard too?
Thanks
Arian
Did you try to quarantine the trojan first? To quarantine, an antivirus will make the malicious code read-only, and since it will never run again, it's fixed. If you can find the trojan but can't remove it, that is your best option. You won't have to do anything else if that works.
If for some reason that isn't helping, then you'll have to format and reinstall. (At least, I prefer this to complex cleaning instructions with several pieces of software -- advice prevalent on the internet.) If you make a backup now, you might copy over the trojan, so I can't recommend it. You should work with an older backup. After your system is restored you can start making regular backups again, though.
Copying hundreds of gigabytes of data, exporting settings from all applications (in some it cannot be done at all), reinstalling everything (+ all additional components, plugins, etc). Can't really say that there's anything I'd prefer less than this. Besides, this might take a long time.
The only situation where I'd ever consider formatting is when there is a virus that actually injects itself to every executable it finds. Otherwise, formatting when changing a few registry keys or deleting a few files would do the trick doesn't really make sense. Especially if you can do that without actually running the OS.
"The Internet treats censorship as damage and routes around it." - John Gilmore
Well, there are also restore points from System Restore you can use as long as you have one from before the virus. I haven't encountered a trojan that still runs after you do that, either.
When my anti virus find the trojan, 2 bottons appear (clean & skip) the clean one doesn't work and there is no quarantine option.
I found no instruction about quarantine the trojan on the net
I don't like to format my PC but the notification message from my anti_virus is driving me crazy
Did a little looking... this is a nasty little beggar...
Apparently it's a RootKit which means it's both autorun in Windows and affects the BootLoader on your hard disk... In Windows that pretty much means wipe it out and start over.
However, a simple format and reinstall isn't going to get rid of it. You will need to delete and rebuild all your disk partitions too. This means *everything* on your disk is going to be 100% gone when you're done. Depending on the version of windows, there will be tools in the installer to do this with, read screens carefully and use the advanced techniques whenever possible. Just be sure you wipe *everything* out and rebuild it.
You can make a backup... BUT do not backup your program files; only data files. You will have to reinstall all your programs by hand and I strongly recommend you do that from incorruptable sources such as CD, DVD or fresh downloads from the program's website. You should not use archived installers from a corrupted hard disk.
I'm sorry to be the bearer of bad news... but that's how it is...
Last edited by CommonTater; 02-07-2011 at 12:20 PM.
Be careful copying your data to the backup media. If it infects the backup media, it could reinfect your clean installation. You may want to boot with a live cd and copy your data(like Tater said, no programs) that way, since the virus won't be able to transfer itself to the backup under Linux.
One last thing to try before you go blowing up your system...
Emsisoft Free Emergency Kit: portable malware scanner | Free removal of Viruses, Bots, Spyware, Keyloggers and Trojans
Put this on a flash drive and run it from there... DO NOT run it from a folder on your hard disk.
No guarantees.
Thank you for helping me.
All my important data (just data and no programs) is on the G drive. I am going to make a back up to my external hard! Is it safe?
Or connecting to the USB port will transfer the trojan?
It should be safe to do a backup...
If your external drive has "one button backup" or other such silly software, don't use it. Just drag and drop your files onto the disk. Better still... use XCopy if you're skilled with command line proggys...
If you're worried about the trojan being active, do it from safe mode, where autoruns and drivers aren't loaded. Of course you should be able to confirm the data's integrity with the Emergency kit.
Best of luck with this... It's not going to be fun on any level.
Bootloader code is only executed on the boot partition. Besides, you can have Windows install disk fix the MBR (it includes bootloader code). Then delete the driver files and also the executables using some live disk. Not sure if there's a list of file names for this. Not sure if this works though, just an idea.
"The Internet treats censorship as damage and routes around it." - John Gilmore
Hi,
I deleted all the partitions and formated the whole hard disk but after reinstalation of Win7 and Nod32 antivirus (before connecting to the net) I got this message from Nod32: "MBR sector of one physical disk - unable to clean"
I tried some other antiviruses like Avira and Avast and to my surprise they didn't even find the virus/trojan!
any suggestions plz?
Thank you
Arian
PS as I was tired of installing different programs, I didn't reinstal NOD32 again and I am working with Avira.
Do you know which of is better?