Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Olmarik.ADA trojan infection


  • This topic is locked This topic is locked
2 replies to this topic

#1 shos

shos

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:47 PM

Posted 24 October 2010 - 07:07 PM

Had this problem for a few days with no luck on getting rid of it. At first, all I noticed was that site links always redirected me to some spam sites. I fixed that by just enabling protection on my Malwarebytes but just recently, spam/virus sites started slipping through. So I ended up installing another Windows 7 onto a new partition (keeping my old windows partition) and once I installed and updated my nod32 it detected an infection in my 1 partition called "Olmarik.ADA trojan". Went to a couple of sites and followed other tutorials but many of them used ComboFix to solve the problem. ComboFix doesn't work with my 64xbit. Did a MBRCheck and found something but not sure what it is. Already tried restoring the MBR to default but that didn't do anything.

Also, I wasn't able to get the GMER txt file. All the boxes were grayed out.

So things I already tried:
1) Malwarebytes doesn't detect anything
2) MBRCheck detects something but doesn't fix anything.
3) ComboFix would not work with my 64bit system.
4) Eset detects the trojan but can not delete.
5) TrendMicro Online scanner does not work.
6) Used Kaspersky AV but that didn't detect anything special


edit: Looked through other forum threads here on the site and tried this TDSSKiller. After running the program my MBRCheck received different results.

New MBRCheck scan after using TDSSKiller



edit: Eset doesn't warn about anything wrong at startup anymore. Maybe it is gone forever. What would be the procedure to check that I'm clean?

EDIT: Posts merged ~BP

Attached Files


Edited by Budapest, 25 October 2010 - 01:58 AM.


BC AdBot (Login to Remove)

 


#2 shos

shos
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:47 PM

Posted 29 October 2010 - 04:24 PM

It has been 5 days already and no sign of any problem. I guess problem is now fixed.

#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:47 AM

Posted 29 October 2010 - 04:47 PM

As this issue appears to be resolved I am closing the topic. Please send me (or any other Moderator) a Personal Message (PM) if you would like the topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users