Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Win32/olmarik.ajl trojan detected by ESET

  • Please log in to reply
2 replies to this topic

#1 70runner


  • Members
  • 1 posts
  • Local time:11:05 PM

Posted 10 August 2011 - 02:59 PM

Initially, while on the internet (Firefox5), the "win7 antispyware 2012" bug starting running scans and reporting I was infected. While I was dealing with that, ESET notified me of a Win32/olmarik.ajl trojan which it was unable to clean.

Normal reboot seems to be impaired, such that I needed to use a boot disk (Hiren's Rescue CD) to boot into win7. Attempts to restart the laptop without the boot disk would result in the computer entering startup repair, which wasn't successful. I had this exact problem about a week ago and after dialog with microsoft tech support, running bootmgr from command prompt in safe mode seemed to cure it. No indication of any virus/malware/trojan at that time.

I don't see any evidence of the win7 antispyware 2012 bug, but ESET continues to notify me of the olmark trojan. I also ran a Malwarebyte scan which indicated the olmarik trojan was a false positive. Besides the eset alert, the only other unusual thing I notice at the moment is a frequent port block (47747) by Malwarebyte. Win7 also wants to do an update but I'm holding off on that until the infection is resolved.

What think ye?

Update: Eset site has a program to deal with the olmark trojan. Used that and everything seems OK.

Edited by 70runner, 10 August 2011 - 06:28 PM.

BC AdBot (Login to Remove)


#2 Broni


    The Coolest BC Computer

  • BC Advisor
  • 42,770 posts
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:05 PM

Posted 10 August 2011 - 09:50 PM

With the information you have provided I believe you will need help from the malware removal team.
Please make sure that you read the information about getting started first.
Then start a new thread HERE and include or required logs.
Including a link to this thread will be helpful.

Good luck and be patient. Help is on the way!

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE


#3 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,565 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:01:05 AM

Posted 10 August 2011 - 09:52 PM

If you are unsure if its clean post a DDS log.

Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users