Well back again to request help from my friends at BC.
My sons laptop running XP SP3 seems to have been hit with the System Fix bug.
Note: Tonight we lost most desktop Icons. I cannot post logs from the scans mentioned below.
Last April I purchased ESET for his computer.
For the last several days the ESET start up scan has been showing:
Startup scanner file Operating memory a variant of Win32/Olmarik.AWO trojan unable to clean.
ESET has handled some of the infection this caused. On Saturdays I was able to update and run MBM which did find one infected file.
Tonight when he started the computer he started getting warnings as shown on BC "Remove System Fix (Uninstall Guide)"
Also the Desktop Icons started disappearing. When ESET finished it’s start up scan this evening it dealt with three infections which made the fake warnings disappear
MY SAS Icon was still present in lower right tool tray so I updated and ran a full scan. No infections were found.
Sorry if this is a bit rambling. Right now the computer is shut down. Don’t know if I will be able to connect to the internet or if I want to at this point.
Advise is appreciated.
From reading here at BC I think the next step would be unhide, MBAM and TDSSKiller but I am not sure what order to do this. Also saw a mention of Dial-a fix here on BC
Also if advise is going to be download Unhide or TDSS killer on a different computer please humor me and tell me exactly what to do. Do I download to my desktop and copy to a CD or can I download directly to a CD.
Also this desktop is Win 7 / 64 bit. Can I download a program here that will be used on his XP SP3 machine??
Help is greatly appreciated!
Hello December 20, 2011
Not trying to bump as it appears this nasty is troubling a lot of people.
Did need to advise of present symptoms. Currently my son’s computer has Zero Icons on the desktop and Zero in the start menu. At start up today I disconnected his wireless connection. Wireless Icon is now gone also. ESET amazing enough is still in the lower right toolbar. Did a manual scan this afternoon. ESET cleaned 4 items but was unable to clean two
Operating Memory. Win 32 / Olimark. TDL4 Trojan unable to clean.
Operating Memory.svchost.exe (1560) a variant of Win 32 / Olimark. AWO Trojan
I have been reading some of the removal guides about making a copy of TDSS killer, and unhide on an uninfected computer, burning to a CD/ DVD and running on the infected one. Without any Icons I do not know how to proceed.
Please help when you can.
Edited by Nawtheasta, 20 December 2011 - 06:00 PM.