Totally lost - win32/olmarik.ajl trojan

WNxWarlord

New member
Local time
1:02 AM
Messages
3
I'm sorry if I posted this in the wrong forum,
but this one seemed most appropriate to post this...

I wouldn't usually go to forums to ask a virus-related problem,
but I have NO CLUE what to do anymore,

Everytime my PC boots NOD32 gives me a message that there's a olmarik.ajl trojan in my MBR of Phsyical Drive 1 (Which is my C: drive)

I've tried some things,

Scanned with NOD32 & SPYBOT,
but since it's in MBR that didn't help,
I did a MBR Fix by dooing bootrec /fixmbr in win recovery.

When that didn't work I flashed my bios,
in case it was hiding in there, which is probably isn't, but not tried is.. you know.

After that STILL not working, I just formatted my C drive since it was supposed to be there (I have all my other things in different partitions, cuz' I expected something like this to happen eventually)

and after that I still got the same error for the same drive, and I repeated all again except the format.

So please,
anyone has any idea what to do?
 

My Computer My Computer

At a glance

Windows 7 Profesional x64AMD Phenom 9950 B.E.GeIl 4GB DDR3XFX GTX 275 XXX OC
Computer Manufacturer/Model Number
Self-Assembled
OS
Windows 7 Profesional x64
CPU
AMD Phenom 9950 B.E.
Motherboard
ASROCK A770DE
Memory
GeIl 4GB DDR3
Graphics Card(s)
XFX GTX 275 XXX OC
Sound Card
Creative X-Fi Xtreme Gamer
Monitor(s) Displays
Samsung Syncmaster 2243 NWX
PSU
CoolerMaster
Case
Antec Nine Hundred Two
Cooling
CoolerMaster
Hello there, i've read that using Dr. Web Cure It will take care of that virus (although you have to run it in Safe Mode, by pressing F8 on BIOS screen), i'd put the link here but it's a Latin American article, so it's in spanish.

Here's the link for Dr. Web CureIt:

http://www.freedrweb.com/download+cureit/gr/?lng=en

Install it, reboot into Safe Mode with Networking, and do a Full Scan with it :)

Report back after the scan with the results, please.

Here's another article about this:

Win32/Olmarik.AJL Trojan - Safer-Networking Forums

Apparently is not a simple and easy to kill virus :confused:
 

My Computer My Computer

At a glance

Windows
Computer type
PC/Desktop
OS
Windows
Thanks a LOT Punisher, that solved that issue.
Now another issue is that my ping is still 512ms instead of my usual 16,
any tips on that?
 

My Computer My Computer

At a glance

Windows 7 Profesional x64AMD Phenom 9950 B.E.GeIl 4GB DDR3XFX GTX 275 XXX OC
Computer Manufacturer/Model Number
Self-Assembled
OS
Windows 7 Profesional x64
CPU
AMD Phenom 9950 B.E.
Motherboard
ASROCK A770DE
Memory
GeIl 4GB DDR3
Graphics Card(s)
XFX GTX 275 XXX OC
Sound Card
Creative X-Fi Xtreme Gamer
Monitor(s) Displays
Samsung Syncmaster 2243 NWX
PSU
CoolerMaster
Case
Antec Nine Hundred Two
Cooling
CoolerMaster
That could be a simple issue from your ISP. i don't think the virus has something to do with your 512ms ping :huh:
 

My Computer My Computer

At a glance

Windows
Computer type
PC/Desktop
OS
Windows
My laptop still has ~15 ping,
and it started to go up to 512ms ping after I got the message of the virus =X
 

My Computer My Computer

At a glance

Windows 7 Profesional x64AMD Phenom 9950 B.E.GeIl 4GB DDR3XFX GTX 275 XXX OC
Computer Manufacturer/Model Number
Self-Assembled
OS
Windows 7 Profesional x64
CPU
AMD Phenom 9950 B.E.
Motherboard
ASROCK A770DE
Memory
GeIl 4GB DDR3
Graphics Card(s)
XFX GTX 275 XXX OC
Sound Card
Creative X-Fi Xtreme Gamer
Monitor(s) Displays
Samsung Syncmaster 2243 NWX
PSU
CoolerMaster
Case
Antec Nine Hundred Two
Cooling
CoolerMaster
Well, you could try to do a Winsock Reset. But i'm not sure if that could fix the problem.

I created a Batch File for you, if you don't feel safe about it.

Here is its content:

ipconfig /release

pause

ipconfig /flushdns

pause

ipconfig /renew

pause

netsh winsock reset catalog

pause

netsh int ip reset reset.log hit

pause

That will Repair your winsock entries and could help with the problem :)

EDIT: Download the file, go to the path where the file was downloaded, right click it, go to properties and click "Unblock" on the bottom. Apply and accept, then right click it again and "Run as Administrator" :)
 

My Computer My Computer

At a glance

Windows
Computer type
PC/Desktop
OS
Windows
olmarik.ajl trojan is not that easy to get rid of. It is a "Backdoor Trojan" with a rootkit.

My advice would be to wipe and do a clean install. Stay away from cracks and keygens :(
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
olmarik.ajl trojan is not that easy to get rid of. It is a "Backdoor Trojan" with a rootkit.

My advice would be to wipe and do a clean install. Stay away from cracks and keygens :(

That's what i though Jacee, but i didn't want to suggest that because it'd be like the "last resort" but yeah, i read that olmarik.ajl trojan wasn't an easy virus..

BTW, i've never heard that virus before, how could you get infected by it? :huh:
 

My Computer My Computer

At a glance

Windows
Computer type
PC/Desktop
OS
Windows
Many ways to get infected! :p

1. Using a peer-to-peer (P2P) application that allows its users to join together in a network via the Internet and share files from each other's hard drives.
2. Using an infected flash drive
3. Clicking on unknown links
4. Downloadung cracks and keygens
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Ohh didn't know that hehe.. that's exactly why i have "autoruns" disabled, a good antivirus (NOD32, good for my taste :p), Malwarebytes' and a LOT of common sense :D that hasn't failed me since a really long time..

I'll be aware and also tell my little sister not to mess with unknown links :p

Thanks, Jacee
 

My Computer My Computer

At a glance

Windows
Computer type
PC/Desktop
OS
Windows
It probably wouldn't hurt to take advantage of Firefox's plug in (if you run FF) called NoScript. It stops embedded scripts on a page (unless you allow them)

Winner of the "2006 PC World World Class Award", this tool provides extra protection to your Firefox.
It allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, guarding your "trust boundaries" against cross-site scripting attacks (XSS), cross-zone DNS rebinding / CSRF attacks (router hacking), and Clickjacking attempts, thanks to its unique ClearClick technology. It also implements the DoNotTrack tracking opt-out proposal by default, see http://snipurl.com/nsdntrack .
Such a preemptive approach prevents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionality...
Experts do agree: Firefox is really safer with NoScript ;-)
Read more here:

https://addons.mozilla.org/en-US/firefox/addon/noscript/
 

My Computer My Computer

At a glance

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1,...Intel Core 2 Duo 2.93GHzNot much with my ADHDATI Radeon HD 4350
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Hell oh Well
OS
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
CPU
Intel Core 2 Duo 2.93GHz
Memory
Not much with my ADHD
Graphics Card(s)
ATI Radeon HD 4350
Monitor(s) Displays
24" HDTV/Monitor
Screen Resolution
Blurry after a Scotch or 2
Hard Drives
1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
Case
Don't get on my case...man :D
Cooling
I have an Air Conditioner & Diet Pepsi
Keyboard
Saitek Cyborg
Mouse
10 yr old MS optical mouse that still works
Internet Speed
Never fast enough
Antivirus
Various
Browser
Various

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Thank you Jacee...I knew IE had one, just couldn't remember....gettin old I guess:sarc:
 

My Computer My Computer

At a glance

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1,...Intel Core 2 Duo 2.93GHzNot much with my ADHDATI Radeon HD 4350
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Hell oh Well
OS
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
CPU
Intel Core 2 Duo 2.93GHz
Memory
Not much with my ADHD
Graphics Card(s)
ATI Radeon HD 4350
Monitor(s) Displays
24" HDTV/Monitor
Screen Resolution
Blurry after a Scotch or 2
Hard Drives
1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
Case
Don't get on my case...man :D
Cooling
I have an Air Conditioner & Diet Pepsi
Keyboard
Saitek Cyborg
Mouse
10 yr old MS optical mouse that still works
Internet Speed
Never fast enough
Antivirus
Various
Browser
Various
Back
Top