Not Sure Who To Contact -Win/32/Olmarik.TDL4 trojan

Discussion in 'ESET NOD32 Antivirus' started by gadget, Feb 20, 2012.

Thread Status:
Not open for further replies.
  1. gadget

    gadget Registered Member

    Joined:
    Feb 20, 2012
    Posts:
    6
    Location:
    USA
    I used this removal tool EOlmarikTdl4Cleaner.exe , when using i get this error "unable to clean rootkit", I re-run the program again and it does not find the trojan, i reboot and there it is again. Zonealram pops up that firefox is trying to access the internet to an ip, i block it and loose my internet. So obviously Olmarik is trying to access the internet. Any help would be appreciated.

    Thanks
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Have you tried booting to Windows Recovery Console and running fixmbr ?
     
  3. gadget

    gadget Registered Member

    Joined:
    Feb 20, 2012
    Posts:
    6
    Location:
    USA
    No have not I will try that next. Its been a long time since I've had a virus.
     
  4. gadget

    gadget Registered Member

    Joined:
    Feb 20, 2012
    Posts:
    6
    Location:
    USA
    I cannot find my win7 Ultimate disk, is that the only way to enter the recovery console?
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    You can download and run ComboFix. It will prompt you to download and install the recovery console before it starts checking your computer.
     
  6. gadget

    gadget Registered Member

    Joined:
    Feb 20, 2012
    Posts:
    6
    Location:
    USA
    I ran combofix, it never asked to install recovery console. It did kick out the log:

    *
     
    Last edited by a moderator: Feb 20, 2012
  7. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    does it boot in safe mode? if yes
    http://windows7themes.net/how-to-fix-mbr-in-windows-7.html
    Code:
    Fix MBR (Operating system found/logged on)
    
    1. On boot up press F8 and select “Repair your computer”.
    
    2. Next, Windows 7 will automatically search for errors. Let it check for errors and when it’s done close the window. At the bottom you will see the “Command Prompt” tool. Click on it.
    
    3. Enter the command
    
    bootrec.exe /fixmbr 
     
  8. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    When the ESET designed stand-alone removal tools fail - to save bricking your OS, open an issue ticket with ESET Customer Care.
     
  9. gadget

    gadget Registered Member

    Joined:
    Feb 20, 2012
    Posts:
    6
    Location:
    USA
    Thanks for the help, the fixmbr worked. Also i noticed the window popup saying a record of mbr was being sent to Eset for review. Is that normal?
     
Thread Status:
Not open for further replies.