Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Infected by virtool.win32/obfuscator.XZ

15 Jan 2012   #11
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Hi,

Its always wise to double-check using another scanning engine. I recommend performing a full scan using the ESET online scanner.

Post back the findings.

Regards,
Glden


My System SpecsSystem Spec
.
15 Jan 2012   #12
GianniDPC

Windows 7 Home Premium x64
 
 

My System SpecsSystem Spec
15 Jan 2012   #13
AlvitrValkyrie

Windows 7 Home Premium 64bit
 
 

Whoops. Sorry. Wrong quote
My System SpecsSystem Spec
.

15 Jan 2012   #14
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

My System SpecsSystem Spec
16 Jan 2012   #15
Arthur Deigh

Windows 7 Home Premium 64 bit
 
 

Hi everyone

Thanks for you help.

I ran MSE again and ESET and both showed no threats.

Would it be risky to not run Malwarebytes or do the manual removal? - I baulked at the registry backup (I've never done one before!) But if you guys feel that it would be safer, I will give it a go

cheers
My System SpecsSystem Spec
16 Jan 2012   #16
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Hi Arthur,

Once Jacee answers in these threads, I woud ignore all other suggestions and only follow her instructions.

Follow the tutorial for backing up the registry and you will be fine.

Regards,
Golden
My System SpecsSystem Spec
27 Jan 2012   #17
Arthur Deigh

Windows 7 Home Premium 64 bit
 
 

Quote   Quote: Originally Posted by Golden View Post
Hi Arthur,

Once Jacee answers in these threads, I woud ignore all other suggestions and only follow her instructions.

Follow the tutorial for backing up the registry and you will be fine.

Regards,
Golden
Hi

At risk, I haven't tried it yet - I had to go back to work

But when I have time to work out the reg edit, I will give it a go and let you know

cheers and thanks
My System SpecsSystem Spec
27 Jan 2012   #18
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Okay, don't try to do the 'manual' removal.

Download DDS from one of these links:
Mirror 1 Mirror 2 Mirror 3
  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next post.
The scan will instruct you to post Attach.txt as an attachment.

Let me see the contents of both logs so I can try to help you further.
My System SpecsSystem Spec
15 Feb 2012   #19
Arthur Deigh

Windows 7 Home Premium 64 bit
 
 

Hi Jacee

Sorry I took so long - and what you asked me to do didn't take long at all!

Are these the files you needed?

Or do you want me to copy and paste the contents in a reply?

cheers


Attached Files
File Type: txt DDS.txt (20.5 KB, 45 views)
File Type: txt Attach.txt (11.3 KB, 18 views)
My System SpecsSystem Spec
15 Feb 2012   #20
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Thank you, that's what I needed.

Download Combofix from any of the links below, and save it to your desktop.<--Important
Link 1
Link 2
Link 3

Click on this link Here to see a list of programs that should be disabled.
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
This includes Antivirus, Firewall, and any Spyware scanners that run in the background.
  • Double click combofix.exe and follow the prompts.
  • When finished, it will produce a log for you. Post that log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Please be patient while the scan runs, at times it may appear to stall.
When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
Post this log in your next reply
After rebooting ensure your Security applications have been re-enabled.

In your next reply post:
ComboFix.txt
***A guide and tutorial on "How to use Combofix" can be found here:
A guide and tutorial on using ComboFix

IF CF won't run:
During the download, rename Combofix.exe to sVchost.exe
My System SpecsSystem Spec
Reply

 Infected by virtool.win32/obfuscator.XZ




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Trying to get rid of virtool:win32/obfuscator.xz
Read a couple threads and got a little head start. I ran Adwcleaner and am attaching the log from that and currently running TFC. I want to make sure its 100% gone and any other malware too. Would the next step be running an ESET scan?
System Security
Unable to get rid of virtool.win32/obfuscator.XZ
Hello, I'm a new member. I've got this nasty virus and I cannot get rid of it. Microsoft security essentials keeps detecting it every time I run a complete scan even though it says it is in quarentine. It does not detect it in safe mode. Maybe it is a rootkit? Avira detects it as a hidden...
System Security
Virtool win32 Obfuscator.xz detected w/ MSE
Hello, I realize there's a similar thread on the front page but have come to the understanding I should create my own thread. I recently ran a scan w/ MSE and came back w/ a hit for Virtool win32 Obfuscator.xz. MSE was unable to quarantine or remove it. I found what I think were the...
System Security
MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.
How do I get rid of this sucker?
System Security
Virtool win32 Obfuscator.xz detected
i have had this virus for some time now and then one day my mse stared popping up in my Google chrome saying virus and to clean my pc i said no a few time and then i hit yes it download win 7 clean pro which i remove in like 3 seconds but then the file Virtool win32 Obfuscator.xz stayed i got the...
System Security
Infected by virtool.win32/obfuscator.XZ on Windows 7
Hi All, My last MSE scan was in October of 2012, did a scan last night and found that I'm infected with virtool.win32/obfuscator.XZ. I tried to do some research before posting and found these two threads that are relatively recent: 1. Solved: Please help removing virtool:win32/obfuscator.XZ...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:59.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App