Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Unable to get rid of virtool.win32/obfuscator.XZ

07 Dec 2012   #11
SchwarzTee

Windows 7 Professional 64 bits
 
 

sorry, the adware log I posted was after clicking 'search'.
Here goes the correct one.




Attached Files
File Type: txt AdwCleaner[S1].txt (7.6 KB, 9 views)
My System SpecsSystem Spec
.
07 Dec 2012   #12
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Second AdWareCleaner looks much better after deleting the mess!

I want you to delete the old Combofix that you've been using.

First, download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

Next, uninstall both Firefox and Google Chrome.

Now download a fresh copy of Combofix from any of the links below, and save it to your desktop.<--Important
Link 1
Link 2
Link 3

Click on this link Here to see a list of programs that should be disabled.
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
This includes Antivirus, Firewall, and any Spyware scanners that run in the background.
  • Double click combofix.exe and follow the prompts.
  • When finished, it will produce a log for you.
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Please be patient while the scan runs, at times it may appear to stall.
When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
Post this log in your next reply
After rebooting ensure your Security applications have been re-enabled.

In your next reply post:
ComboFix.txt
***A guide and tutorial on "How to use Combofix" can be found here:
ComboFix: A guide and tutorial on using ComboFix

IF CF won't run:
During the download, rename Combofix.exe to sVchost.exe
My System SpecsSystem Spec
07 Dec 2012   #13
SchwarzTee

Windows 7 Professional 64 bits
 
 

Here it goes.


Attached Files
File Type: txt Combofix3.txt (17.5 KB, 25 views)
My System SpecsSystem Spec
.

07 Dec 2012   #14
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Ackkk! you have a rootkit ... I do not work on a computer with a rootkit because I can not tell you (for sure) that it will ever be stable again.

You Need to wipe the HDD and do a "Clean" install. Do not use any passwords you used previously
Clean Install Windows 7

Please read what a Rootkit is and what it does to your computer:
Rootkit - Wikipedia, the free encyclopedia
My System SpecsSystem Spec
07 Dec 2012   #15
SchwarzTee

Windows 7 Professional 64 bits
 
 

Do you know how long it has been there?
Could I have got it by accessing an infected forum? I accessed a forum in spite of a browser's warning sometime ago (forum admin said google's warning was invalid)
This will take me some work. my DVD drive is not working at moment.


My pendrive has 3817 MB. Could it work?
My System SpecsSystem Spec
07 Dec 2012   #16
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Follow Brink's tutorial in the link I gave you above.
My System SpecsSystem Spec
07 Dec 2012   #17
SchwarzTee

Windows 7 Professional 64 bits
 
 

Ok Jacee, thank you very much!
You are my heroine.

I'm saving all my important data.
My System SpecsSystem Spec
08 Dec 2012   #18
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 

Be sure to run a thorough scan on any files you save before putting them back on your system as you may re-introduce the virus. You can upload files here to be scanned by multiple AV's. (max file size 32MB)

https://www.virustotal.com/
My System SpecsSystem Spec
08 Dec 2012   #19
SchwarzTee

Windows 7 Professional 64 bits
 
 

Ok, thank you Borg.

Just will make one thing clear.
Jacee, the keylogger virus detection than you saw in the image I posted was installed by myself when seeking security tools. It is not a deed from the rootkit.


The only virus detected by the antivirus is this Obfuscator.

I'm gonna format and reinstall windows in a partition and leave the other partition.
Is that okay?
My System SpecsSystem Spec
08 Dec 2012   #20
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

That one, I don't know Maybe someone else here, has the knowledge needed for your question.
My System SpecsSystem Spec
Reply

 Unable to get rid of virtool.win32/obfuscator.XZ




Thread Tools




Similar help and support threads
Thread Forum
Trying to get rid of virtool:win32/obfuscator.xz
Read a couple threads and got a little head start. I ran Adwcleaner and am attaching the log from that and currently running TFC. I want to make sure its 100% gone and any other malware too. Would the next step be running an ESET scan?
System Security
having possible issues related to VirTool:Win32\Obfuscator.XZ
hi, so about 2 weeks ago i dled a cracked version of the crysis series and it turned out that the cracked had contained the VirTool:Win32\Obfuscator.XZ malware (picked up by MSE) and subsequently steam stopped working properly (not sure if related). i removed the files that MSE said contained the...
System Security
Virtool win32 Obfuscator.xz detected w/ MSE
Hello, I realize there's a similar thread on the front page but have come to the understanding I should create my own thread. I recently ran a scan w/ MSE and came back w/ a hit for Virtool win32 Obfuscator.xz. MSE was unable to quarantine or remove it. I found what I think were the...
System Security
MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.
How do I get rid of this sucker?
System Security
Infected by virtool.win32/obfuscator.XZ
Hi Got up this morning to a message that I had a problem. I scanned with MSE and it found virtool.win32/obfuscator.XZ but when I tried to 'clean' the system it seemed to fail. I found a similar post in this forum and so I ran F-secure and here is the report (I think this is what you...
System Security
Virtool win32 Obfuscator.xz detected
i have had this virus for some time now and then one day my mse stared popping up in my Google chrome saying virus and to clean my pc i said no a few time and then i hit yes it download win 7 clean pro which i remove in like 3 seconds but then the file Virtool win32 Obfuscator.xz stayed i got the...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:32.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App