MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.

Page 2 of 11 FirstFirst 1234 ... LastLast

  1. Zibeltor
    Posts : 114
    Windows 7 Home Premium 64bit
    Thread Starter
       New #11

    Well, the scan finished. Nothing super interesting except the thing at the bottom.

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 03/19/2013 at 02:08 AM

    Application Version : 5.6.1014

    Core Rules Database Version : 10149
    Trace Rules Database Version: 7961

    Scan type : Complete Scan
    Total Scan Time : 00:11:19

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC Off - Administrator

    Memory items scanned : 555
    Memory threats detected : 0
    Registry items scanned : 71812
    Registry threats detected : 0
    File items scanned : 55253
    File threats detected : 15

    Adware.Tracking Cookie
    .liveperson.net [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .microsoftwindows.112.2o7.net [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    sales.liveperson.net [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .liveperson.net [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    pulse-analytics-beacon.reutersmedia.net [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    server.iad.liveperson.net [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    3DStats.com - Professional Website statistics in real time [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .kaspersky.122.2o7.net [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .eset.122.2o7.net [ C:\USERS\CARL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

    Rootkit.Agent/Gen
    C:\WINDOWS\SOFTWAREDISTRIBUTION\DOWNLOAD\07CCC227213AC080954CC1FC7C451E72\AMD64_MICROSOFT-WINDOWS-LSA_31BF3856AD364E35_6.1.7601.22099_NONE_04A88CE28CC4EB33\LSASS.EXE
      My Computer
    Quote Quote

  3. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #12

    Did you delete the results and restart ?

    Did you update before scanning ?
      My Computer
    Quote Quote

  4. Zibeltor
    Posts : 114
    Windows 7 Home Premium 64bit
    Thread Starter
       New #13

    Yes I updated before starting and yes I restarted after deleting the things it found (except for a few cookies related to my microsoft support session).
      My Computer
    Quote Quote

  6. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #14

    Lets take a look with this software

       Note
    You will need a USB Flash Drive


    Farbar Tool

    Download Farbar Recovery Scan Tool from below on a non infected PC
    For 32-bit (x86) systems
    Download


    Farbar Recovery Scan Tool and save it to a flash drive.
    For 64-bit (x64) systems
    Download


    Farbar Recovery Scan Tool x64 and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    Restart the computer.
    As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    Use the arrow keys to select the Repair your computer menu item.
    Select US as the keyboard language settings, and then click Next.
    Select the operating system you want to repair, and then click Next.
    Select your user account an click Next.

    To enter System Recovery Options by using Windows installation disc:
    Insert the installation disc.
    Restart your computer.
    If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    Click Repair your computer.
    Select US as the keyboard language settings, and then click Next.
    Select the operating system you want to repair, and then click Next.
    Select your user account and click Next.

    On the System Recovery Options menu you will get the following options:
    Startup Repair

    System Restore

    Windows Complete PC Restore

    Windows Memory Diagnostic Tool

    Command Prompt

    Select Command Prompt

    In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
       Note
    Replace letter e with the drive letter of your flash drive.

       Tip
    Type the commands below to see what your letter is for the USB drive and press ENTER after each command

    Code:
    Diskpart
List volume
    The tool will start to run.
    When the tool opens click Yes to disclaimer.
    Press Scan button.
    FRST will let you know when the scan is complete and has written the FRST.txt to file, close out this message, then type the following into the search box:
    services.exe
    Now press the Search button
    When the search is complete, search.txt will also be written to your USB
    Type exit and reboot the computer normally
    Please copy and paste both logs in your reply.(FRST.txt and Search.txt)
      My Computer
    Quote Quote

  7. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #15

    You could also try to run this program

    Download AdWareCleaner AdwCleaner Download

    AdwCleaner Download to your desktop
    Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
    Click on Search button.

    Upload the log with your reply
      My Computer
    Quote Quote

  8. Zibeltor
    Posts : 114
    Windows 7 Home Premium 64bit
    Thread Starter
       New #16

    I'm afraid I don't have a flash drive, but I'm trying the AdwCleaner. Just wondering, but this is probably the 7th...8th? adware/malware scanner I've used since I started investigating the issue. Can I just skip..straight to the best one? Haha; I'm just not sure why I'm being led through a series of ineffective programs. :/

    Alright, so I used adwCleaner program, and here's the log!
    MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it. Attached Files
      My Computer
    Quote Quote

  10. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #17

    Run the AdwCleaner once more this time click on delete . When it asks to restart please do so .
      My Computer
    Quote Quote

  11. Zibeltor
    Posts : 114
    Windows 7 Home Premium 64bit
    Thread Starter
       New #18

    Alrighty. I have deleted the files and here is the report.
    MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it. Attached Files
      My Computer
    Quote Quote

  12. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #19

    I apologize if I am giving you the run around to remove this sucker .

    Can you give me a screen shot of this please

    Open up the registry . Click on button type in REGEDIT in the search box and press Enter once REGEDIT shows up in the start menu under Programs (1) . Navigate to

    HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN

    And

    HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNOnce
      My Computer
    Quote Quote

  13. Zibeltor
    Posts : 114
    Windows 7 Home Premium 64bit
    Thread Starter
       New #20

    Haha, if it stops the interminable blue screens, you don't have to apologize for anything. I would in fact buy you many virtual beers. Here are the screen caps you asked for.
    Attached Thumbnails Attached Thumbnails MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.-screen1.jpg   MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.-screen2.jpg  
      My Computer
    Quote Quote

 
Page 2 of 11 FirstFirst 1234 ... LastLast

  Related Discussions
Read a couple threads and got a little head start. I ran Adwcleaner and am attaching the log from that and currently running TFC. I want to make sure its 100% gone and any other malware too. Would the next step be running an ESET scan?
Hello, I'm a new member. I've got this nasty virus and I cannot get rid of it. Microsoft security essentials keeps detecting it every time I run a complete scan even though it says it is in quarentine. It does not detect it in safe mode. Maybe it is a rootkit? Avira detects it as a hidden...
Hello, I realize there's a similar thread on the front page but have come to the understanding I should create my own thread. I recently ran a scan w/ MSE and came back w/ a hit for Virtool win32 Obfuscator.xz. MSE was unable to quarantine or remove it. I found what I think were the...
Hi Got up this morning to a message that I had a problem. I scanned with MSE and it found virtool.win32/obfuscator.XZ but when I tried to 'clean' the system it seemed to fail. I found a similar post in this forum and so I ran F-secure and here is the report (I think this is what you...
i have had this virus for some time now and then one day my mse stared popping up in my Google chrome saying virus and to clean my pc i said no a few time and then i hit yes it download win 7 clean pro which i remove in like 3 seconds but then the file Virtool win32 Obfuscator.xz stayed i got the...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 09:52.
Find Us