Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.

19 Mar 2013   #41
cottonball

Windows 7 Home Premium
 
 

On:

Rootkit.Agent/Gen
C:\WINDOWS\SOFTWAREDISTRIBUTION\DOWNLOAD\07CCC227213AC080954CC1FC7C451E72\AMD64_MICROSOFT-WINDOWS-LSA_31BF3856AD364E35_6.1.7601.22099_NONE_04A88CE28CC4EB33\LSASS.EXE

Would take action to check the above file further, vs. removing it.


My System SpecsSystem Spec
.
19 Mar 2013   #42
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

I believe it's save to delete stuff inside this folder C:\WINDOWS\SOFTWAREDISTRIBUTION\DOWNLOAD
My System SpecsSystem Spec
19 Mar 2013   #43
cottonball

Windows 7 Home Premium
 
 

@VistaKing,

Just a suggestion...

Rootkit.Agent/Gen was flagged by SAS. It may be a false positive, but, if not, that particular Rootlit can cause problems, and maybe even the BSODs.

Consider running:
Malwarebytes : Malwarebytes Anti-Rootkit

This is how I've used it...

Save to the Desktop (easy to find)
Right-click the file and select: Extract here...

Follow ithe Usage instructions on the MBAR website from Step 3 to Step 6.
For now, please stop at Step 6.

When the program is done, two reports are created in the MBAR folder:
1. system-log.txt
2. mbar-log-2013-03-19 (20-13-32).txt (corresponds to mbar-log-year-month-day (hour-minute-second).txt)

Please provide report #2, the mbar-log containing information on what was detected and removed.
Then, we will proceed.
My System SpecsSystem Spec
.

19 Mar 2013   #44
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Just wondering ... why have you run AdwCleaner 4 times, and you didn't post all the results of the .txt logs?

Also, why didn't you post the full ESET log?

Since this is a "Self Build" computer, can you tell us where you got your current (DVD) version of Windows 7 Ultimate X64?
My System SpecsSystem Spec
19 Mar 2013   #45
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

What are we dealing with here? Your current specs with "self build" or someone else's DDs log? Wasting our resource help gets you no-where


Attached Thumbnails
MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.-specs.jpg  
Attached Images
MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.-nonsence.jpg 
My System SpecsSystem Spec
19 Mar 2013   #46
Zibeltor

Windows 7 Home Premium 64bit
 
 

@ Kingvista: I uninstalled Daemon tools like you recommended, downloaded and ran the STPD checker; it didn't find anything to uninstall. I also followed the BSOD tutorial and have uploaded a rar dump of my latest blue screen. I will try and run the Microsoft Safety Scanner again, but I just wanted to get this all out in case my computer blue screens again while that happens. Edit: MSS didn't pick anything up on a quick scan; I'm gonna run a full scan to confirm. Okay, the full scan seems to consistently crash my computer, so I'm not going to do that anymore. What should we do next?

@ Cottonball: I'm sorry, I'm a little overwhelmed right now. Kingvista was the first person to help me, so I'm just going to keep following his instructions.

@ Jacee: I'm sorry about that game you saw earlier. I deleted all the folders and tried to uninstall it (for some reason I couldn't; I think it's on page 3). I assure you though that this copy of Windows is legitimate. I attached a screenshot that I hope will assure you. I had a good friend help me pick out most of the parts and I mainly watched him build it, so that's why I don't really know as much as you guys. I'm really sorry; I'm not trying to waste anyone's time. I've just been on the phone the last 3 days (and they're going to call me again tomorrow) with Microsoft tech support who I paid 99$ for and haven't been able to accomplish anything. :/ That's why it kind of slipped my mind to post all those logs you mentioned (and I don't really know off the top of my head where I'd find them). I don't know exactly what you're accusing me of (I don't know what a DD log is), but I promise I really did pay for everything in this computer and that it's like really here, causing me problems. I'm not trying to troll anyone.


Attached Thumbnails
MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.-innocent1.jpg  
Attached Files
File Type: rar Zibeltor.rar (641.4 KB, 4 views)
My System SpecsSystem Spec
19 Mar 2013   #47
cottonball

Windows 7 Home Premium
 
 

Zibeltor,

The suggestion was for VistaKing, since a Rootkit entry showed up.

He or you, can take it or leave it.

Good luck.
My System SpecsSystem Spec
20 Mar 2013   #48
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Zibeltor reason why Jacee Said that comment cause your system specs on your profile says your OS is Windows 7 Ultimate 64 bit when your logs say you have Windows 7 Home Premium .


@ Cottonball , What suggestion ?
My System SpecsSystem Spec
20 Mar 2013   #49
Zibeltor

Windows 7 Home Premium 64bit
 
 

Oh, yeah. Sorry. I guess I should change that; I didn't really know what the difference between the two was :x Anyway, I'm kinda confident the malware is removed now.
My System SpecsSystem Spec
20 Mar 2013   #50
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

I can't take a look at the .rar file right now. I am using an iPad right now . Is security tool from Microsoft locating the virus ?


Added :


Zibeltor we could run the tool that Cottonball suggested HERE follow the instruction that were posted as well .
My System SpecsSystem Spec
Reply

 MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Trying to get rid of virtool:win32/obfuscator.xz
Read a couple threads and got a little head start. I ran Adwcleaner and am attaching the log from that and currently running TFC. I want to make sure its 100% gone and any other malware too. Would the next step be running an ESET scan?
System Security
Unable to get rid of virtool.win32/obfuscator.XZ
Hello, I'm a new member. I've got this nasty virus and I cannot get rid of it. Microsoft security essentials keeps detecting it every time I run a complete scan even though it says it is in quarentine. It does not detect it in safe mode. Maybe it is a rootkit? Avira detects it as a hidden...
System Security
Virtool win32 Obfuscator.xz detected w/ MSE
Hello, I realize there's a similar thread on the front page but have come to the understanding I should create my own thread. I recently ran a scan w/ MSE and came back w/ a hit for Virtool win32 Obfuscator.xz. MSE was unable to quarantine or remove it. I found what I think were the...
System Security
Infected by virtool.win32/obfuscator.XZ
Hi Got up this morning to a message that I had a problem. I scanned with MSE and it found virtool.win32/obfuscator.XZ but when I tried to 'clean' the system it seemed to fail. I found a similar post in this forum and so I ran F-secure and here is the report (I think this is what you...
System Security
Virtool win32 Obfuscator.xz detected
i have had this virus for some time now and then one day my mse stared popping up in my Google chrome saying virus and to clean my pc i said no a few time and then i hit yes it download win 7 clean pro which i remove in like 3 seconds but then the file Virtool win32 Obfuscator.xz stayed i got the...
System Security
Infected by virtool.win32/obfuscator.XZ on Windows 7
Hi All, My last MSE scan was in October of 2012, did a scan last night and found that I'm infected with virtool.win32/obfuscator.XZ. I tried to do some research before posting and found these two threads that are relatively recent: 1. Solved: Please help removing virtool:win32/obfuscator.XZ...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 17:20.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App