Windows 7: MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.

The security tool from Microsoft didn't find anything on a quick scan. When I tried to run the full scan, my computer just crashed.

I understand that you can't look at the BSOD dump right now; I'm sure you're a busy man. I'm probably going to go to sleep anyway, but before I do, just thought I'd leave this here. This is the log from Malwarebytes that Cottonball suggested. It did apparently find something and remove it (no reboot required), but I don't know how significant that is. Note: The system seems a lot more stable than before I started today (it's been running continuously now for about 3 hours, but oddly it seems to be only when it idles that it crashes).

It deleted this file

Registry Keys Detected: 1
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{11111111-1111-1111-1111-110111271159} (PUP.CrossRider)

That's not the file that was found before I don't think. What do you mean crashes ? BSOD ? I can't look at the dmp file cause I am on an iPad .

Zibeltor can you run SuperAntispyware once more please ? Upload the log file once done .

No, that's not the file that the other program found earlier; I don't think. And yes, by crashes I mean BSOD. But sometimes there's no actual BSOD, it's just all my programs (including Windows explorer) crash and all I can see is my desktop, and nothing except the mouse works so I just have to hard shut it down and reboot.

Looks like we will need to see what Cottonball and Lacee says .

Hi there
If you have a decent backup of your OS why not just wipe the machine and restore a CLEAN version.

Re-format the disk as well before proceeding.

Would seem second nature to me to do this -- How can you possibly ever be sure that an INFECTED machine could ever be 100% cleansed --especially if you are running the cleansing program on an INFECTED machine in the first place.

I'm not Dr Spock in Star Trek but you don't need to be a Vulcan to appreciate that it's "just not logical".

If you run decent daily scans and backup the OS every day you should have an uninfected backup copy. If you haven't well that is just plain idiotic -- Re-install OS is only safe solution.

Most people will disagree here - but I'm sticking to my guns -- I WOULD NEVER EVER trust ANY A/V cleansing software. Once I get an infected computer - the only ways of cleansing it are either a restore or a re-install of the OS -- and before doing that a re-format of the disk(s) as well.

Cheers
jimbo

@VistaKing,

You guys have a hard call...

BSODs can be caused by malware, praticularly Rootkits or Bootkits that get hold of the Master Boot Record or boot code. This has not been ruled out, but the Rootkit SAS reported may have been a false positive. There is also no clue as to what SAS removed since there was no report provided with removals, etc.

What shows up in MBAR is a PUP.

A serious consideration is that the BSODs may be hardware or driver related. This machine was built by Zibeltor and someone else, which may give a little more room for issues than a factory built system.

Pursuing the BSODs looks to be the best decision. If you do a clean install, if there is a hardware issue, the problem could appear again. That would be a bummer!!

Do you agree?

@ Jimbo: Yeah; that's exactly what Microsoft is telling me to do. :/ I kinda agree with Cottonball though. My computer has been having issues that don't seem to be just viral. I only say that because of how consistently it crashes instead of goes to sleep (when I leave it idle for about 30 minutes). The only reason I really hesitate to do the clean wipe is because I don't have a CD; and tech support is telling me I need to pay another 299$ to get the OS I originally paid for working. x.x

@ Cottonball: I think you're absolutely right. I'd hate to spend almost 300$ on a CD, after having spent 99$ on tech support, just to find out that it was some arcane hardware incompatibility the whole time. These issues have also been plaguing me since day 1 when I built the computer, which is another reason I doubt the sole issue is any malware. (It was bluescreening before I ever downloaded anything). I ran malware bytes like you suggested, it found and deleted something, but I don't think it was that important. The log is a little higher up.

@ VistaKing: I'm running Superantispyware right now. I'll edit this and add the log when it's done. Edit: It found a bunch of tracking cookies, no big stuff. Haha, most of the cookies are from Microsoft's tech support. I think cottonball is kind of on the right track; I don't think it was ever really viruses causing my BSOD's.

@Zibeltor,

Thanks for the info.

SAS states: File threats detected: 21
However, it only presented 16 of them??? Whatever...but strange.

Looks as if VistaKing is setting you up for BSOD analysis.
Let's get his thoughts on this, but, I'm pretty sure he will move forward.

BSODs are bummers. Grrrr...

Good luck, Zibeltor!

I'm more excited than anything. My system is already better for some reason; the prospect of being ultimately rid of the BSOD's is very tantalizing.

I'm sure the folks at the BSOD forum. and VistaKing. will help you with whatever is possible, just like we tried to help you here to get the malware out of the way.

Regards...