Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.

20 Mar 2013   #51
Zibeltor

Windows 7 Home Premium 64bit
 
 

The security tool from Microsoft didn't find anything on a quick scan. When I tried to run the full scan, my computer just crashed.

I understand that you can't look at the BSOD dump right now; I'm sure you're a busy man. I'm probably going to go to sleep anyway, but before I do, just thought I'd leave this here. This is the log from Malwarebytes that Cottonball suggested. It did apparently find something and remove it (no reboot required), but I don't know how significant that is. Note: The system seems a lot more stable than before I started today (it's been running continuously now for about 3 hours, but oddly it seems to be only when it idles that it crashes).




Attached Files
File Type: txt mbar-log-2013-03-20 (01-12-34).txt (2.1 KB, 3 views)
My System SpecsSystem Spec
.
20 Mar 2013   #52
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

It deleted this file

Registry Keys Detected: 1
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{11111111-1111-1111-1111-110111271159} (PUP.CrossRider)

That's not the file that was found before I don't think. What do you mean crashes ? BSOD ? I can't look at the dmp file cause I am on an iPad .

Zibeltor can you run SuperAntispyware once more please ? Upload the log file once done .
My System SpecsSystem Spec
20 Mar 2013   #53
Zibeltor

Windows 7 Home Premium 64bit
 
 

No, that's not the file that the other program found earlier; I don't think. And yes, by crashes I mean BSOD. But sometimes there's no actual BSOD, it's just all my programs (including Windows explorer) crash and all I can see is my desktop, and nothing except the mouse works so I just have to hard shut it down and reboot.
My System SpecsSystem Spec
.

20 Mar 2013   #54
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Looks like we will need to see what Cottonball and Lacee says .
My System SpecsSystem Spec
20 Mar 2013   #55
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 

Hi there
If you have a decent backup of your OS why not just wipe the machine and restore a CLEAN version.

Re-format the disk as well before proceeding.

Would seem second nature to me to do this -- How can you possibly ever be sure that an INFECTED machine could ever be 100% cleansed --especially if you are running the cleansing program on an INFECTED machine in the first place.

I'm not Dr Spock in Star Trek but you don't need to be a Vulcan to appreciate that it's "just not logical".

If you run decent daily scans and backup the OS every day you should have an uninfected backup copy. If you haven't well that is just plain idiotic -- Re-install OS is only safe solution.

Most people will disagree here - but I'm sticking to my guns -- I WOULD NEVER EVER trust ANY A/V cleansing software. Once I get an infected computer - the only ways of cleansing it are either a restore or a re-install of the OS -- and before doing that a re-format of the disk(s) as well.

Cheers
jimbo
My System SpecsSystem Spec
20 Mar 2013   #56
cottonball

Windows 7 Home Premium
 
 

@VistaKing,

You guys have a hard call...

BSODs can be caused by malware, praticularly Rootkits or Bootkits that get hold of the Master Boot Record or boot code. This has not been ruled out, but the Rootkit SAS reported may have been a false positive. There is also no clue as to what SAS removed since there was no report provided with removals, etc.

What shows up in MBAR is a PUP.

A serious consideration is that the BSODs may be hardware or driver related. This machine was built by Zibeltor and someone else, which may give a little more room for issues than a factory built system.

Pursuing the BSODs looks to be the best decision. If you do a clean install, if there is a hardware issue, the problem could appear again. That would be a bummer!!

Do you agree?
My System SpecsSystem Spec
20 Mar 2013   #57
Zibeltor

Windows 7 Home Premium 64bit
 
 

@ Jimbo: Yeah; that's exactly what Microsoft is telling me to do. :/ I kinda agree with Cottonball though. My computer has been having issues that don't seem to be just viral. I only say that because of how consistently it crashes instead of goes to sleep (when I leave it idle for about 30 minutes). The only reason I really hesitate to do the clean wipe is because I don't have a CD; and tech support is telling me I need to pay another 299$ to get the OS I originally paid for working. x.x

@ Cottonball: I think you're absolutely right. I'd hate to spend almost 300$ on a CD, after having spent 99$ on tech support, just to find out that it was some arcane hardware incompatibility the whole time. These issues have also been plaguing me since day 1 when I built the computer, which is another reason I doubt the sole issue is any malware. (It was bluescreening before I ever downloaded anything). I ran malware bytes like you suggested, it found and deleted something, but I don't think it was that important. The log is a little higher up.

@ VistaKing: I'm running Superantispyware right now. I'll edit this and add the log when it's done. Edit: It found a bunch of tracking cookies, no big stuff. Haha, most of the cookies are from Microsoft's tech support. I think cottonball is kind of on the right track; I don't think it was ever really viruses causing my BSOD's.


Attached Files
File Type: txt SAS log.txt (2.5 KB, 5 views)
My System SpecsSystem Spec
20 Mar 2013   #58
cottonball

Windows 7 Home Premium
 
 

@Zibeltor,

Thanks for the info.

SAS states: File threats detected: 21
However, it only presented 16 of them??? Whatever...but strange.

Looks as if VistaKing is setting you up for BSOD analysis.
Let's get his thoughts on this, but, I'm pretty sure he will move forward.

BSODs are bummers. Grrrr...

Good luck, Zibeltor!
My System SpecsSystem Spec
20 Mar 2013   #59
Zibeltor

Windows 7 Home Premium 64bit
 
 

I'm more excited than anything. My system is already better for some reason; the prospect of being ultimately rid of the BSOD's is very tantalizing.
My System SpecsSystem Spec
20 Mar 2013   #60
cottonball

Windows 7 Home Premium
 
 

I'm sure the folks at the BSOD forum. and VistaKing. will help you with whatever is possible, just like we tried to help you here to get the malware out of the way.

Regards...
My System SpecsSystem Spec
Reply

 MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Trying to get rid of virtool:win32/obfuscator.xz
Read a couple threads and got a little head start. I ran Adwcleaner and am attaching the log from that and currently running TFC. I want to make sure its 100% gone and any other malware too. Would the next step be running an ESET scan?
System Security
Unable to get rid of virtool.win32/obfuscator.XZ
Hello, I'm a new member. I've got this nasty virus and I cannot get rid of it. Microsoft security essentials keeps detecting it every time I run a complete scan even though it says it is in quarentine. It does not detect it in safe mode. Maybe it is a rootkit? Avira detects it as a hidden...
System Security
Virtool win32 Obfuscator.xz detected w/ MSE
Hello, I realize there's a similar thread on the front page but have come to the understanding I should create my own thread. I recently ran a scan w/ MSE and came back w/ a hit for Virtool win32 Obfuscator.xz. MSE was unable to quarantine or remove it. I found what I think were the...
System Security
Infected by virtool.win32/obfuscator.XZ
Hi Got up this morning to a message that I had a problem. I scanned with MSE and it found virtool.win32/obfuscator.XZ but when I tried to 'clean' the system it seemed to fail. I found a similar post in this forum and so I ran F-secure and here is the report (I think this is what you...
System Security
Virtool win32 Obfuscator.xz detected
i have had this virus for some time now and then one day my mse stared popping up in my Google chrome saying virus and to clean my pc i said no a few time and then i hit yes it download win 7 clean pro which i remove in like 3 seconds but then the file Virtool win32 Obfuscator.xz stayed i got the...
System Security
Infected by virtool.win32/obfuscator.XZ on Windows 7
Hi All, My last MSE scan was in October of 2012, did a scan last night and found that I'm infected with virtool.win32/obfuscator.XZ. I tried to do some research before posting and found these two threads that are relatively recent: 1. Solved: Please help removing virtool:win32/obfuscator.XZ...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 05:53.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App