Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Virtool win32 Obfuscator.xz detected w/ MSE

21 Mar 2013   #11
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Quadra,

Have you run the ESET scanner ? If so upload the log file please.

ADDED:

I saw that you uninstalled Daemon Tools and Power ISO . You might also want to run this little tool below .

SCSI Pass Through Direct (SPTD), which is a well known BSOD causer. Uninstall the program at first(which you did already) . Then download SPTD standalone installer and execute the downloaded file as guided below :
download For 32-bit OS

download For 64-bit OS

Double click to open it.

Click this button only: (look at image below )


Note   Note
If it is grayed out, as in the picture, there is no more SPTD in your system, and you just close the window.



My System SpecsSystem Spec
.

21 Mar 2013   #12
Quadra

Windows 7 Home Premium 64 Bit SP1
 
 

@VistaKing ESET is still running it's at about 450k files scanned right now, seems to be scanning my C: too.

@LaybackBear Yes.
My System SpecsSystem Spec
21 Mar 2013   #13
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

It scans the entire drive .

After the scan has completed do the steps I added HERE it will help you in the long run .
My System SpecsSystem Spec
.


21 Mar 2013   #14
Quadra

Windows 7 Home Premium 64 Bit SP1
 
 

Just a follow-up. ESET is still running and I'm about to turn in for the night. So I'm gonna let it run overnight and last I checked it found 300 items, so yeah.... If I have time before work I'll post that list from ESET. If not it'll be later in the day tomorrow. Thanks again for all your assistance everyone.
My System SpecsSystem Spec
21 Mar 2013   #15
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Take your time we are here to help
My System SpecsSystem Spec
21 Mar 2013   #16
cottonball

Windows 7 Home Premium
 
 

Quadra,

Whenever you are ready, just attach the results.

Just make sure that the option Remove found threats is not checked. We need to make sure there are no crucial system files removed!

Sometimes scans take a Windows file in their sweep, and then there is a problem bigger than what you had before.

Will take a look at the results whe you provide them, and we'll go from there.
My System SpecsSystem Spec
22 Mar 2013   #17
Quadra

Windows 7 Home Premium 64 Bit SP1
 
 

Hello again,

ESET finished up. Looked over the log and just wanted to point out there are a bunch of false-positive hits that look like this: E:\Users\Administrator\Desktop\tesv-Squall17.exe a variant of Win32/GameHack.BE application

These are modifications for the games I own. Other than that I don't really recognize the rest of this stuff.

@VistaKing About to start SPTD

Thanks again.


Edit: SPTD came back greyed out as you have depicted VistaKing.


Attached Files
File Type: txt ESETScan.txt (43.5 KB, 17 views)
My System SpecsSystem Spec
22 Mar 2013   #18
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Good the SPTD tool didn't find any left over files when you uninstalled daemon tools .
My System SpecsSystem Spec
22 Mar 2013   #19
cottonball

Windows 7 Home Premium
 
 

Quadra,

Please download CKScanner:
http://downloads.malwareremoval.com/CKScanner.exe

Important: - Save it to your Desktop

Double-click CKScanner.exe, then, click: Search For Files
When a list appears, click: Save List To File
A message box verifies the file saved.

Double-click the CKFiles.txt on your Desktop, and copy/paste the contents in your reply.

Thanks.
My System SpecsSystem Spec
22 Mar 2013   #20
Quadra

Windows 7 Home Premium 64 Bit SP1
 
 

@Cottonball Everytime I try to run CKScanner it does not respond. My mouse pointer turns into that aquamarine ring when a program doesn't respond. When I click on the CKScanner window it says "not responding." Is this one of those scans where I shouldn't touch the keyboard or mouse?

Edit: Managed to get it to work.

CKScanner 2.1 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\dragon age 2\addins\da2_prc_eye\module\audio\vo\de-de\facialanimations\fxe_eye400_cave_crack.crf
c:\program files (x86)\dragon age 2\addins\da2_prc_eye\module\audio\vo\en-us\facialanimations\fxe_eye400_cave_crack.crf
c:\program files (x86)\dragon age 2\addins\da2_prc_eye\module\audio\vo\fr-fr\facialanimations\fxe_eye400_cave_crack.crf
c:\program files (x86)\dragon age 2\addins\da2_prc_eye\module\data\cln_eye400_cave_crack.crf
c:\program files (x86)\steam\steamapps\chaoz14\counter-strike source\cstrike\materials\sprites\store\crackedbeam.vmt
c:\program files (x86)\steam\steamapps\chaoz14\counter-strike source\cstrike\materials\sprites\store\crackedbeam.vtf
c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\.rsync\.pack\addons\acex_sm_c_sound_wep_crack.pbo.acex_sm.bisign.gz
c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\.rsync\.pack\addons\acex_sm_c_sound_wep_crack.pbo.gz
c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\.rsync\.pack\addons\acex_sm_s_wep_crack.pbo.acex_sm.bisign.gz
c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\.rsync\.pack\addons\acex_sm_s_wep_crack.pbo.gz
c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\addons\acex_sm_c_sound_wep_crack.pbo
c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\addons\acex_sm_c_sound_wep_crack.pbo.acex_sm.bisign
c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\addons\acex_sm_s_wep_crack.pbo
c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\addons\acex_sm_s_wep_crack.pbo.acex_sm.bisign
c:\program files (x86)\steam\steamapps\common\mount & blade with fire and sword\sounds\fire_small_crackle_slick_op.ogg
scanner sequence 3.DK.11.AEAPTI
----- EOF -----
My System SpecsSystem Spec
Reply

 Virtool win32 Obfuscator.xz detected w/ MSE




Thread Tools





Similar help and support threads
Thread Forum
Trying to get rid of virtool:win32/obfuscator.xz
Read a couple threads and got a little head start. I ran Adwcleaner and am attaching the log from that and currently running TFC. I want to make sure its 100% gone and any other malware too. Would the next step be running an ESET scan?
System Security
having possible issues related to VirTool:Win32\Obfuscator.XZ
hi, so about 2 weeks ago i dled a cracked version of the crysis series and it turned out that the cracked had contained the VirTool:Win32\Obfuscator.XZ malware (picked up by MSE) and subsequently steam stopped working properly (not sure if related). i removed the files that MSE said contained the...
System Security
Unable to get rid of virtool.win32/obfuscator.XZ
Hello, I'm a new member. I've got this nasty virus and I cannot get rid of it. Microsoft security essentials keeps detecting it every time I run a complete scan even though it says it is in quarentine. It does not detect it in safe mode. Maybe it is a rootkit? Avira detects it as a hidden...
System Security
MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.
How do I get rid of this sucker?
System Security
Infected by virtool.win32/obfuscator.XZ
Hi Got up this morning to a message that I had a problem. I scanned with MSE and it found virtool.win32/obfuscator.XZ but when I tried to 'clean' the system it seemed to fail. I found a similar post in this forum and so I ran F-secure and here is the report (I think this is what you...
System Security
Virtool win32 Obfuscator.xz detected
i have had this virus for some time now and then one day my mse stared popping up in my Google chrome saying virus and to clean my pc i said no a few time and then i hit yes it download win 7 clean pro which i remove in like 3 seconds but then the file Virtool win32 Obfuscator.xz stayed i got the...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 18:45.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App