Virtool win32 Obfuscator.xz detected w/ MSE

Page 2 of 6 FirstFirst 1234 ... LastLast

  1. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #11

    Quadra,

    Have you run the ESET scanner ? If so upload the log file please.

    ADDED:

    I saw that you uninstalled Daemon Tools and Power ISO . You might also want to run this little tool below .

    SCSI Pass Through Direct (SPTD), which is a well known BSOD causer. Uninstall the program at first(which you did already) . Then download SPTD standalone installer and execute the downloaded file as guided below :

    Download

    For 32-bit OS


    Download

    For 64-bit OS

    Double click to open it.

    Click this button only: (look at image below )


       Note
    If it is grayed out, as in the picture, there is no more SPTD in your system, and you just close the window.
    Last edited by VistaKing; 21 Mar 2013 at 15:18.
      My Computer
    Quote Quote

  3. Quadra
    Posts : 19
    Windows 7 Home Premium 64 Bit SP1
    Thread Starter
       New #12

    @VistaKing ESET is still running it's at about 450k files scanned right now, seems to be scanning my C: too.

    @LaybackBear Yes.
      My Computer
    Quote Quote

  4. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #13

    It scans the entire drive .

    After the scan has completed do the steps I added HERE it will help you in the long run .
      My Computer
    Quote Quote

  6. Quadra
    Posts : 19
    Windows 7 Home Premium 64 Bit SP1
    Thread Starter
       New #14

    Just a follow-up. ESET is still running and I'm about to turn in for the night. So I'm gonna let it run overnight and last I checked it found 300 items, so yeah.... If I have time before work I'll post that list from ESET. If not it'll be later in the day tomorrow. Thanks again for all your assistance everyone.
      My Computer
    Quote Quote

  7. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #15

    Take your time we are here to help
      My Computer
    Quote Quote

  8. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #16

    Quadra,

    Whenever you are ready, just attach the results.

    Just make sure that the option Remove found threats is not checked. We need to make sure there are no crucial system files removed!

    Sometimes scans take a Windows file in their sweep, and then there is a problem bigger than what you had before.

    Will take a look at the results whe you provide them, and we'll go from there.
      My Computer
    Quote Quote

  10. Quadra
    Posts : 19
    Windows 7 Home Premium 64 Bit SP1
    Thread Starter
       New #17

    Hello again,

    ESET finished up. Looked over the log and just wanted to point out there are a bunch of false-positive hits that look like this: E:\Users\Administrator\Desktop\tesv-Squall17.exe a variant of Win32/GameHack.BE application

    These are modifications for the games I own. Other than that I don't really recognize the rest of this stuff.

    @VistaKing About to start SPTD

    Thanks again.


    Edit: SPTD came back greyed out as you have depicted VistaKing.
    Virtool win32 Obfuscator.xz detected w/ MSE Attached Files
    Last edited by Quadra; 22 Mar 2013 at 13:04. Reason: Info Update
      My Computer
    Quote Quote

  11. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #18

    Good the SPTD tool didn't find any left over files when you uninstalled daemon tools .
      My Computer
    Quote Quote

  12. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #19

    Quadra,

    Please download CKScanner:
    http://downloads.malwareremoval.com/CKScanner.exe

    Important: - Save it to your Desktop

    Double-click CKScanner.exe, then, click: Search For Files
    When a list appears, click: Save List To File
    A message box verifies the file saved.

    Double-click the CKFiles.txt on your Desktop, and copy/paste the contents in your reply.

    Thanks.
      My Computer
    Quote Quote

  13. Quadra
    Posts : 19
    Windows 7 Home Premium 64 Bit SP1
    Thread Starter
       New #20

    @Cottonball Everytime I try to run CKScanner it does not respond. My mouse pointer turns into that aquamarine ring when a program doesn't respond. When I click on the CKScanner window it says "not responding." Is this one of those scans where I shouldn't touch the keyboard or mouse?

    Edit: Managed to get it to work.

    CKScanner 2.1 - Additional Security Risks - These are not necessarily bad
    c:\program files (x86)\dragon age 2\addins\da2_prc_eye\module\audio\vo\de-de\facialanimations\fxe_eye400_cave_crack.crf
    c:\program files (x86)\dragon age 2\addins\da2_prc_eye\module\audio\vo\en-us\facialanimations\fxe_eye400_cave_crack.crf
    c:\program files (x86)\dragon age 2\addins\da2_prc_eye\module\audio\vo\fr-fr\facialanimations\fxe_eye400_cave_crack.crf
    c:\program files (x86)\dragon age 2\addins\da2_prc_eye\module\data\cln_eye400_cave_crack.crf
    c:\program files (x86)\steam\steamapps\chaoz14\counter-strike source\cstrike\materials\sprites\store\crackedbeam.vmt
    c:\program files (x86)\steam\steamapps\chaoz14\counter-strike source\cstrike\materials\sprites\store\crackedbeam.vtf
    c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\.rsync\.pack\addons\acex_sm_c_sound_wep_crack.pbo.acex_sm.bisign.gz
    c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\.rsync\.pack\addons\acex_sm_c_sound_wep_crack.pbo.gz
    c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\.rsync\.pack\addons\acex_sm_s_wep_crack.pbo.acex_sm.bisign.gz
    c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\.rsync\.pack\addons\acex_sm_s_wep_crack.pbo.gz
    c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\addons\acex_sm_c_sound_wep_crack.pbo
    c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\addons\acex_sm_c_sound_wep_crack.pbo.acex_sm.bisign
    c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\addons\acex_sm_s_wep_crack.pbo
    c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@acex_sm\addons\acex_sm_s_wep_crack.pbo.acex_sm.bisign
    c:\program files (x86)\steam\steamapps\common\mount & blade with fire and sword\sounds\fire_small_crackle_slick_op.ogg
    scanner sequence 3.DK.11.AEAPTI
    ----- EOF -----
      My Computer
    Quote Quote

 
Page 2 of 6 FirstFirst 1234 ... LastLast

  Related Discussions
Read a couple threads and got a little head start. I ran Adwcleaner and am attaching the log from that and currently running TFC. I want to make sure its 100% gone and any other malware too. Would the next step be running an ESET scan?
Hello, I'm a new member. I've got this nasty virus and I cannot get rid of it. Microsoft security essentials keeps detecting it every time I run a complete scan even though it says it is in quarentine. It does not detect it in safe mode. Maybe it is a rootkit? Avira detects it as a hidden...
Hi Got up this morning to a message that I had a problem. I scanned with MSE and it found virtool.win32/obfuscator.XZ but when I tried to 'clean' the system it seemed to fail. I found a similar post in this forum and so I ran F-secure and here is the report (I think this is what you...
i have had this virus for some time now and then one day my mse stared popping up in my Google chrome saying virus and to clean my pc i said no a few time and then i hit yes it download win 7 clean pro which i remove in like 3 seconds but then the file Virtool win32 Obfuscator.xz stayed i got the...
Hi All, My last MSE scan was in October of 2012, did a scan last night and found that I'm infected with virtool.win32/obfuscator.XZ. I tried to do some research before posting and found these two threads that are relatively recent: 1. Solved: Please help removing virtool:win32/obfuscator.XZ...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 04:03.
Find Us