MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.

Page 5 of 11 FirstFirst ... 34567 ... LastLast

  1. Posts : 2,470
    Windows 7 Home Premium
       #41

    On:

    Rootkit.Agent/Gen
    C:\WINDOWS\SOFTWAREDISTRIBUTION\DOWNLOAD\07CCC227213AC080954CC1FC7C451E72\AMD64_MICROSOFT-WINDOWS-LSA_31BF3856AD364E35_6.1.7601.22099_NONE_04A88CE28CC4EB33\LSASS.EXE

    Would take action to check the above file further, vs. removing it.
      My Computer


  2. Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       #42

    I believe it's save to delete stuff inside this folder C:\WINDOWS\SOFTWAREDISTRIBUTION\DOWNLOAD
      My Computer


  3. Posts : 2,470
    Windows 7 Home Premium
       #43

    @VistaKing,

    Just a suggestion...

    Rootkit.Agent/Gen was flagged by SAS. It may be a false positive, but, if not, that particular Rootlit can cause problems, and maybe even the BSODs.

    Consider running:
    Malwarebytes : Malwarebytes Anti-Rootkit

    This is how I've used it...

    Save to the Desktop (easy to find)
    Right-click the file and select: Extract here...

    Follow ithe Usage instructions on the MBAR website from Step 3 to Step 6.
    For now, please stop at Step 6.

    When the program is done, two reports are created in the MBAR folder:
    1. system-log.txt
    2. mbar-log-2013-03-19 (20-13-32).txt (corresponds to mbar-log-year-month-day (hour-minute-second).txt)

    Please provide report #2, the mbar-log containing information on what was detected and removed.
    Then, we will proceed.
    Last edited by cottonball; 19 Mar 2013 at 23:34.
      My Computer


  4. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #44

    Just wondering ... why have you run AdwCleaner 4 times, and you didn't post all the results of the .txt logs?

    Also, why didn't you post the full ESET log?

    Since this is a "Self Build" computer, can you tell us where you got your current (DVD) version of Windows 7 Ultimate X64?
      My Computer


  5. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #45

    What are we dealing with here? Your current specs with "self build" or someone else's DDs log? Wasting our resource help gets you no-where
    Attached Thumbnails Attached Thumbnails MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.-specs.jpg   MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.-nonsence.jpg  
      My Computer


  6. Posts : 114
    Windows 7 Home Premium 64bit
    Thread Starter
       #46

    @ Kingvista: I uninstalled Daemon tools like you recommended, downloaded and ran the STPD checker; it didn't find anything to uninstall. I also followed the BSOD tutorial and have uploaded a rar dump of my latest blue screen. I will try and run the Microsoft Safety Scanner again, but I just wanted to get this all out in case my computer blue screens again while that happens. Edit: MSS didn't pick anything up on a quick scan; I'm gonna run a full scan to confirm. Okay, the full scan seems to consistently crash my computer, so I'm not going to do that anymore. What should we do next?

    @ Cottonball: I'm sorry, I'm a little overwhelmed right now. Kingvista was the first person to help me, so I'm just going to keep following his instructions.

    @ Jacee: I'm sorry about that game you saw earlier. I deleted all the folders and tried to uninstall it (for some reason I couldn't; I think it's on page 3). I assure you though that this copy of Windows is legitimate. I attached a screenshot that I hope will assure you. I had a good friend help me pick out most of the parts and I mainly watched him build it, so that's why I don't really know as much as you guys. I'm really sorry; I'm not trying to waste anyone's time. I've just been on the phone the last 3 days (and they're going to call me again tomorrow) with Microsoft tech support who I paid 99$ for and haven't been able to accomplish anything. :/ That's why it kind of slipped my mind to post all those logs you mentioned (and I don't really know off the top of my head where I'd find them). I don't know exactly what you're accusing me of (I don't know what a DD log is), but I promise I really did pay for everything in this computer and that it's like really here, causing me problems. I'm not trying to troll anyone.
    Attached Thumbnails Attached Thumbnails MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it.-innocent1.jpg  
    MSE found virtool.win32/obfuscator.XZ but couldn't get rid of it. Attached Files
    Last edited by Zibeltor; 19 Mar 2013 at 23:50.
      My Computer


  7. Posts : 2,470
    Windows 7 Home Premium
       #47

    Zibeltor,

    The suggestion was for VistaKing, since a Rootkit entry showed up.

    He or you, can take it or leave it.

    Good luck.
      My Computer


  8. Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       #48

    Zibeltor reason why Jacee Said that comment cause your system specs on your profile says your OS is Windows 7 Ultimate 64 bit when your logs say you have Windows 7 Home Premium .


    @ Cottonball , What suggestion ?
      My Computer


  9. Posts : 114
    Windows 7 Home Premium 64bit
    Thread Starter
       #49

    Oh, yeah. Sorry. I guess I should change that; I didn't really know what the difference between the two was :x Anyway, I'm kinda confident the malware is removed now.
      My Computer


  10. Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       #50

    I can't take a look at the .rar file right now. I am using an iPad right now . Is security tool from Microsoft locating the virus ?


    Added :


    Zibeltor we could run the tool that Cottonball suggested HERE follow the instruction that were posted as well .
      My Computer


 
Page 5 of 11 FirstFirst ... 34567 ... LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 10:22.
Find Us