Infected by virtool.win32/obfuscator.XZ

[italicus3000]

Back up your registry first http://www.sevenforums.com/tutorials/4230-registry-backup-restore.html

Then follow the manual removal here: How to Remove VirTool:Win32/obfuscator.XZ Completely and Effectively (Step-by-step Removal) - Tee Support Blog

Now run a full scan with MSE and ESET ESET :: Get a FREE Online Virus Scan

Hi to all, I'm having the same problem with that virus and I want to use the manual removal discussed above in the thread, but I'm not really sure of what I'm doing, so I really appriciate some help .....

ok so now I'm finding the registry entries that I have to remove, like the manual said, but I find some registry entries with different values. Let me to take an example:

I have found

HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS " CERTIFICATEREVOCATION" = '1'

instead of

HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS " CERTIFICATEREVOCATION" = '0'

Do I have to remove that key anyway???

 

[Layback Bear]

italicus3000 welcome to the Sever Forum. So you can be taken care of properly please start a new Thread with your problem. We will be happy to guide you.

 

[italicus3000]

OK ok sorry...

 

[pramienjager]

I see that this problem seems to be resolved, the last post was 168 days ago. I had a similar issue and arrived here via a google search. None of this was actually helpful at all, as it turns out that particular item, the VirTool:Win32/Obfuscator.XZ is not a virus nor is it a virus injection method. It is a device used to activate cracked or pirated games and other such programs. I do not condone theft or pirating (I came across the tool on a PC I was cleaning), if you have this, it is likely because some program you DL would normally need a key code to activate and this bypasses that. either stop stealing games or "allow" this in your antivirus.