Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


VirTool:Win32/Obfuscator.xz and HackTool:Win32/Keygen issue please help!

  • Please log in to reply
1 reply to this topic

#1 viraltrouble


  • Members
  • 1 posts
  • Local time:04:42 PM

Posted 06 April 2013 - 09:34 AM

hi my computer just went crazy and stopped working about a month ago. yesterday I just tried to start it again and miraculously it did. i ran microsoft security essentials, malwarebites and microsoft safety scanner. i also removed uniblue driver scanner via the control pannel aside from claro toolbar for chrome (i had been having the flashing screen problem with chrome before my computer broke completely, i havent dared start chrome this time), sweetIM fo rmessenger 3.6, yandex.bar 6.7 for internet explorer and some other useless stuff i cant remember. i have also installed Bluestacks since the reincarnation -if you will- of my computer.

microsoft safety scanner only managed to "partially remove" HackTool:Win/Keygen though the real deal stays still. I didnt want to manually remove these two without supervision so here i am. i tried to find the report of microsoft safety scanner but i couldnt, so i downloaded it from here http://www.microsoft.com/security/scanner/en-us/default.aspx again, and running it again now with quick scan+the infected folder as i did before. i will copy the logs in a moment.


microsoft security essentials gave the error code: 0x800700df when i first found out about the malwares and MSS stayed still for a long time when i tried to get it "help me remove" the infections for the 2nd and 3rd time.

Edited by viraltrouble, 06 April 2013 - 10:39 AM.

BC AdBot (Login to Remove)


#2 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,490 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:09:42 AM

Posted 07 April 2013 - 07:17 PM

Hello lets try this in a couple steps.


Please download Rkill by Grinler and save it to your desktop.

Link 1
Link 2


  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.


Do not reboot the computer, you will need to run the application again.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
Do not change the default options on scan results.




Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.




Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users