Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


At My Wits End

  • Please log in to reply
1 reply to this topic

#1 immabanana


  • Members
  • 2 posts
  • Local time:04:18 PM

Posted 19 July 2013 - 02:41 AM

For a while now, I have been getting error messages when I try to start up windows firewall. I honestly have no idea why I need to start it up in the first place because I NEVER DISABLED IT. When I click to turn it on, error 0x80070424 pops up and the firewall will not start at all.


This isn't the end of it either, my screen will constantly flash when switching between users until I turn the monitor off and then back on.


Also, my computer was one a relatively jolly lad who did exactly what I needed it to at the blink of an eye, but lately, noticeable slowdowns have occurred without the addition of any new software.


A few days ago, it really started to show symptoms of virus infection when it had trouble starting up. It went through a "recovery" process and said that the problems could not be repaired. I attempted to boot it again and it came on relatively nicely but with even more noticeable slowness.


Microsoft security essentials has also been going mad with pop ups of a threat named "VirTool:Win32/Obfuscator.XZ". I'm just going to name this the culprit. The only problem is, MSE will not remove it, or maybe the correct way to phrase that is cannot remove it.


I have no knowledge in removing viruses, and I do not have the money to take it for repair by a professional. 


I heard doing a clean boot of windows may help, alas my CD's were lost yard sales ago.


In addition to MSE, I have also attempted the use of Microsoft Security Scanner to no avail. It showed up with one threat found, the Virtool thing, but also stated that it couldn't remove it.


Malwarebytes came up with nada, and as did Mcafee's rootkitremover.


I am seriously at a loss and am craving help. I am currently running the PC in safemode with networking enabled. It would be great if you lovely people here on the forum could help me get it clean. Money is tight and is the only computer in the house among four people who use it daily. I definitely couldn't afford to buy a new one.


Things I probably should have mentioned:

OS: Windows 7 Home Premium

PC Model: Lenovo H420


BC AdBot (Login to Remove)


#2 GodfatherKing


  • Members
  • 587 posts
  • Gender:Male
  • Local time:10:18 PM

Posted 19 July 2013 - 10:45 AM

Have you already tried running TDSSKiller? If not give it a try, if you already did this scan, post the log. Please also try to rescan with MBAM, but follow the exact steps to the quick scan.


Running TDSSKiller to obtain log


Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


  • In the Additional options: Check only Detect TDLFS file system
  • Click Start Scan and allow the scan process to run


  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)



Rerun Malwarebytes (MBAM)


Temporarily disable your antivirus program.

  • Please locate your Malwarebytes icon 1208__malwarebytes.png and launch the program
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.



If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users