locked
VirTool:Win32/obfuscator.Q RRS feed

  • Question

  • I have just installed live OneCare and ran the virus scan. It has apparently found an unwanted software which is identified as follows:

     Software: VirTool:Win32/obfuscator.Q       Category: Malware Creation tool

    Alert Level = Severe

     

    When I select “Clean all” It states that it needs to do another scan to clean the software. After a full scan it reports that Quarantine has failed.  Unfortunately there is no other information that is available regarding the location of the malware. I have done searches on “obfuscator” and have not been able to locate the file. When I run the online scan the report indicates that the following resources are used by the file:

     

                dmloaderm.dll.bak

    dmloaderm.dll

     

    I'm running XP proffesional with all the updates including IE7.

    Any help will be greatly appreciated.

     

    Sunday, November 18, 2007 10:38 PM

Answers

All replies

  • See this post for information about Quarantine Failed - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=1548384&SiteID=2

    -steve

    Monday, November 19, 2007 2:29 AM
    Moderator
  •  

    That answer doesn't help. It only refers to a thread that covers when quarantine fails for viruses in email msgs.   and even then it only says that MSFT doesn't give the info on where the virus is.  It is not helpful in the least to the query re the specific Win32/obfuscator.Q.   If you do not have an actual helpful answer, please do not post sending people on a waste of time wild goose chase.  Meanwhile, my computer is reporting the same virus, Onecare is unable to clean the virus, Onecare is even unable to tell me where it is, and it is also interruptnig me every 90 seconds to tell me that it found the same virus that it can do nothing about.

     

    Can someone who as actual answer post a reply re this virus and how to remove it?  and please don't just refer to another link that is of no help.

    Sunday, January 13, 2008 9:39 PM
  • The answer *is* helpful in that it details how to find out where the virus has been found. Open OneCare, click on change settings. Click on the logging tab. Click on create support log. In the report that opens in your web browser, scroll to the virus and spyware secttion and review the entries there.

    If OneCare is not able to completely remove the threat, please contact OneCare support.

    How to reach support - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

    If it fails to validate your subscription, select the option that you are using a trial or beta copy and you can proceed to email support without validation once you've signed in.

     

    -steve

    Sunday, January 13, 2008 10:54 PM
    Moderator
  • Helpful would be to state where the supposed infection is before taking any action.

     

    This program is utterly useless at the moment because it detects every single remote control/password tool on the system and idiotically acts without user intervention or actually giving a clue as to what file is wrongly thinks is "infected".

     

    Ok the program might be some use to the sort of numpty who is too stupid to breath without instructions but it's useless to anyone with a brain.

    Friday, January 18, 2008 7:31 AM
  •  Rentaguru wrote:

    Ok the program might be some use to the sort of numpty who is too stupid to breath without instructions but it's useless to anyone with a brain.

    That's kind of harsh.

     

    I do agree that OneCare should have a configuration to prompt before taking action on threats - blocking is fine, but then prompt for clean, quarantine, delete. Let the user decide if they want these prompts or not as there are many people who do not want to be prompted, they want to be protected, and a prompt will probably actually cause them to panic or make the wrong decision.

    -steve

    Friday, January 18, 2008 2:04 PM
    Moderator
  • It's not telling you where the threat is located that makes it completely useless.

     

    I want to know what it's going to screw with before I let it screw.  I'm pretty sure it's screwed my copy of the ultimate boot disk for windows.

    Friday, January 18, 2008 3:32 PM