Hiya,
I got problem with removing 1 worm, infact i managed to indentify it, see this site; http://www.sophos.com/virusinfo/analyses/w32poebotjt.html
as im using Sophos anti-vir.
It seems like im unable to remove it, as it keep appearing in C:/Windows/System32/ as an .exe file with RANDOM name.
screenie1;
I`m also using Kerio PF, everytime the virus comebacks, kerio sends me a massage that it trying to run using CMD. Never allowed it and im not gonna try whats happens after
Point is, i`ve deleted tons of such as files already, it sometimes fakes original window files, name is exactly the same, however file itself is 'brighter' smth like hidden file.
My guess is either there is somewhere a 'mother-file' which keeps creating those, or i got a hole in my security and someone keeps sending me new, which is unlikely cause i`d see it in logs :s
Any ideas?
cheers, AnTi
Edit, scanned PC with Norton, Housecall, MKS, Sophos, and also used HijackThis, Spybot, Adaware, F-Force etc nothing has completely removed it
I got problem with removing 1 worm, infact i managed to indentify it, see this site; http://www.sophos.com/virusinfo/analyses/w32poebotjt.html
as im using Sophos anti-vir.
It seems like im unable to remove it, as it keep appearing in C:/Windows/System32/ as an .exe file with RANDOM name.
screenie1;
I`m also using Kerio PF, everytime the virus comebacks, kerio sends me a massage that it trying to run using CMD. Never allowed it and im not gonna try whats happens after
Point is, i`ve deleted tons of such as files already, it sometimes fakes original window files, name is exactly the same, however file itself is 'brighter' smth like hidden file.
My guess is either there is somewhere a 'mother-file' which keeps creating those, or i got a hole in my security and someone keeps sending me new, which is unlikely cause i`d see it in logs :s
Any ideas?
cheers, AnTi
Edit, scanned PC with Norton, Housecall, MKS, Sophos, and also used HijackThis, Spybot, Adaware, F-Force etc nothing has completely removed it
Last edited:
