W32/Poebot-F

Viruses and worms
1

How I can remove this virus
avast don’t detected till now and I need help to remove registry entry and any other files generated by virus

2

How can we help with so little information?

In order to help fully we need more information…
- What OS are you using? is it up to date?
- What email program are you using - if applicable?
- What avast! version and VPS file (virus database) number, e.g. 0436-4 (see about avast!)
- What was the virus name, what was the filename, where was it found
example (C:\windows\system32\infected-filename.xxx)?

I would also suggest that you visit Eddy’s Website click the “HiJackThis Section” and also the “Malware removal instructions and applications” section, and follow the directions there and get back to us if you need more help…

3

Maybe is 4.5.561 but I don’t know exactely avast version because is updated online
Also avast don’t say nothing about that only my firewall warn me because some program want to conect to net without permission and when I search by google about defragfatx.exe I found that is a virus

4

Also please review:
http://www.sophos.com/virusinfo/analyses/w32poebotf.html

5
Maybe is 4.5.561 but I don't know exactely
To find out: Right click the blue ball with the "A" and choose about.

To clean your system:
Click on the link in my signature and follow the instructions in the malware removal section

For help with HijackThis (and for log analyzing):
Visit my website and go to the HijackThis section

6

Like I said 4.5.561
But why this virus isn’t in your database till now?
I visited your link but I don’t know where is a log file in my computer and also I have not knowledges about virus and files management

7

When you say “the virus isn’t in the database till now” implies that it is now in the database. When in fact I now believe that it isn’t in the database at all, or no detection by avast.

Unfortunately there is no common standard for naming viruses, so it could well be called something different by avast!

The reference that you quote also mentions the major reason for infection is the RPC and LSASS exploits which have long been patched by MS, so a visit to windows update would be worthwhile.

Follow Eddy’s advice on his site as this can resolve virtually all problems. When you download HiJackThis, create folder on your Hard Drive called HiJackThis and unzip the contents if the downloaded file into it, when you run hijackthis from there, the hijackthis.log will be saved in that folder so you should be able to find it.

8
I visited your link but I don't know where is a log file
It is only there if YOU created it with HijackThis.

Just follow the instructions in the malware removal section.