kryptic.CNE trojan

Hello Friends
My network is infected with what NOD says as kryptic trojan
sometimes it says kryptic.cne some times kryptic.qe etc etc
when i scan a pc it says number of inflitrations found not number of virus or trojan detected. when ping www.someip.com the command prompt automatically closes. So i'm confirmed that i'm infected is anyone out there who could help me fix this issue.
i tried downloading a removal tool from this link
http://www.securitystronghold.com/g...ates/download/Cryptic-Trojan-Removal-Tool.exe
and NOD warned me as a virus so i didn't tried it

i'm begging for your support
thanks in advance
kalu

 

my virus signature are uptodate
and i'm using eset nod32 antivirus v 4.xxxx. business edition
thanks

 

Hello!

How many computers in your network? Do you have server in your network?
If you have home network you can turn off from network all your computers and cure all PCs one-by-one.

--
Best regards,
Roman Rashevskiy.

 

hi
yes i do have windows 2003 server and around 15 clients.
Is that the only last resort i have i.e. disconnect all clients from network and scan and cure all pc's one bye one?

Thankyou
kalu

 

hi frens after doing a bit of analysis
we found that there is file inside c:\windows\system32\wiacmfgr.exe which is the main culprit. It does not allow to open command prompt .. it is not seen in task manager and it opens port on windows firewall as DHCP ROUTER.
is there any tools to remove this crap.
thanks
kalu

 

Try renaming the file and restarting the computer. If it's not detected, submit it to ESET for analysis.

 

You can use Eset SysInspector to find and remove viruses from your computers.

 

i can neither rename nor delete it. It is not even shown in task manager.

 

i don't have access to that file how can i submit it for analysis? :~

 

surely i i will try ESET SysInspector.
But i am confirmed that NOD doesnot detect it
please have a look at this which is similar to me http://www.prevx.com/filenames/X137645727706769868-X1/WIACMFGR.EXE.html
thanks

 

this was the virus that infected us

i somehow managed to get rid of it using nod rescue CD and deleted the file. Let me remind you that NOD did not picked it up. I just manually deleted it.
thanks

 

Thanks hardworking guys at ESET.
Finally it detects the virus as
win32/AutoRun.IRCBot.DZ Worm
my virus signature database is 4875
Thankyou very much for your kind support
kalu