Problem with win32/wigon.KT

Discussion in 'ESET Smart Security' started by Ptitsnake, Jun 25, 2009.

Thread Status:
Not open for further replies.
  1. Ptitsnake

    Ptitsnake Registered Member

    Joined:
    Jun 25, 2009
    Posts:
    1
    Hello everyone,

    For more than 2 days I was infected by virus, that I can not delete.
    This is a win32/Wigon.KT, my antivirus ESET Smart Security 4.0.417.
    So I constantly alert my antivirus saying that a file containing the virus have to be blocked is quarantined.
    But the problem is that this type of message reappears every 5min and each time the infected object in time is different.
    Here is an example of messages that I can get:

    capture03f.jpg
    http://img222.imageshack.us/img222/5087/capture03f.jpg

    capture01b.jpg
    http://img146.imageshack.us/img146/8628/capture01b.jpg

    I have attached the result of the analysis of HijackThis and Malwarebytes' Anti-Malware.
    I also did an online scan on Kaspersky site but did not find this virus.

    What can I do? How can I solve this problem?

    Thank you in advance.

    Ptitsnake.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    There are several things you might want to try:
    1, check the threat log for details about the threat. It should include information about the application that created the file. Run SysInspector to see if the file is deemed assesed as suspicious (the log may help you reveal all suspicious files). Submit the suspicious file(s)to www.virustotal.com and email them to samples[at]eset.com while enclosing as much information as possible (including VT results as well as a log from SysInspector).
    2, start Windows in safe mode and run a full disk scan
    3, create a rescue cd, boot from it and run a full disk scan. This way you could reveal possible rootkits that are otherwise hidden.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.