A new virus or just a title

Discussion in 'ESET Smart Security' started by univers63, Mar 1, 2009.

Thread Status:
Not open for further replies.
  1. univers63

    univers63 Registered Member

    May 18, 2008

    I've logged on to my computer and find that there are two strange boxes flying around my desktop, entitled "Thayet Myo Hacking Day!". I can't also open up task manager, and all my desktop icons became red. Is it a virus? I have ESet Smart Security v3.0.684 on my Pc. So please help me to solve this problem

    Thanks for your helps
  2. Marcos

    Marcos Eset Staff Account

    Nov 22, 2002
    It sounds like a simple VB script changed certain registry entries. A log from SysInspector (ESI) would shed more details. Please contact customer care and provide them with the log from ESI.
  3. Tommy

    Tommy Registered Member

    Dec 24, 2002
    Buenos Aires - Munic
    No, i think this one appeared first time in Nobember 2008. Its a Trojan and a very nasty one.
    AV which are up to date should be able to remove it.

    If not:
    Do the following steps with causion (backup registry or make image of partition 'C')


    Also following was reported when trying to boot in to Windows Safe mode:
    So please read this first:

    Possibility to remove the Trojan:
    Start the system in SAFE mood.
    Delete the explorer.exe files in C:\RECYCLER, c:\Windows\Backup and C:\.

    Open the Regedit and delete explorer.exe in hkey_local_machine/software/microsoft/windows/current version/run (or) hkey_current_user/software/microsoft/windows/current version/run.

    You also need to uninstall the programs if the shortcut to that programs appear as archive icon.
    Last edited: Mar 1, 2009
  4. elapsed

    elapsed Registered Member

    Apr 5, 2004
    If you locate a new suspicious file you will want to follow these steps but as Marcos recommend I suggest you create a log using ESET SysInspector and email it to support("at")eset[dot]com.

    Remember to include as much detail as possible in your email.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.