A new virus or just a title

Discussion in 'ESET Smart Security' started by univers63, Mar 1, 2009.

Thread Status:
Not open for further replies.
  1. univers63

    univers63 Registered Member

    Joined:
    May 18, 2008
    Posts:
    17
    Hello,

    I've logged on to my computer and find that there are two strange boxes flying around my desktop, entitled "Thayet Myo Hacking Day!". I can't also open up task manager, and all my desktop icons became red. Is it a virus? I have ESet Smart Security v3.0.684 on my Pc. So please help me to solve this problem

    Thanks for your helps
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    It sounds like a simple VB script changed certain registry entries. A log from SysInspector (ESI) would shed more details. Please contact customer care and provide them with the log from ESI.
     
  3. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    No, i think this one appeared first time in Nobember 2008. Its a Trojan and a very nasty one.
    AV which are up to date should be able to remove it.

    If not:
    Do the following steps with causion (backup registry or make image of partition 'C')

    ! NOT TESTED!

    Also following was reported when trying to boot in to Windows Safe mode:
    So please read this first:
    http://pcsupport.about.com/od/findbyerrormessage/a/missinghaldll.htm


    Possibility to remove the Trojan:
    Start the system in SAFE mood.
    Delete the explorer.exe files in C:\RECYCLER, c:\Windows\Backup and C:\.

    Open the Regedit and delete explorer.exe in hkey_local_machine/software/microsoft/windows/current version/run (or) hkey_current_user/software/microsoft/windows/current version/run.

    You also need to uninstall the programs if the shortcut to that programs appear as archive icon.
     
    Last edited: Mar 1, 2009
  4. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    If you locate a new suspicious file you will want to follow these steps but as Marcos recommend I suggest you create a log using ESET SysInspector and email it to support("at")eset[dot]com.

    Remember to include as much detail as possible in your email.
     
Thread Status:
Not open for further replies.