Showing results for 
Search instead for 
Did you mean: 
Level 7

Potential malware

I recently logged onto my computer and noticed an executable running from Windows Task Managaer labeled, 1uStEEUw.exe. I have no idea what the file is, and there is nothing available from searching the web a possible description. The file was created the last time I used Google Chrome which was over a day ago. There is nothing in my registry that points to related programs or libraries. The file was located in the C:\Documents and Settings\All Users\Application Data folder and was using just a small amount of memory and low CPU utilization. A McAfee scan of the file doesn't show any problems, but am not taking any chances.

Can anyone tell me what this file is or how I should proceed? I attached the file with a txt extension, but it is an exe.


Attachment removed from post by Moderator as it contained a malicious file.

on 19/05/11 13:34:17 IST
0 Kudos
3 Replies
Level 21

Re: Potential malware

Moved this to Malware Discussion > Home User Assitance in the hope someone from that department will spot it.

In the meanwhile I suggest submitting the file by email.

Email file to:

When submitting samples via E-mail all samples must be packaged in a .ZIP file and if you believe it to be a false detection, the email header should start with the word "False" (minus the "").

Additionally, any .ZIP file created must be password-protected using the password "infected" (minus the ""). Failure to follow these guidelines will cause your submission to be rejected.

If you've done that properly an automated response should be received almost immediately, followed by a manual one, usually within 24 - 48 hours.

If you don't receive anything it either means the file was submitted incorrectly or the response is sitting in your Junk or Spam mail folders.

**If they respond that it is an infection and you are sure it is not, reply to that email immediately ( to )  and insert the word 'False' (minus the '') in front of the header, but keep the rest of the header intact.

To be on the safe side scan with an outside anti-malware agent such as MalwareBytes (Free)  or SuperAntispyware (Free). Let them clean everything they find.

Message was edited by: Ex_Brit on 18/05/11 10:15:18 EDT AM
0 Kudos
Level 11

Re: Potential malware

Hello -

The file is malicious.

Only two vendors actually have a signature detection for it, Dr.Web and Nod32.  I have sent the file to the lab, the file is being sent for further processing.

on 19/05/11 13:30:42 IST
0 Kudos
Level 7

Re: Potential malware

Thanks for the heads up. I sent the file to McAfee and their initial review of it was that it wasn't malicious, but they still had to do an in depth analysis.

0 Kudos