I recently logged onto my computer and noticed an executable running from Windows Task Managaer labeled, 1uStEEUw.exe. I have no idea what the file is, and there is nothing available from searching the web a possible description. The file was created the last time I used Google Chrome which was over a day ago. There is nothing in my registry that points to related programs or libraries. The file was located in the C:\Documents and Settings\All Users\Application Data folder and was using just a small amount of memory and low CPU utilization. A McAfee scan of the file doesn't show any problems, but am not taking any chances.
Can anyone tell me what this file is or how I should proceed? I attached the file with a txt extension, but it is an exe.
Attachment removed from post by Moderator as it contained a malicious file.
Moved this to Malware Discussion > Home User Assitance in the hope someone from that department will spot it.
In the meanwhile I suggest submitting the file by email.
Email file to: Virus_Research@avertlabs.com
When submitting samples via E-mail all samples must be packaged in a .ZIP file and if you believe it to be a false detection, the email header should start with the word "False" (minus the "").
Additionally, any .ZIP file created must be password-protected using the password "infected" (minus the ""). Failure to follow these guidelines will cause your submission to be rejected.
If you've done that properly an automated response should be received almost immediately, followed by a manual one, usually within 24 - 48 hours.
If you don't receive anything it either means the file was submitted incorrectly or the response is sitting in your Junk or Spam mail folders.
**If they respond that it is an infection and you are sure it is not, reply to that email immediately ( to Virus_Research@avertlabs.com ) and insert the word 'False' (minus the '') in front of the header, but keep the rest of the header intact.Message was edited by: Ex_Brit on 18/05/11 10:15:18 EDT AM
The file is malicious.
Only two vendors actually have a signature detection for it, Dr.Web and Nod32. I have sent the file to the lab, the file is being sent for further processing.on 19/05/11 13:30:42 IST