beta3.exe - Dangerous
beta3.exe
Jeff's Story:
My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.
I sought a solution on the Internet and discovered your product and tried out the trial.
You quickly found the rootkit and SAVED my PC!
I haven't had any problems since, and I'm extremely grateful.
Manual removal instructions:
W32.Uisgon.A is a worm that copies itself to network shares.
Related files:
%Windir%\[WORM FILENAME].[EXTENSION]
%CurrentFolder%\[CHINESE CHARACTERS]Beta3.exe
%Windir%\[CHINESE CHARACTERS]Beta3.exe
[DRIVE LETTER]:\[WORM FILENAME].bat
The worm then creates the following files:
%CurrentFolder%/sleep.vbe - a harmless file
c:\ubye.txt - a harmless file
%CurrentFolder%/inf.tem - a harmless file
%Windir%\[WORM FILENAME].vbe - a harmless file
%CurrentFolder%]\uishere-[NUMBER].txt - a harmless file
[DRIVE LETTER]:\[3 RANDOM LETTERS].[EXTENSION] - a harmless file
[DRIVE LETTER]:\[WORM FILENAME].vbe - a harmless file
c:\8bye.txt
%CurrentFolder%\s.vbe
%Windir%\uda.a
%Windir%\bakfiles\[CHINESE CHARACTERS].bat
%Windir%\bakfiles\uda.a
C:\Documents and Settings\All Users\[CHINESE CHARACTERS]\[WORM FILENAME].vbe
%Windir%\[CHINESE CHARACTERS].txt
Kill the process [CHINESE CHARACTERS]Beta3.exe and remove [CHINESE CHARACTERS]Beta3.exe from Windows startup.