W32.Uisgon.A
Aliases: N/A
Variants: N/A
Classification: Malware
Category: Computer Worm
Status: Active & Spreading
Spreading: Slow
Geographical info: Asia
Removal: Easy
Platform: W32
Discovered: 16 May 2007
Damage: Low
Characteristics: The W32.Uisgon.A application is a worm that replicates itself to shares on the network. The infection length ranges from 2,873 bytes to 4,233 bytes.
W32.Uisgon.A Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean W32.Uisgon.A from your computer.
More details about W32.Uisgon.A
Once the W32.Uisgon.A was executed, it replicates itself the files such as the [DRIVE LETTER]:\[WORM FILENAME].bat, %CurrentFolder%\[CHINESE CHARACTERS]Beta3.exe, %Windir%\[CHINESE CHARACTERS]Beta3.exe, and %Windir%\[WORM FILENAME].[EXTENSION]. The worm then creates file where majority are harmless files like %CurrentFolder%]\uishere-[NUMBER].txt, %CurrentFolder%/sleep.vbe, %Windir%\[WORM FILENAME].vbe, c:\ubye.txt, and %CurrentFolder%/inf.tem. The worms may create files such as c:\8bye.txt, %Windir%\[CHINESE CHARACTERS].bat, %Windir%\[CHINESE CHARACTERS].txt, %CurrentFolder%\s.vbe, %Windir%\uda.exe, %Windir%\bakfiles\[CHINESE CHARACTERS].bat, %Windir%\uda.a, %Windir%\uda-[CHINESE CHARACTERS].bat, %Windir%\Anti-[CHINESE CHARACTERS].bat, %Windir%\bakfiles\uda.a, etc. The worm also deletes the %Windir%\ReadMe.txt file. When removing the virus, first thing is you have to disable the System Restore of your computer, Windows Me or Windows XP. Just turn the System restore off. So it can prevent any programs from changing the System restore. Then the virus definitions must be updated. Run a complete system scan and then delete all of the files that were detected as the W32.Uisgon.A.Also the worm can generate files that include Chinese character on the variable. It will then overwrite the file Autorun.inf in every network drive that is mapped in any of the Drives. The worm also has the ability to drop some of files on your computer. The worm also creates entry of the registry so in case the Windows starts the worm will also run at the same time. The worm will then tries to contact the directory of the shared networks on the 192.168.2.211 IP address. If the contact was successful, then the execution file will be the \re$\add.bat.
Browse for more malware information
- W32.Uisgon.A
- W32.Unfunner.A
- W32.Update.Worm
- W32.Uporesc
- W32.Usbalex
- W32.Usbwatch
- W32.Valcard
- W32.Validin
- W32.Vapka.A
- W32.Vediance
- W32.Versie.A
- W32.Vibmaru
- W32.Vipauto
- W32.Vispat.A@mm
- W32.Voterai
- W32.Waledac
- W32.Wallon.A@mm
- W32.Wallz
- W32.Wantok
- W32.Wargbot
- W32.Waxpow.Worm
- W32.Wecorl
- W32.Welchia.B.Worm
- W32.Whacker.A
- W32.White.Worm
- W32.Whitebait@mm
- W32.Whybo
- W32.WinExt.Worm
- W32.Windang.A
- W32.Winfig.Gen
Contact Us
|
Privacy Policy
|
Site Map
Copyright © Uniblue Systems Limited 2007. All rights reserved.