w32_ss.exe - Dangerous
w32_ss.exe
Manual removal instructions:
Antivirus Report of w32_ss.exe:
w32_ss.exe
Trojan Haxdor.
Once launched, the program installs itself in the Windows system directory as
w32_ss.exe
It then installs the other program modules to the victim machine:
debugg.dll - main module
sdmapi.sys *
boot32.sys *
c3.dll *
c3.sys *
c4.sys *
The Trojan installs itself in the system registry.
In systems running Windows 9x:
[HKLM\System\CurrentControlSet\Control\MPRServices\TestService]
DllName="debugg.dll"
EntryPoint="MemManager"
StackSize=0
In systems running Windows NT/2000/XP:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\debugg]
DllName="debugg.dll"
Startup="MemManager"
Impersonate=1
Asynchronous=1
MaxWait=1
| w32_ss.exe | Malware |
| w32_ss.exe | Dangerous |
| w32_ss.exe | High Risk |
Once launched, the program installs itself in the Windows system directory as
w32_ss.exe
It then installs the other program modules to the victim machine:
debugg.dll - main module
sdmapi.sys *
boot32.sys *
c3.dll *
c3.sys *
c4.sys *
The Trojan installs itself in the system registry.
In systems running Windows 9x:
[HKLM\System\CurrentControlSet\Control\MPRServices\TestService]
DllName="debugg.dll"
EntryPoint="MemManager"
StackSize=0
In systems running Windows NT/2000/XP:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\debugg]
DllName="debugg.dll"
Startup="MemManager"
Impersonate=1
Asynchronous=1
MaxWait=1
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.