Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | 3 | (show all)   Print Thread
Standard User scopio
(member) Mon 08-Jul-13 23:33:12
Print Post

SS32 malware? URGENT HELP needed!


[link to this post]
 
I received an email from a trusted friend with an attachment for a picture of a document asking me to help “I cannot see or download this, help please”. When I foolishly clicked on the document it executed an application ss32 and the asked to restart the computer to turn off UAC! I have not switched off the computer afraid it that ss32 may be a malicious application.
Anyone has any information on this mysterious ss32.exe?
What should I do to solve this?

PC Full Tower - Self Build OS Windows 7 64bit Laptop Dell Inspiron 1545 - OS Windows 8 Home Premium 32bit Stardock8
ISP was O2 All Rounder now PlusNet Unlimited Broadband SamKnows Whitebox connected on 14:02:2013
http://www.thinkbroadband.com/speedtest/button/13669...
http://speedtest.net/result/2668600210.png
Standard User Pipexer
(eat-sleep-adslguide) Mon 08-Jul-13 23:41:52
Print Post

Re: SS32 malware? URGENT HELP needed!


[re: scopio] [link to this post]
 
Disconnect the computer from the internet immediately
Kill the SS32.exe process (or whatever process you suspect has been launched) via task manager
Scan the disk for SS32.exe and delete any traces of it.
Run a full antivirus scan
Download the VIPRE Rescue Scanner (google it) and run this on the PC.
Run any additional malware scanning/protection utilities you care to.
Go into Control Panel > User Accounts > User Account Control and turn UAC back on if it appears disabled
Restart computer and assess situation, consider plugging internet connection back in if you think the threat is gone.

Zen 8000 Pro
Standard User billford
(elder) Mon 08-Jul-13 23:46:38
Print Post

Re: SS32 malware? URGENT HELP needed!


[re: scopio] [link to this post]
 
If you google for it, it doesn't seem to be anything particularly nasty... but Pipexer's advice is sound- better safe than sorry where unknown software is concerned.

Bill
A level playing field is level in both directions.________________Planes and Boats and ... _____________BQMs: IPv4 IPv6


Register (or login) on our website and you will not see this ad.

Standard User ukhardy07
(fountain of knowledge) Mon 08-Jul-13 23:46:58
Print Post

Re: SS32 malware? URGENT HELP needed!


[re: scopio] [link to this post]
 
Hi there. I am going to assume you have an antivirus already.

The best tool you can download if it's escaped your current security is malware bytes (I find this anyway and I offer IT help at work on the side - clearing infections of work colleagues machines most days as a bit on the side hehe).
Link: http://www.malwarebytes.org
Click free download
It gives you a free 14 day trial which is plenty to catch the infection and remove it.

Commonly infected machines are blocked from accessing the site or it will take you to a different site where you get more infected so you might be best to get it on another PC and then put it on a memory stick & install it.

Run a full scan, preferably in safe mode.

This finds most of the nasties and is particular good at finding what most other programs miss.

Edited by ukhardy07 (Mon 08-Jul-13 23:48:34)

Standard User Pipexer
(eat-sleep-adslguide) Mon 08-Jul-13 23:49:10
Print Post

Re: SS32 malware? URGENT HELP needed!


[re: billford] [link to this post]
 
I thought that too, but a closer look seems the OP has unfortunately come across some very new malware - http://blog.dynamoo.com/ check the blog post date, only 2 hrs ago.

Zen 8000 Pro
Standard User billford
(elder) Mon 08-Jul-13 23:51:11
Print Post

Re: SS32 malware? URGENT HELP needed!


[re: Pipexer] [link to this post]
 
Fair enough, some poor soul has to be the first frown

Bill
A level playing field is level in both directions.________________Planes and Boats and ... _____________BQMs: IPv4 IPv6
Standard User Pipexer
(eat-sleep-adslguide) Mon 08-Jul-13 23:56:47
Print Post

Re: SS32 malware? URGENT HELP needed!


[re: billford] [link to this post]
 
Indeed - I've just downloaded said file to see what happened, Windows Defender, using definitions as of now, does not detect it as malware. The OP should be very cautious and would probably be best running some rescue scanners tomorrow when new definitions have become available. Seems this (variant at least) has literally only just hit within the past few hours.

Zen 8000 Pro
Standard User scopio
(member) Mon 08-Jul-13 23:57:17
Print Post

Re: SS32 malware? URGENT HELP needed!


[re: Pipexer] [link to this post]
 
Running Malwarebytes at this very moment will report back to what happens!

PC Full Tower - Self Build OS Windows 7 64bit Laptop Dell Inspiron 1545 - OS Windows 8 Home Premium 32bit Stardock8
ISP was O2 All Rounder now PlusNet Unlimited Broadband SamKnows Whitebox connected on 14:02:2013
http://www.thinkbroadband.com/speedtest/button/13669...
http://speedtest.net/result/2668600210.png
Standard User Pipexer
(eat-sleep-adslguide) Mon 08-Jul-13 23:58:51
Print Post

Re: SS32 malware? URGENT HELP needed!


[re: scopio] [link to this post]
 
Good chance it won't detect anything as I have just seen. Go for a manual removal and the steps I mentioned at the very least before plugging computer back into network. If it is disabling UAC clearly UAC stops it working properly, so ensure you restore UAC to its ON setting.

Zen 8000 Pro
Standard User scopio
(member) Mon 08-Jul-13 23:59:37
Print Post

Re: SS32 malware? URGENT HELP needed!


[re: Pipexer] [link to this post]
 
This malware seems to delete all restore points too!!

PC Full Tower - Self Build OS Windows 7 64bit Laptop Dell Inspiron 1545 - OS Windows 8 Home Premium 32bit Stardock8
ISP was O2 All Rounder now PlusNet Unlimited Broadband SamKnows Whitebox connected on 14:02:2013
http://www.thinkbroadband.com/speedtest/button/13669...
http://speedtest.net/result/2668600210.png
Pages in this thread: 1 | 2 | 3 | (show all)   Print Thread

Jump to