re my Vir post!!!

[Aids172]

Cant open the fuc*ing thing now I have written that post as the name Vir is in the title!!

Can any help be posted here before I loose my rag!!!

Cheers guys

 

[Dave]

So let me get this straight, if I post the word "Virus" the window closes? Just to be clear!

 

[Aids172]

no not if its in the body of the text!!!

I am assuming its only if its in the executable name?!

 

[Munson]

You're not being clear. What is the problem??

 

[Dave]

The problem is if the word "virus" is in the exectuable text of any programme he tries to run, the "Virus" his system has shuts the programme down,thus ending the ability to run anti-virus software!

 

[Aids172]

Will give it another go!

The computer is acting seemingly normally but.....

Any attemt to install virus software will go like this:

-put Norton cd - it boots to install screen then immediatly closes the screen

If i search for Virus in Google the result page opens and then immediatly closes, but any other word such as clio will return a positive result.

The word Virus seems to be a trigger point for something?!

 

[Aids172]

Daves got it!!

 

[LegoHead]

Try and do a screen shot of your task manager and all active processes, as we can help find the correct program and send to you, but you wont be able to search for the info as this kind of virus will stop you.

 

[Aids172]

http://s90.photobucket.com/albums/k...w&current=Taskm.jpg&refPage=&imgAnch=imgAnch1

hope this works!

 

[LegoHead]

Try ending the processes, the virus one will probably pop back on the list.

 

[Aids172]

tired that twice and pc ends up crashing!!

Im not the most computer literate so maybe Im closing processes that I shouldnt?!

 

[Aids172]

Ok looks like it was the MS32.exe

can now search for virus's and appearing now be able to reinstall Norton antivirus!!!

Will give this a go and see if I can find answer in google!

IF any of you guys have any further info re what this could be then id be grateful!

 

[RobTQ]

MS32.exe could be a backdoor trojan for Windows. I would get your PC virus scanned ASAP especially if you have weird stuff going on. You could try a free online one like this http://housecall.trendmicro.com/

 

[Griff]

W32/Vanebot-H is a worm and IRC backdoor for the Windows platform.

W32/Vanebot-H spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: SRVSVC (MS06-040), Psyme, PNP (MS05-039) and ASN.1 (MS04-007) and by copying itself to network shares and MSSQL servers protected by weak passwords.

W32/Vanebot-H runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

W32/Vanebot-H includes functionality to:

set up an FTP server
set up a proxy server
spread via instant messenger clients, such as AOL, Yahoo, ICQ and MSN by sending messages automatically
set or remove network shares
disable certain security software
start a remote shell (RLOGIN)
download/execute arbitrary files
log keypresses
port scanning
packet sniffing
access the internet and communicate with a remote server via HTTP
harvest information from clipboard
take part in Distributed Denial of Service (DDoS) attacks

This application is most likely downloaded and installed by another application that is considered to be adware or spyware.

 

[Dave]

So get it off your system of you'll f**k the whole world's computers.

 

[ant]

packet sniffing

interesting.