What is win32sock.exe?

It keeps trying to access the internet, according to my zonealarm.

It’s a nasty :-\

Best to block it and remove it.

use the tools here http://www.spywareinfo.com/~merijn/downloads.html

cheers

w0mbat

This is a trojan backdoor related to IRC. Although you don’t say where it is located or what OS you are using, but a wild guess is it is located in the system or system32 folder. Searches I have done on google only return one hit for win32sock.exe and that relates to or is a varient of Backdoor.IRC.Loonbot.

From the securityresponse site.

Backdoor.IRC.Loonbot Discovered on: February 26, 2004 Last Updated on: February 26, 2004 04:57:17 PM

BAckdoor.IRC.Loonbot is a Trojan horse that has backdoor capabilities. It can allow an attacker to remotely control your computer using Internet Relay Chat (IRC).

This Trojan can also download and execute files.

You should, Disable System Restore (if XP or ME), delete or move this file to the avast chest folder. Reboot and confirm that the file has not been regenerated then enable SR again.

And as w0mbat said get protected against spyware.

HTH David