[ibgrinchiest]

i use kerio as my firewall and it keeps bringing this up can someone help me ive scanned my system and cant find the file

Technical details about the intrusion attempt:

Injector application: C:\windows\system32\kaxmcyvlqg.exe
Description: kaxmcyvlqg
File version:
Product name:
Product version:
Created: 2007/1/25, 21:58:23
Modified: 2007/1/25, 21:58:23
Accessed: 2007/2/2, 02:46:39

Target application: C:\WINDOWS\Explorer.EXE
Description: Windows Explorer
File version: 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Product name: Microsoft® Windows® Operating System
Product version: 6.00.2900.2180
Created: 2004/10/8, 12:01:47
Modified: 2004/10/8, 12:01:47
Accessed: 2007/2/2, 02:46:37

Address of injection: 0x00A60123

 

[ejames82]

i use kerio 2.1.5, but i am not an expert. i suggest you try dslreports. Ed James

 

[ibgrinchiest]

dsl reports? for one i not have a dsl and two there is nothing on this page that refers to dsl.....thank you for you reply....:4-thatsba

 

[ejames82]

http://www.dslreports.com/forum/kerio

it's hard to find help with the firewall that i have, 2.1.5. you didn't say which version that you have. this is not specifically a website geared toward dsl. this is the best kerio help that i can find.

 

[Glaswegian]

Hi ibgrinchiest and welcome to TSF.

No need to go anywhere else - we have the best Security Team on the web! This is undoubtedly malware - the random name is a giveaway - and looks as though it's trying to inject itself into IE. I suggest you follow these instructions as it's possible it has asked other malware to join it on your system.

Please download HijackThis - this program will help us determine if there is any spyware/malware on your computer.

• Create a folder at C:\HJT and move HijackThis.exe there.
• Make sure you close down EVERY open window and close ALL browser windows. The only thing that should be open is the HijackThis program.
• Run a scan and save the log file.
• Copy the text file (Ctrl+A then Ctrl+C) and paste it (Ctrl+V) in a new thread in the HJT Forum (do not attach it or post it here).
• Do not fix any entries in HijackThis since they may be harmless.
  [*]Make sure to include the System information at the top of the log as well.

We'll then have a look and provide instructions to clean your system, if required. Please note that the HJT forum is constantly busy, so I would ask that you be patient while waiting for a reply.