Tech Support Forum banner
Not open for further replies.
1 - 5 of 5 Posts

2 Posts
Discussion Starter · #1 ·
i use kerio as my firewall and it keeps bringing this up can someone help me ive scanned my system and cant find the file

Technical details about the intrusion attempt:

Injector application: C:\windows\system32\kaxmcyvlqg.exe
Description: kaxmcyvlqg
File version:
Product name:
Product version:
Created: 2007/1/25, 21:58:23
Modified: 2007/1/25, 21:58:23
Accessed: 2007/2/2, 02:46:39

Target application: C:\WINDOWS\Explorer.EXE
Description: Windows Explorer
File version: 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Product name: Microsoft® Windows® Operating System
Product version: 6.00.2900.2180
Created: 2004/10/8, 12:01:47
Modified: 2004/10/8, 12:01:47
Accessed: 2007/2/2, 02:46:37

Address of injection: 0x00A60123

Premium Member
39,538 Posts
Hi ibgrinchiest and welcome to TSF.

No need to go anywhere else - we have the best Security Team on the web! This is undoubtedly malware - the random name is a giveaway - and looks as though it's trying to inject itself into IE. I suggest you follow these instructions as it's possible it has asked other malware to join it on your system.

Please download HijackThis - this program will help us determine if there is any spyware/malware on your computer.
  • Create a folder at C:\HJT and move HijackThis.exe there.
  • Make sure you close down EVERY open window and close ALL browser windows. The only thing that should be open is the HijackThis program.
  • Run a scan and save the log file.
  • Copy the text file (Ctrl+A then Ctrl+C) and paste it (Ctrl+V) in a new thread in the HJT Forum (do not attach it or post it here).
  • Do not fix any entries in HijackThis since they may be harmless.
    [*]Make sure to include the System information at the top of the log as well.

We'll then have a look and provide instructions to clean your system, if required. Please note that the HJT forum is constantly busy, so I would ask that you be patient while waiting for a reply.
1 - 5 of 5 Posts
Not open for further replies.