Last week my company was having problems getting on the internet. We are using a partial T-1 so I called Teleco to test T-1. They found no problems. I noticed that my Exchange 5.5 server (which runs on Win2K) was at 100%CPU and about all RAM being used. Noticed in taskmanager that fxscanner.exe was running at 100% CPU. Stopped this process and Internet came back to normal. Looked on my server and found fxscanner.exe and some log files in a recycled folder on my server. It appears to me that this was a trojan or something. Does anyone know about this. I am running McAfee Virus Scan and GRoupshield and always keep dats up to date. Did a full system scan and did find the MovieWorld trojan on my system. Could these 2 be related? Any thoughts would be appreciated.

hi robby, yes this file can be related as there are 2 sets of different files associated with this trojan. things you can do are check your start up processes and if you see anything like the file you mentioned, delete the fxscanner.exe file. go to run and type in msconfig and check your win.ini, sys.ini and see if there are any files run and loaded, if there is anything run and loaded backspace it out save and re-boot. go to your registry and check these keys: hkey local machine/software/microsoft/currentversion/run, and all the runservices keys if movieworld is a key value, or any of its attendant files such as fxscanner.exe, delete the values. do the same for these other hotkeys: hotkey current user and hotkey user. you may if you wish go to www.thepublicworks.com security section and link to simovits consulting and check for files by name, then link to pcflank and do a trojan and port test, if it comes up with something link to wilders.org and download Trojan Hunter and scan your machine. take care, all the best, murve

I tried many antivirus programs, and i recomend you to try Kaspersky antivirus. It is the best for troyans. Regards, Val

Thanks to both of you for the info.