Anyone ever heard of "rlumkaus" virus/bug/trojan/backdoor?

[Steven.Litscher () OJA STATE WI US (Litscher, Steven)]

Greetings,

We have several users that use Windows98 laptops to connect to our network.
We use CryptoCard authentication, and have installed ZoneAlarm on a few of
the laptops as an extra measure of precaution.

While working on one of these laptops, ZoneAlarm asked me if I wanted to
allow "Rlumkaus.exe" access to the internet.  Not recognizing this program,
I said "No".  Now I'm curious...

So, I check the task manager- nothing odd running.  I search the registry,
no hint of rlumkaus.  I search the drive, and found rlumkaus.exe in the root
of C:/Windows/.  The icon idicates it is a mpg or avi file...  I try to
delete it, I get the "can't delete beacuse it's in use by Windows" message.
I re-search the registry- nothing.  I checked MSCONFIG, and sure enough,
it's loaded at start-up.

I ran a virus check using McAfee 4.0.3 DAT 4087, and it turned up nothing.
I searched Bugtraq, McAfee, Norton, and DataFellows for info on this, and
they have nothing.

I'm curious (a) what is it, (b) why is it trying to access the net, (c) why
is it being loaded at start-up, (d) if it's running, why didn't task manager
show it?  My gut feeling is that is some sort of trojan/backdoor??

Any help/info would be appreciated!

Best wishes,
Steve