Sign in with
Sign up | Sign in
Your question

Unknown files

Last response: in Windows XP
Share
Anonymous
July 18, 2005 11:24:02 PM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

I use Win Patrol as part of the programs I use to protect my computer along
with AVG and AdAware.
Frequently Win Patrol tells me that the file "dmhox.exe" is trying to be
added to my Windows startup. I tell it no. There are several other of these
exe files whch are also trying to do the same thing.
My question: Where can I go to find if these (or any other) files/folders
are really Windows files or spyware? There are four of these files, and they
are located in Sys 32.
I have Win XP Home.
Bob

More about : unknown files

July 19, 2005 3:25:28 AM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

choppbobby wrote:
> I use Win Patrol as part of the programs I use to protect my computer
> along with AVG and AdAware.
> Frequently Win Patrol tells me that the file "dmhox.exe" is trying
> to be added to my Windows startup. I tell it no. There are several
> other of these exe files whch are also trying to do the same thing.
> My question: Where can I go to find if these (or any other)
> files/folders are really Windows files or spyware? There are four of
> these files, and they are located in Sys 32.
> I have Win XP Home.
> Bob

Hi Bob,I suspect that you have some parasite that Ad-Aware is missing,are
you using the latest version?
Use Spybot as well

Spybot S&D - http://www.safer-networking.org/en/index.html
Ad-Aware SE - http://majorgeeks.com/Ad-Aware_SE_Personal_d506.html
SpywareBlaster - http://www.javacoolsoftware.com/spywareblaster.html

--
Mike Pawlak
Anonymous
July 19, 2005 3:41:28 AM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

"choppbobby" <choppbobby@discussions.microsoft.com> wrote in message
news:B8A67D42-942F-4F94-903B-74E6E252AA01@microsoft.com...
> I use Win Patrol as part of the programs I use to protect my computer
> along
> with AVG and AdAware.
> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to be
> added to my Windows startup. I tell it no. There are several other of
> these
> exe files whch are also trying to do the same thing.
> My question: Where can I go to find if these (or any other) files/folders
> are really Windows files or spyware? There are four of these files, and
> they
> are located in Sys 32.
> I have Win XP Home.
> Bob

Do a Google search on the file names. If you don't find them, chances are
good they are malware; a lot of times filenames are randomly generated.
Very few non-malware programs will add themselves to the startup entries
without you explicitly launching an install process.

Also - locate the file itself, and choose Properties. Look on the extended
properties to see who published the files. Most manufacturers add this
information, and if it's not there and you can't find references, things
don't look good.

So, I expect that you have a malware infestation. Restart in Safe Mode,
and rename those files to .bad from .exe. However, something else is
running that's trying to load them. Try Hijack This and Spybot to detect
and remove. Finally, get ccleaner.exe from www.ccleaner.com to clean out
the temporary files and temporary internet files folders, which is where a
lot of spyware launches itself from.

HTH
-pk
Related resources
Anonymous
July 19, 2005 8:22:48 AM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

Download, install, update and run all of the following.

Ad-Aware
http://www.lavasoftusa.com/software/adaware/

Spybot search and destroy
http://www.safer-networking.org/en/download/

Microsoft Windows AntiSpyware (Beta1)
http://www.microsoft.com/downloads/details.aspx?FamilyI...

If none of the above fixes the issue then download Hijack this, run it, save
a copy of the log file and cut and paste it back here to the group so that
it can be analyzed.

HijackThis
http://www.spywareinfo.com/~merijn/downloads.html

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



"choppbobby" <choppbobby@discussions.microsoft.com> wrote in message
news:B8A67D42-942F-4F94-903B-74E6E252AA01@microsoft.com...
> I use Win Patrol as part of the programs I use to protect my computer
> along
> with AVG and AdAware.
> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to be
> added to my Windows startup. I tell it no. There are several other of
> these
> exe files whch are also trying to do the same thing.
> My question: Where can I go to find if these (or any other) files/folders
> are really Windows files or spyware? There are four of these files, and
> they
> are located in Sys 32.
> I have Win XP Home.
> Bob
>
Anonymous
July 19, 2005 5:39:04 PM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

Thanks to all of you who answered my post.
Here's some additional info.:
A list of files which have tried to become active in my start up:
dmbtx.exe-OA179715.pf Locatation: C:\Windows\Prefetch
dmhde.exe-0836AO16.pf : Same as above.
dminiq.exe

"choppbobby" wrote:

> I use Win Patrol as part of the programs I use to protect my computer along
> with AVG and AdAware.
> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to be
> added to my Windows startup. I tell it no. There are several other of these
> exe files whch are also trying to do the same thing.
> My question: Where can I go to find if these (or any other) files/folders
> are really Windows files or spyware? There are four of these files, and they
> are located in Sys 32.
> I have Win XP Home.
> Bob
>
Anonymous
July 19, 2005 5:39:05 PM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

Thanks to all who have answered my post.
Here is a list of files which have tried to become active in my Auto
startup:
dmbtx.exe
dmhde.exe
dminiq.exe (no longer found with "search").
dmhox.exe (no longer found with "search").
dmfao.exe
dmraf.exe (The one currently trying to access my computer. Yesterday it
was
dmfao.exe.
The first two are located in C\:Windows\Prefetch.
The las two are located in C:\Windows\System 32.
I'll install Spy Bot and see if it catches what ever is trying to load
these programs.
Bob




"choppbobby" wrote:

> I use Win Patrol as part of the programs I use to protect my computer along
> with AVG and AdAware.
> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to be
> added to my Windows startup. I tell it no. There are several other of these
> exe files whch are also trying to do the same thing.
> My question: Where can I go to find if these (or any other) files/folders
> are really Windows files or spyware? There are four of these files, and they
> are located in Sys 32.
> I have Win XP Home.
> Bob
>
Anonymous
July 19, 2005 5:46:02 PM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

Sorry about the double entry. I fumble fingered my key board.
If I can figure out how to attach a jpg here I'll show you the properties
for the dmraf.exe file. The rest are similiar.
Bob
Guess I won't do that. Can't figure how to send an attachment.

"choppbobby" wrote:

> I use Win Patrol as part of the programs I use to protect my computer along
> with AVG and AdAware.
> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to be
> added to my Windows startup. I tell it no. There are several other of these
> exe files whch are also trying to do the same thing.
> My question: Where can I go to find if these (or any other) files/folders
> are really Windows files or spyware? There are four of these files, and they
> are located in Sys 32.
> I have Win XP Home.
> Bob
>
July 19, 2005 6:17:55 PM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

> "choppbobby" <choppbobby@discussions.microsoft.com> wrote in message
> news:B8A67D42-942F-4F94-903B-74E6E252AA01@microsoft.com...
>> I use Win Patrol as part of the programs I use to protect my computer
>> along
>> with AVG and AdAware.
>> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to
>> be added to my Windows startup. I tell it no. There are several other
>> of these
>> exe files whch are also trying to do the same thing.
>> My question: Where can I go to find if these (or any other)
>> files/folders are really Windows files or spyware? There are four of
>> these files, and they
>> are located in Sys 32.
>> I have Win XP Home.
>> Bob
>
> Do a Google search on the file names. If you don't find them, chances
> are good they are malware; a lot of times filenames are randomly
> generated. Very few non-malware programs will add themselves to the
> startup entries without you explicitly launching an install process.
>
> Also - locate the file itself, and choose Properties. Look on the
> extended properties to see who published the files. Most
> manufacturers add this information, and if it's not there and you can't
> find references, things don't look good.
>
> So, I expect that you have a malware infestation. Restart in Safe
> Mode, and rename those files to .bad from .exe. However, something
> else is running that's trying to load them. Try Hijack This and
> Spybot to detect and remove. Finally, get ccleaner.exe from
> www.ccleaner.com to clean out the temporary files and temporary
> internet files folders, which is where a lot of spyware launches itself
> from.
> HTH
> -pk
Sorry to butt in, but out of curiousity I did a complete Google search with
no results which is unusual.
Is it possible that "dmhox.exe" is a typo?
It would be interesting to see what the properties are.

--

johnf
Anonymous
July 19, 2005 6:17:56 PM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

"johnf" <john_f@bigpond.net.a> wrote in message
news:exR7VjBjFHA.3144@TK2MSFTNGP12.phx.gbl...
>
>> "choppbobby" <choppbobby@discussions.microsoft.com> wrote in message
>> news:B8A67D42-942F-4F94-903B-74E6E252AA01@microsoft.com...
>>> I use Win Patrol as part of the programs I use to protect my computer
>>> along
>>> with AVG and AdAware.
>>> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to
>>> be added to my Windows startup. I tell it no. There are several other
>>> of these
>>> exe files whch are also trying to do the same thing.
>>> My question: Where can I go to find if these (or any other)
>>> files/folders are really Windows files or spyware? There are four of
>>> these files, and they
>>> are located in Sys 32.
>>> I have Win XP Home.
>>> Bob
>>
>> Do a Google search on the file names. If you don't find them, chances
>> are good they are malware; a lot of times filenames are randomly
>> generated. Very few non-malware programs will add themselves to the
>> startup entries without you explicitly launching an install process.
>>
>> Also - locate the file itself, and choose Properties. Look on the
>> extended properties to see who published the files. Most
>> manufacturers add this information, and if it's not there and you can't
>> find references, things don't look good.
>>
>> So, I expect that you have a malware infestation. Restart in Safe
>> Mode, and rename those files to .bad from .exe. However, something
>> else is running that's trying to load them. Try Hijack This and
>> Spybot to detect and remove. Finally, get ccleaner.exe from
>> www.ccleaner.com to clean out the temporary files and temporary
>> internet files folders, which is where a lot of spyware launches itself
>> from.
>> HTH
>> -pk
> Sorry to butt in,

Not at all.

> but out of curiousity I did a complete Google search with no results which
> is unusual.

It's actually not unusual, since many times malware filenames are generated
locally and are semi-random. Sometimes the sole result is the post that
names the file, asking for information.

> Is it possible that "dmhox.exe" is a typo?

Quite likely *not* a typo.

I doubt that it is a legitimate file, and further, it's probably being
generated and named by something else that the OP hasn't detected. The OP
mentions that there are four files trying to get themselves into the startup
references - an examination may well reveal that they are four
differently-named copies of the same file.

Closer examination may reveal that another so-far undected program is
creating these and trying to make the startup references.

I've also been finding that these files sometimes take the System and Hidden
attributes, so they are harder to find and delete.

> It would be interesting to see what the properties are.

Often the properties lists are very short, which is an indication of
malware. Not an infallible indication, but a clue.

-pk
>
> --
>
> johnf
Anonymous
July 20, 2005 7:12:21 AM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

Download Hijack this, run it, save
a copy of the log file and cut and paste it back here to the group so that
it can be analyzed.

HijackThis
http://www.spywareinfo.com/~merijn/downloads.html


--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



"choppbobby" <choppbobby@discussions.microsoft.com> wrote in message
news:33A7AB1F-2036-4F18-AAD1-77E2AB4C13FD@microsoft.com...
> Thanks to all who have answered my post.
> Here is a list of files which have tried to become active in my Auto
> startup:
> dmbtx.exe
> dmhde.exe
> dminiq.exe (no longer found with "search").
> dmhox.exe (no longer found with "search").
> dmfao.exe
> dmraf.exe (The one currently trying to access my computer. Yesterday it
> was
> dmfao.exe.
> The first two are located in C\:Windows\Prefetch.
> The las two are located in C:\Windows\System 32.
> I'll install Spy Bot and see if it catches what ever is trying to load
> these programs.
> Bob
>
>
>
>
> "choppbobby" wrote:
>
>> I use Win Patrol as part of the programs I use to protect my computer
>> along
>> with AVG and AdAware.
>> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to be
>> added to my Windows startup. I tell it no. There are several other of
>> these
>> exe files whch are also trying to do the same thing.
>> My question: Where can I go to find if these (or any other)
>> files/folders
>> are really Windows files or spyware? There are four of these files, and
>> they
>> are located in Sys 32.
>> I have Win XP Home.
>> Bob
>>
July 20, 2005 3:46:01 PM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

> Thanks to all who have answered my post.
> Here is a list of files which have tried to become active in my Auto
> startup:
> dmbtx.exe
> dmhde.exe
> dminiq.exe (no longer found with "search").
> dmhox.exe (no longer found with "search").
> dmfao.exe
> dmraf.exe (The one currently trying to access my computer. Yesterday it
> was
> dmfao.exe.
> The first two are located in C\:Windows\Prefetch.
> The las two are located in C:\Windows\System 32.
> I'll install Spy Bot and see if it catches what ever is trying to load
> these programs.

Very wise move.
--

johnf

> Bob
>
>
>
>
> "choppbobby" wrote:
>
>> I use Win Patrol as part of the programs I use to protect my computer
>> along with AVG and AdAware.
>> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to
>> be added to my Windows startup. I tell it no. There are several other
>> of these exe files whch are also trying to do the same thing.
>> My question: Where can I go to find if these (or any other)
>> files/folders are really Windows files or spyware? There are four of
>> these files, and they are located in Sys 32.
>> I have Win XP Home.
>> Bob
Anonymous
July 22, 2005 5:35:02 PM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

I have been away for a while, but my problem is still with me.
I am unable to paste the log file into here. The "paste" is not highlighted
when I copy the file and open this post.
Please advise.
Thank you,
Bob

"pcbutts1" wrote:

> Download Hijack this, run it, save
> a copy of the log file and cut and paste it back here to the group so that
> it can be analyzed.
>
> HijackThis
> http://www.spywareinfo.com/~merijn/downloads.html
>
>
> --
>
>
> The best live web video on the internet http://www.seedsv.com/webdemo.htm
> NEW Embedded system W/Linux. We now sell DVR cards.
> See it all at http://www.seedsv.com/products.htm
> Sharpvision simply the best http://www.seedsv.com
>
>
>
> "choppbobby" <choppbobby@discussions.microsoft.com> wrote in message
> news:33A7AB1F-2036-4F18-AAD1-77E2AB4C13FD@microsoft.com...
> > Thanks to all who have answered my post.
> > Here is a list of files which have tried to become active in my Auto
> > startup:
> > dmbtx.exe
> > dmhde.exe
> > dminiq.exe (no longer found with "search").
> > dmhox.exe (no longer found with "search").
> > dmfao.exe
> > dmraf.exe (The one currently trying to access my computer. Yesterday it
> > was
> > dmfao.exe.
> > The first two are located in C\:Windows\Prefetch.
> > The las two are located in C:\Windows\System 32.
> > I'll install Spy Bot and see if it catches what ever is trying to load
> > these programs.
> > Bob
> >
> >
> >
> >
> > "choppbobby" wrote:
> >
> >> I use Win Patrol as part of the programs I use to protect my computer
> >> along
> >> with AVG and AdAware.
> >> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to be
> >> added to my Windows startup. I tell it no. There are several other of
> >> these
> >> exe files whch are also trying to do the same thing.
> >> My question: Where can I go to find if these (or any other)
> >> files/folders
> >> are really Windows files or spyware? There are four of these files, and
> >> they
> >> are located in Sys 32.
> >> I have Win XP Home.
> >> Bob
> >>
>
>
>
Anonymous
July 22, 2005 10:53:32 PM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

Logfile of HijackThis v1.99.1
Scan saved at 6:44:04 PM, on 7/22/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Documents and Settings\Robert Burns\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O1 - Hosts: localhost 127.0.0.1
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP
Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [updatelavasoft] C:\WINDOWS\System32\updatelavasoft.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program
Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program
Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program
Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} -
C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program
Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540004} -
http://freepcscan.com/spyware/Install.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/295139aa86897b6b0900/netzip...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/binFramework/v10/ZIntro.cab34246.ca...
O17 -
HKLM\System\CCS\Services\Tcpip\..\{30A49DE7-F5A0-40D6-812E-D48ACC1C86E4}:
NameServer = 69.50.184.86,85.255.112.9
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\system32\ZoneLabs\vsmon.exe


"pcbutts1" wrote:

> Download Hijack this, run it, save
> a copy of the log file and cut and paste it back here to the group so that
> it can be analyzed.
>
> HijackThis
> http://www.spywareinfo.com/~merijn/downloads.html
>
>
> --
>
>
> The best live web video on the internet http://www.seedsv.com/webdemo.htm
> NEW Embedded system W/Linux. We now sell DVR cards.
> See it all at http://www.seedsv.com/products.htm
> Sharpvision simply the best http://www.seedsv.com
>
>
>
> "choppbobby" <choppbobby@discussions.microsoft.com> wrote in message
> news:33A7AB1F-2036-4F18-AAD1-77E2AB4C13FD@microsoft.com...
> > Thanks to all who have answered my post.
> > Here is a list of files which have tried to become active in my Auto
> > startup:
> > dmbtx.exe
> > dmhde.exe
> > dminiq.exe (no longer found with "search").
> > dmhox.exe (no longer found with "search").
> > dmfao.exe
> > dmraf.exe (The one currently trying to access my computer. Yesterday it
> > was
> > dmfao.exe.
> > The first two are located in C\:Windows\Prefetch.
> > The las two are located in C:\Windows\System 32.
> > I'll install Spy Bot and see if it catches what ever is trying to load
> > these programs.
> > Bob
> >
> >
> >
> >
> > "choppbobby" wrote:
> >
> >> I use Win Patrol as part of the programs I use to protect my computer
> >> along
> >> with AVG and AdAware.
> >> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to be
> >> added to my Windows startup. I tell it no. There are several other of
> >> these
> >> exe files whch are also trying to do the same thing.
> >> My question: Where can I go to find if these (or any other)
> >> files/folders
> >> are really Windows files or spyware? There are four of these files, and
> >> they
> >> are located in Sys 32.
> >> I have Win XP Home.
> >> Bob
> >>
>
>
>
Anonymous
July 25, 2005 12:25:02 AM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

I went to http://www.highjackthis.de/index.php?%20langselect=engl... and
asked for an analization of the log file.
It came back with three 'bad" entries which I deleted, but my problem is
still with me.
I wonder if Win Patrol itself isn't the culprit?


"pcbutts1" wrote:

> Download Hijack this, run it, save
> a copy of the log file and cut and paste it back here to the group so that
> it can be analyzed.
>
> HijackThis
> http://www.spywareinfo.com/~merijn/downloads.html
>
>
> --
>
>
> The best live web video on the internet http://www.seedsv.com/webdemo.htm
> NEW Embedded system W/Linux. We now sell DVR cards.
> See it all at http://www.seedsv.com/products.htm
> Sharpvision simply the best http://www.seedsv.com
>
>
>
> "choppbobby" <choppbobby@discussions.microsoft.com> wrote in message
> news:33A7AB1F-2036-4F18-AAD1-77E2AB4C13FD@microsoft.com...
> > Thanks to all who have answered my post.
> > Here is a list of files which have tried to become active in my Auto
> > startup:
> > dmbtx.exe
> > dmhde.exe
> > dminiq.exe (no longer found with "search").
> > dmhox.exe (no longer found with "search").
> > dmfao.exe
> > dmraf.exe (The one currently trying to access my computer. Yesterday it
> > was
> > dmfao.exe.
> > The first two are located in C\:Windows\Prefetch.
> > The las two are located in C:\Windows\System 32.
> > I'll install Spy Bot and see if it catches what ever is trying to load
> > these programs.
> > Bob
> >
> >
> >
> >
> > "choppbobby" wrote:
> >
> >> I use Win Patrol as part of the programs I use to protect my computer
> >> along
> >> with AVG and AdAware.
> >> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to be
> >> added to my Windows startup. I tell it no. There are several other of
> >> these
> >> exe files whch are also trying to do the same thing.
> >> My question: Where can I go to find if these (or any other)
> >> files/folders
> >> are really Windows files or spyware? There are four of these files, and
> >> they
> >> are located in Sys 32.
> >> I have Win XP Home.
> >> Bob
> >>
>
>
>
Anonymous
July 25, 2005 2:22:03 PM

Archived from groups: microsoft.public.windowsxp.help_and_support (More info?)

I traced my problem to Win Patrol itself.
I removed it, and I have had no problems.
Bob

"choppbobby" wrote:

> I use Win Patrol as part of the programs I use to protect my computer along
> with AVG and AdAware.
> Frequently Win Patrol tells me that the file "dmhox.exe" is trying to be
> added to my Windows startup. I tell it no. There are several other of these
> exe files whch are also trying to do the same thing.
> My question: Where can I go to find if these (or any other) files/folders
> are really Windows files or spyware? There are four of these files, and they
> are located in Sys 32.
> I have Win XP Home.
> Bob
>
!