dmhzb.exe

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi could someone tell me what dmhzb.exe is i have a program called winpatrol
and it the file keeps wanting to start at start-up i'm afriad to click yes in
case it hacks my pc or damages it also on my firewall Zone Alarm Security
Suite i have about 100 program files all wanted to access the internet

I'll list there names below and there all .exe

dmadh
dmagn
dmaji
dmanu
dmbxm
dmbzu
dmcbt
dmcbz
dmcfh
dmdeb
dmdip
dmdwp
dmecq
dmeda
dmeed
dmein
dmekw
dmeqt
dmfaj
dmfes
dmfqc
dmfud
dmgfd
dmghy
dmglh
dmgph
dmhhc
dmhjg
dmhrr
dmhzc
dmihs
dmjdy
dmjux
dmlfn
dmlfs
dmjic
dmlqe
dmlqz
dmmhy
dmmnl
dmnnb
dmnrt
dmnsb
dmnus
dmnzq
dmofl
dmokc
dmoms
dmpav
dmpgc
dmpmd
dmpzw
dmqaf
dmqef
dmquv
dmrwm
dmshn
dmsnq
dmtaf
dmtdj
dmtjf
dmtsm
dmucr
dmunx
dmouy
dmvbr
dmvud
dmvwi
dmwjl
dmwno
dmwqy
dmwrd
dmwuo
dmwvq
dmxck
dmxcs
dmxdx
dmxvm
dxxxx
dmyfm
dmzaz
dmziz
dmzna
dmzpx
dmzxx

Any help would be apprecicated
Thanks
Dave
 
When you click on one of the files in ZA, it should tell you where the
pathname is. Is it in a Temporary Folder name?

By looking at it, it sounds like WinPatrol is creating a randomly named
executable application named file based on some original file, either
purposely (to create a virus/malware), or to hide it from the other Security
Programs on the system.

If you can find the pathname of the executable (.exe) file, you should be
able to locate the original file as well based in Version info,
Date-Time-Group, ....

In my opinion, if an application is doing this to hide itself, I personally
would not be using it.
 
From: "Dave" <[email protected]>

| Hi could someone tell me what dmhzb.exe is i have a program called winpatrol
| and it the file keeps wanting to start at start-up i'm afriad to click yes in
| case it hacks my pc or damages it also on my firewall Zone Alarm Security
| Suite i have about 100 program files all wanted to access the internet
|
| I'll list there names below and there all .exe
|
| dmadh
| dmagn
| dmaji
| dmanu

< snip >

| dmzaz
| dmziz
| dmzna
| dmzpx
| dmzxx
|
| Any help would be apprecicated
| Thanks
| Dave


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *
 
The file is in C:\Windows\System32

NewScience said:
When you click on one of the files in ZA, it should tell you where the
pathname is. Is it in a Temporary Folder name?

By looking at it, it sounds like WinPatrol is creating a randomly named
executable application named file based on some original file, either
purposely (to create a virus/malware), or to hide it from the other Security
Programs on the system.

If you can find the pathname of the executable (.exe) file, you should be
able to locate the original file as well based in Version info,
Date-Time-Group, ....

In my opinion, if an application is doing this to hide itself, I personally
would not be using it.
Click to expand...
 
Dave said:
Hi could someone tell me what dmhzb.exe is i have a program called
winpatrol
and it the file keeps wanting to start at start-up i'm afriad to click yes
in
case it hacks my pc or damages it also on my firewall Zone Alarm Security
Suite i have about 100 program files all wanted to access the internet

I'll list there names below and there all .exe
Click to expand...

And are all generated names characteristic of malware infestation. You can
delete these, but the program that's generating them will probably still be
running and will create more.

Your system is pretty compromised and the restore points are probably
infected. You need to start in Safe Mode, completely clear out all the
Temp and Temporary Internet Files folders, and then go to programs like
HiJack This, SMitFraudFix, and virus scanners.

The files you're really looking for are probably marked as system and
hidden.

You may find it prudent to then remove the drive, and attach it to another
system and scan it from there.

HTH
-pk
 
From: "Patrick Keenan" <[email protected]>


|
| And are all generated names characteristic of malware infestation. You can
| delete these, but the program that's generating them will probably still be
| running and will create more.
|
| Your system is pretty compromised and the restore points are probably
| infected. You need to start in Safe Mode, completely clear out all the
| Temp and Temporary Internet Files folders, and then go to programs like
| HiJack This, SMitFraudFix, and virus scanners.
|
| The files you're really looking for are probably marked as system and
| hidden.
|
| You may find it prudent to then remove the drive, and attach it to another
| system and scan it from there.
|
| HTH
| -pk
|


No symptoms of a SmitFraud Trojan or of the family members (FakeAlert, ZLob, etc.)
 
When you click on one of the files in ZA, it should tell you where the
pathname is. Is it in a Temporary Folder name?

By looking at it, it sounds like WinPatrol is creating a randomly named
executable application named file based on some original file, either
purposely (to create a virus/malware), or to hide it from the other Security
Programs on the system.
Click to expand...

I suspect that in fact Winpatrol is alerting the user to the fact that
those programs wish to start and connect to the Internet, and asking if it
should let them do so.

There certainly looks to be an infestation of some sort, but I really doubt
that Winpatrol is responsible, providing Dave obtained it from BillP
Studios at www.winpatrol.com or an authorised mirror site. I've been using
Winpatrol for many years now and it's never given me a moment's cause for
concern.

Cheers,

Roy
 
David

Found this site this morning but as it was the only site reporting the
problem I felt it might be unwise to pass it on to a non-expert.

--

Regards.

Gerry
~~~~
FCA
Stourport, England

Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~
 
Yea i downloaded winpatrol from billp studios i got the latest version as well
Progress so far well i've run my zonealarm antispyware program and it found
some files then i ran it again and it found nothing so i thought probabaly
thats fixed it . Nope there still there and also my google his hijacked and
also aol.com is i've changed my homepage to askjeeves now . I'll use search
to find them all and delete them and see if anything happens
 
From: "Dave" <[email protected]>

| Yea i downloaded winpatrol from billp studios i got the latest version as well
| Progress so far well i've run my zonealarm antispyware program and it found
| some files then i ran it again and it found nothing so i thought probabaly
| thats fixed it . Nope there still there and also my google his hijacked and
| also aol.com is i've changed my homepage to askjeeves now . I'll use search
| to find them all and delete them and see if anything happens
|

I suggest using my Multi AV Scanning Tool that I suggested this AM.
 
Back
Top