dh>2:@.exe - Weird process showing up

Discussion in 'other security issues & news' started by The.Terminator, Mar 25, 2005.

Thread Status:
Not open for further replies.
  1. The.Terminator

    The.Terminator Registered Member

    Aug 31, 2004
    One PC in our company has a weird process running on his PC.
    The process is called dh>2:mad:.exe (see attachment).

    It's killable but re-appears after some time.
    We ran a spyware checker and removed the spyware, also searching on the filename gives no result because Windows (Windows2000, SP4 and patching with the latest security patches) sees the > sign as command instead of string.

    The PC doesn't behave strange (in other words, the user doesn't sees anything) however we don't know if it's doing something 'underwater'

    Also other clues what we can run / do ?


    Attached Files:

  2. Infinity

    Infinity Registered Member

    May 31, 2004
    download adaware, spybot and m$ antispyware.

    let them update and reboot into safe mode.

    then run the three apps with your antivirus.

    in safe mode delete your temps, internet temps and downloaded program files (windows folder)

    reboot and see if it gone.

  3. BlueZannetti

    BlueZannetti Registered Member

    Oct 19, 2003
    Also download ProcessExplorer and set the view to show the image path and command line (View>Select Columns>Process Image tab, check Image Path and Command Line). Before doing this, also empty out all temporary folders (the executable may be run from one of them).

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.