A hidden file is manipulating my laptop-fan!?

By rogerthat69
Feb 3, 2014
  1. (Hi again Broni,)

    You helped me earlier(a few days ago) with som malware-removal. You also pointed out that I may have OS-errors due to cpu overheating because of irregular fan-functionality.

    Now I have discovered that a strange hidden file could be correlating to the fan-problem. This file has
    a hexadecimal(it looks like that by the letters/numbers but have not calculated the name for a test) name and it´s filetype is dmk. A search on internet gives no result except a few short notices and some kind of malware-indication! On the other hand I found that certain virtual disk programs handles certain dmk-files! But I have not installed any Virtual Disks! There is only a service named Virtual Disk in Vista for handling of disks, volumes and filesystems under the normal Disk Management(Control panel).

    Every day when I log in I check my WinPatrol/Scotty for changes in the file-system incl hidden files. Every time when my fan is not working this above mentioned file shows up in WinPatrol as hidden. I then delete it via WinPatrol on next boot-up and my fan starts working again and rather perfect after a while. Temp is 41-52dgrs C with maximum 58 C. At the first boot-up after the file is deleted it could take one or a few hours until fan is working 100%. But this file keep coming back every 2-3 days. I have to find its origin! Help wanted!

    The file is a temp-file as well placed under "Users\myself\Appdata\Local\Temp. Always the same temp-folder! Maybe there is a chance that this file is created because of a not fully un-installed program? Next time this hidden file appears, how shall I find its origin? What process is behind this

    Last time Broni helped me with malware this particular file disappeard. But I can not remember if
    the deleting process/action was made by TFC-program(temp deleter). Possible!
  2. Broni

    Broni Malware Annihilator Posts: 52,799   +343

    This is still too hot for a desktop.

    What is the full name of that .dmk file?
  3. rogerthat69

    rogerthat69 TS Enthusiast Topic Starter Posts: 57

    It is not a desktop! A laptop and as far as I read temp betw 40-50 seems normal?.

    I will give you the file-name when it pops up again. I hoped you had seen or heard about this file-type before! Maybe in the mean time you would be interested to look inside my system-file folder? Is there any program on the market that runs some
    kind of systemfile-checking? Autorun says I.e that the file rdpclip is missing under
    (log on):
    "HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms".
    According to timestamp the file has not been in use since nov 2013.
    I have never manually used this program(filecopy) between any terminal server! Maybe it was a remote user? Should I install a new file? I have deactivated most unnecessary Remote-services due to my almost paranoid feeling since the computer once was hijacked(confirmed).

    I renamed mobsync.exe because it tries to start. As I told you before "something" wants to be synchronized. I am not using IE6/7 at all (for offline-sync of webpages(or in FF)). Sync center in Control Panel shows "something" in action when mobsync.exe has started.
    I have checked Task Scheduler. I have made some changes but I am not 100% sure about every task that is scheduled.

    Otherwise Autorun-log looks ok to me!

    What about these hidden files?:(I think they are legit)
  4. Broni

    Broni Malware Annihilator Posts: 52,799   +343

    OK, this forum is designed for cleaning infected computers.
    We checked your computer and it's clean.

    I wish I had more time to take care of non-malware related issues but I don't.
    Access to this forum is very limited (just you and me).
    Your best bet is to create new topic in Windows forum.
  5. rogerthat69

    rogerthat69 TS Enthusiast Topic Starter Posts: 57

    Broni; Ok I do understand you have to deal with more urgent matters. No problem. Let´s close this topic. Maybe I will open a new one when this hidden dmk-file return
    etc. My best ;)
  6. Broni

    Broni Malware Annihilator Posts: 52,799   +343

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...