Home > General > Dkswtchw.exe.what?

Dkswtchw.exe.what?

It has done this 1 time(s). scanning hidden files ... It throws an error every few minutes saying Internet Explorer has encountered a problem and needs to close. aswMBR version 0.9.7.707 Copyright(c) 2011 AVAST Software Run date: 2011-07-13 20:58:34 ----------------------------- 20:58:34.875 OS Version: Windows 5.1.2600 Service Pack 3 20:58:34.875 Number of processors: 2 586 0xF0D 20:58:34.875 ComputerName: BRE-2008COMP UserName:

Generated Tue, 24 Jan 2017 12:06:30 GMT by s_hp107 (squid/3.5.23) ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: http://0.0.0.7/ Connection Let's see if another tool by Avast sees the same thing. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning. 07/01/2011 15:05:21, error: Service Control Manager [7001] - The McAfee Proxy mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-8-25 84072] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-9-29 206096] R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-25 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-25 271480] http://www.bleepingcomputer.com/forums/t/63183/dkswtchwexewhat/

I'm deleting it! It was run on a newly installed computer I was setting up for my father. Malwarebytes' Anti-Malware 1.50.1.1100www.malwarebytes.org Database version: 5518 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 14/01/2011 10:48:34 mbam-log-2011-01-14 (10-48-34).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 375341 Time elapsed: 2 hour(s), 1 Download and install HijackThis.

CONTRIBUTE TO OUR LEGAL DEFENSE All unused funds will be donated to the Electronic Frontier Foundation (EFF). Password Site Map Posting Help Register Rules Today's Posts Search Site Map Home Forum Rules Members List Contact Us Community Links Pictures & Albums Members List Search Forums Show Threads End of the scan: Wednesday, July 20, 2011 23:02 Used time: 3:37:29 Hour(s) The scan has been done completely. 13531 Scanned directories 503777 Files were scanned 1 Viruses and/or unwanted programs mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-3-24 152960] R3 mfebopk;McAfee Inc.

At least it works, though. 07-12-2011, 08:21 PM #24 Ried AdministratorManagement Team, Security Center & TSF Academy Expert Analyst, Moderator, Security Team Rangemaster, Moderator, TSF Academy Join c:\documents and settings\nuala\application data\microsoft\internet explorer\quick launch\security central.lnk (Rogue.SecurityCentral) -> Quarantined and deleted successfully. Ever since I did a lot of hardware upgrades, they have been constant. https://www.daniweb.com/hardware-and-software/information-security/threads/340159/iexplore-exe So I'm going to rescan with it updated now (I won't remove anything).

S3 gel90xne;gel90xne;\??\c:\docume~1\roisin\locals~1\temp\gel90xne.sys --> c:\docume~1\roisin\locals~1\temp\gel90xne.sys [?] 2011-01-04 19:46:37 53248 ----a-w- c:\windows\system32\drivers\sst6BA.sys 2011-01-04 19:46:37 0 ----a-w- c:\windows\system32\drivers\sst6BA.tmp 2011-01-04 19:46:00 -------- d-----w- c:\docume~1\alluse~1\applic~1\nJpCf06504 Do you know what these are? I'm not finding any other malware here. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Copy the results and paste them in your next reply.

This is normal and ComboFix will restore your desktop before it is finished. I cleaned down a virus infected pc (Windows XP Media Centre Edition SP3 with IE8). It, like NX.exe, has the tricky dates (created 2004, modified 1994). Then I did a scan with updated MalwareBytes, and it found 2 "Trojan.FakeAlert", Category: Register Key, Item: HKEY_CURRENT_USER\SOFTWARE\IJKUK66HMN, and Item: HKEY_CURRENT_USER\SOFTWARE\SMH2B46TDP.

Your cache administrator is webmaster. So I rebooted, and I think it was around there that I noticed it being slow. A web page will open containing helpful information regarding HijackThis. Right click that file and select Send To>Compressed (zipped) file.

I have searched all anti virus sites and have scanned with my NOD32 and have picked up nothing. You also have used the wrong version of HiJackThis. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [25/08/2010 18:48 84072] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [29/09/2008 14:40 206096] R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [25/08/2010 18:47 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" For example, create a new folder and rename it "Saved File", then move it into that folder.

c:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully. c:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Quarantined and deleted successfully. 0 PhilliePhan 171 6 Years Ago Any ideas on this one.....? Once the scan is complete, click the AnalyzeThis button.

Edited by quietman7, 24 August 2006 - 03:50 PM. ..Microsoft MVP Consumer Security 2007-2015 Microsoft MVP Reconnect 2016Windows Insider MVP 2017Member of UNITE, Unified Network of Instructors and Trusted EliminatorsIf I

c:\documents and settings\nuala\Desktop\system tool 2011.lnk (Rogue.SystemTool) -> Quarantined and deleted successfully. It seems to be left behind even after uninstalling all associated DK products and can simply be removed to complete the uninstallation." I was goofing off and checking out these old Win32.exe error report, fatal system error later This is a discussion on Win32.exe error report, fatal system error later within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Folders Infected: c:\documents and settings\nuala\start menu\security central (Rogue.SecurityCentral) -> Quarantined and deleted successfully.

The error: "%233" Happened while starting this command: "c:\PROGRA~1\mcafee.com\agent\mcagent.exe" -Embedding 07/01/2011 16:22:31, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order It's possible the long boot time is due to nvidia drivers. I hadn't mentioned it because there were more troubling problems and I thought it would go away once things were fixed, but it's still slow. 07-13-2011, 06:19 AM #26 If we have ever helped you in the past, please consider helping us.

I know you have heard this error 1 milion times and i am very sorry about it. Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator) Click ScanUpon completion of the scan, click Save log and save it to your When I log in it loads several things before it even bothers to do the logging-in noise, and Pidgin seems to take abnormally long to auto-start. Note: Do not mouse-click combofix's window while it is running.

The system returned: (22) Invalid argument The remote host or network may be down. The scan then continued. scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) Thanks. 07-19-2011, 09:38 PM #33 Ried AdministratorManagement Team, Security Center & TSF Academy Expert Analyst, Moderator, Security Team Rangemaster, Moderator, TSF Academy Join Date: Jan 2005 Location:

Please re-enable javascript to access full functionality. c:\downloads\wobblybobbly-dm[1].exe (Adware.TryMedia) -> Quarantined and deleted successfully. I did a Google search and came here. After that i will...

Completion time: 2011-01-18 13:04:04 ComboFix-quarantined-files.txt 2011-01-18 13:03 Pre-Run: 64,979,394,560 bytes free Post-Run: 65,282,338,816 bytes free - - End Of File - - 90BDB5E363F0A6C85C683B99A8261B01 ________________ Hijack this log: Logfile of Trend Micro The system returned: (22) Invalid argument The remote host or network may be down.