Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Unusual traffic from your computer network

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unusual traffic from your computer network

Unread postby davidkan » March 4th, 2012, 11:46 pm

Good day,

I was googling on the internet when this notification appeared.
________________________________________________________________________________________________________________

Unusual traffic from your computer network

Read this first

When Google detects that a computer on your network may be sending automated traffic to Google we may show the following message: "Our systems have detected unusual traffic from your computer network." Automated queries are against our Terms of Service.

The error page most likely displays a CAPTCHA (a squiggly word with a box below it). To continue using Google, type the squiggly word into the box -- it's how we know you're a human, not a robot.

If you don't see a CAPTCHA image or if you continue to encounter the CAPTCHA over and over, try these steps in order:

Check for malware on your computer.

Malicious software, sometimes bundled with other free downloads without your knowledge, can trigger Google to show this message. Visit our security information site for some well-known programs that can detect and remove such applications.

If the suggested programs don't resolve the problem, you might want to try an advanced troubleshooting program such as HijackThis.
_______________________________________________________________________________________________________________

eventually i was led to this site, the DDS txt. is found below.
_______________________________________________________________________________________________________________
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by David at 11:35:10 on 2012-03-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.65.1033.18.3956.1894 [GMT 8:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/home.php?ref=hp
uDefault_Page_URL = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110716105230.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 218.186.1.58 218.186.2.16 218.186.2.6
TCP: Interfaces\{4308F2D5-7007-48AF-AFE8-75CCB2623190} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{4B708FBA-45CC-4F77-8C6D-91D59FFEB667} : DhcpNameServer = 218.186.1.58 218.186.2.16 218.186.2.6
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110716105230.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\lh4asyxs.default\
FF - prefs.js: browser.search.selectedEngine - YouTube Video Search
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - prefs.js: keyword.URL - hxxp://sg.search.yahoo.com/search?fr=gr ... =937811&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-5-25 47776]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-12-11 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-12-10 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-28 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-28 355440]
R2 McShield;McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2010-9-17 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2010-9-17 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2010-9-17 149032]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-28 255744]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-4-16 144640]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-10 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-9-17 243232]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-28 355440]
S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-28 355440]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?]
S3 BrSerIb;Brother MFC Serial Interface Driver(WDM);C:\Windows\system32\DRIVERS\BrSerIb.sys --> C:\Windows\system32\DRIVERS\BrSerIb.sys [?]
S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);C:\Windows\system32\DRIVERS\BrUsbSIb.sys --> C:\Windows\system32\DRIVERS\BrUsbSIb.sys [?]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]
S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-4-16 50432]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-28 355440]
.
=============== Created Last 30 ================
.
2012-03-05 03:25:13 388096 ----a-r- C:\Users\David\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-03-05 03:25:12 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-03-05 01:58:48 -------- d-----w- C:\Users\David\AppData\Local\{7C07B73F-5879-4478-99C6-B32DF90CCA40}
2012-03-05 01:58:36 -------- d-----w- C:\Users\David\AppData\Local\{7708013B-F357-4075-B2C4-917BC9DBDE3D}
2012-03-04 09:30:41 -------- d-----w- C:\Users\David\AppData\Local\{2C7EC885-8603-4B69-A897-450E5F93E31F}
2012-03-04 09:30:29 -------- d-----w- C:\Users\David\AppData\Local\{7A77B22B-328C-4798-A208-05FDA53295ED}
2012-03-03 16:27:16 -------- d-----w- C:\Users\David\AppData\Local\{8C1E4DB0-AD7F-46C1-9AA6-DD0C0CCC8825}
2012-03-03 16:27:05 -------- d-----w- C:\Users\David\AppData\Local\{3AF0AAE9-3634-4141-89D1-306FD6DFD2B6}
2012-03-03 02:17:20 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{46B40DE0-D7F1-4BAA-8709-F2747DD760EA}\mpengine.dll
2012-03-02 16:07:57 -------- d-----w- C:\Users\David\AppData\Local\{D23A4522-9836-43FA-9DC1-B00BE4131315}
2012-03-02 04:07:22 -------- d-----w- C:\Users\David\AppData\Local\{C3E27CE5-07E2-4720-B4F4-A38B7CA66FF9}
2012-03-02 04:07:10 -------- d-----w- C:\Users\David\AppData\Local\{192EC41E-CFF8-4C59-9F0B-F1955100E713}
2012-03-01 04:43:44 -------- d-----w- C:\Users\David\AppData\Local\{2D83B564-CD9B-48D3-8C1F-71B85217B9DD}
2012-03-01 04:43:33 -------- d-----w- C:\Users\David\AppData\Local\{ECC05510-0270-4B5B-B783-AC6380919C7D}
2012-02-28 14:33:04 -------- d-----w- C:\Users\David\AppData\Local\{8CD71332-FF84-4161-890E-5F7DF1D483B2}
2012-02-28 14:32:53 -------- d-----w- C:\Users\David\AppData\Local\{5170550B-9B02-4386-8CC4-907897C731DF}
2012-02-27 14:37:12 -------- d-----w- C:\Users\David\AppData\Local\ESN Sonar
2012-02-27 11:14:26 -------- d-----w- C:\Users\David\AppData\Local\{204F6075-2B83-4FEF-AFFE-83A37F8F4786}
2012-02-27 11:14:14 -------- d-----w- C:\Users\David\AppData\Local\{4711D181-7527-40E8-9C71-9FFC1325AD95}
2012-02-26 07:20:17 -------- d-----w- C:\Users\David\AppData\Local\{C2EE37B1-54B5-4C93-8746-FC0E6A0C1EB5}
2012-02-26 07:20:06 -------- d-----w- C:\Users\David\AppData\Local\{B69659A0-4060-4EE3-B583-B55B3EBFBF92}
2012-02-25 08:13:52 -------- d-----w- C:\Users\David\AppData\Local\{56B8B269-0BEE-4507-8553-612E16ACA470}
2012-02-25 08:13:41 -------- d-----w- C:\Users\David\AppData\Local\{8B35C0AE-E948-4E48-ADE0-679D470FDD9B}
2012-02-24 15:33:48 -------- d-----w- C:\Users\David\AppData\Local\{C8D8AE19-512F-4202-82A2-9DA8E8DB9E30}
2012-02-24 15:33:36 -------- d-----w- C:\Users\David\AppData\Local\{A39B6A68-EF1A-4C8C-B3A4-3E59E334006E}
2012-02-23 03:42:10 -------- d-----w- C:\Users\David\AppData\Local\{5D6661C4-E128-4048-B1F1-EFADC6DDC3B9}
2012-02-23 03:41:59 -------- d-----w- C:\Users\David\AppData\Local\{4387445B-2B62-47B9-8B66-5461A6D68B78}
2012-02-22 15:41:32 -------- d-----w- C:\Users\David\AppData\Local\{5AEF4AEA-F562-444E-ABE3-4B1737D30C33}
2012-02-22 15:41:20 -------- d-----w- C:\Users\David\AppData\Local\{4879E86C-B33F-4BF1-86F6-9E5E24317179}
2012-02-21 15:00:05 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-02-21 14:59:23 889664 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-02-21 14:59:23 63296 ----a-w- C:\Windows\System32\nvshext.dll
2012-02-21 14:59:23 6074176 ----a-w- C:\Windows\System32\nvcpl.dll
2012-02-21 14:59:23 3089728 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-02-21 14:59:23 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-02-21 14:59:23 118080 ----a-w- C:\Windows\System32\nvmctray.dll
2012-02-21 14:58:48 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2012-02-21 14:36:07 -------- d-----w- C:\Users\David\AppData\Local\{4D73F422-E48A-4945-8106-AD3642485E48}
2012-02-21 14:35:55 -------- d-----w- C:\Users\David\AppData\Local\{8AC2B877-9215-44F9-B581-BCA7F0AE6207}
2012-02-20 13:44:28 -------- d-----w- C:\Users\David\AppData\Local\{85ED3432-11DC-405A-A7D0-764DD43A7A17}
2012-02-20 13:44:16 -------- d-----w- C:\Users\David\AppData\Local\{DF11D35B-F7E1-48FB-8987-9C0FA550D27A}
2012-02-19 14:11:29 -------- d-----w- C:\Users\David\AppData\Local\{AD1EEA1B-B630-4DD0-B2FF-93E3782E6150}
2012-02-19 14:11:18 -------- d-----w- C:\Users\David\AppData\Local\{A97F28C3-5E01-40B1-9008-4310581F9AFB}
2012-02-18 14:46:49 -------- d-----w- C:\Users\David\AppData\Local\{C7DC1B4B-DE24-4CF8-B298-76BADC303E63}
2012-02-18 14:46:37 -------- d-----w- C:\Users\David\AppData\Local\{BE5C0903-DE7B-40DF-8B56-67685DF65B72}
2012-02-18 11:17:32 -------- d-----w- C:\ProgramData\EA Logs
2012-02-18 02:46:11 -------- d-----w- C:\Users\David\AppData\Local\{E8DA5828-5058-4AD6-AF4B-6EB4D19169F3}
2012-02-18 02:45:59 -------- d-----w- C:\Users\David\AppData\Local\{169FD0A0-DDE9-45C9-9B69-A9D7E2211D03}
2012-02-17 14:45:24 -------- d-----w- C:\Users\David\AppData\Local\{F924C208-0D58-4BC5-AC0F-4B0C1C5A0B48}
2012-02-17 14:45:12 -------- d-----w- C:\Users\David\AppData\Local\{1FB4F52F-E287-4E0D-9215-05DDD335D4EF}
2012-02-16 13:43:53 -------- d-----w- C:\Users\David\AppData\Local\{E6D54C8D-8CE8-4AD2-9EDF-9541B1CDF76D}
2012-02-16 13:43:41 -------- d-----w- C:\Users\David\AppData\Local\{ED4B9AB2-DE44-42B2-92BE-F1765A230CBF}
2012-02-15 14:37:43 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-15 14:37:43 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-15 14:26:44 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-15 14:26:44 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-15 14:26:40 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-15 14:26:26 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-15 14:25:47 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-15 14:25:47 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-15 14:08:32 -------- d-----w- C:\Users\David\AppData\Local\{0D3D07C5-7CCD-4FCB-A8A5-0E649D8E0FF2}
2012-02-15 14:08:18 -------- d-----w- C:\Users\David\AppData\Local\{DB618FCC-0304-401B-A7A6-8DE603D15B5D}
2012-02-14 14:45:28 -------- d-----w- C:\Users\David\AppData\Local\{72C4826F-AF18-4A9C-8EBB-CB083B7CCEEF}
2012-02-14 14:45:16 -------- d-----w- C:\Users\David\AppData\Local\{81935550-7D36-4FFB-9751-0D5BCFED50A2}
2012-02-13 13:45:34 -------- d-----w- C:\Users\David\AppData\Local\{E9ED47E8-6111-445B-9B62-06FF2C604974}
2012-02-13 13:45:22 -------- d-----w- C:\Users\David\AppData\Local\{F9F3BB6B-E243-44F4-8E8A-748E3C43A2D3}
2012-02-12 06:51:30 -------- d-----w- C:\Users\David\AppData\Local\{B5875430-EF75-485B-82A5-EA01CF16F23F}
2012-02-12 06:51:19 -------- d-----w- C:\Users\David\AppData\Local\{3FD3E4F4-22B9-46A9-9938-10D058D25903}
2012-02-12 06:20:08 -------- d-----w- C:\Program Files\Microsoft IntelliPoint
2012-02-10 20:13:52 -------- d-----w- C:\Users\David\AppData\Local\{FE09E63D-E494-43A4-845B-8940495E4935}
2012-02-10 20:13:40 -------- d-----w- C:\Users\David\AppData\Local\{788EEBB4-9649-483D-B648-7079CB836C2E}
2012-02-10 07:53:53 -------- d-----w- C:\Users\David\AppData\Local\{A4DB2F13-7A2A-4DCF-A6E5-84D18F23EF15}
2012-02-10 07:53:42 -------- d-----w- C:\Users\David\AppData\Local\{C3EFF413-CB01-4962-A9ED-FC7AA140DFF6}
2012-02-09 19:53:08 -------- d-----w- C:\Users\David\AppData\Local\{AFAF9E84-66C2-4305-8645-978E34885C9F}
2012-02-09 19:52:57 -------- d-----w- C:\Users\David\AppData\Local\{60990868-B408-4875-BB1B-DEBF7FC584DB}
2012-02-08 10:00:39 -------- d-----w- C:\Users\David\AppData\Local\{E5D4A70D-164E-4688-9C19-090FC66A7325}
2012-02-08 10:00:28 -------- d-----w- C:\Users\David\AppData\Local\{1C11CC70-EA91-4D37-9C75-4A20052408D5}
2012-02-07 15:19:03 -------- d-----w- C:\Users\David\AppData\Local\{8C43A326-F134-4D40-9C4E-04DB03EAE712}
2012-02-07 15:18:51 -------- d-----w- C:\Users\David\AppData\Local\{3105EA90-FE5A-4963-954D-BF84FE689AE2}
2012-02-06 10:18:03 -------- d-----w- C:\Users\David\AppData\Local\{2361530A-E8C3-4DBB-B9E2-DA10848E0D7D}
2012-02-06 10:17:50 -------- d-----w- C:\Users\David\AppData\Local\{F70A42CB-61BF-4287-A5AF-7883CFF34EDA}
2012-02-05 15:32:30 -------- d-----w- C:\Users\David\AppData\Local\{6E86BAF7-FFC0-417E-9D3B-A7087B7E6CD5}
2012-02-05 15:32:19 -------- d-----w- C:\Users\David\AppData\Local\{38F27A96-D978-4086-BC66-11130B7B5311}
2012-02-05 03:31:53 -------- d-----w- C:\Users\David\AppData\Local\{104DD6DD-9F63-4252-A372-E98AA704D4AF}
2012-02-05 03:31:41 -------- d-----w- C:\Users\David\AppData\Local\{1C3C0B08-30AD-4E6A-BC7E-8D1045E8FDCC}
2012-02-04 15:31:15 -------- d-----w- C:\Users\David\AppData\Local\{9F27C804-2339-4689-B56E-8D1BC5CD750C}
2012-02-04 15:31:03 -------- d-----w- C:\Users\David\AppData\Local\{721C418F-9BAB-4DF0-809E-D361F8594833}
.
==================== Find3M ====================
.
2012-03-05 02:44:06 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-03-05 02:44:06 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-03-05 02:43:55 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-02-27 11:15:28 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-18 11:22:34 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-01-28 21:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-17 12:46:01 31040 ----a-w- C:\Windows\System32\nvhdap64.dll
2012-01-17 12:45:56 188224 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2012-01-17 12:45:55 1451840 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 11:36:24.53 ===============
_______________________________________________________________________________________________________________

I hope that this information is useful and I hope to hear from you as soon as posible

Thanks,

David Kan
davidkan
Regular Member
 
Posts: 19
Joined: March 4th, 2012, 11:40 pm
Advertisement
Register to Remove

Re: Unusual traffic from your computer network

Unread postby Gary R » March 5th, 2012, 2:27 am

viewtopic.php?f=11&t=59211

This is a Duplicate Post, and has therefore been closed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 292 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware