Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Inactive Malware Help Topics

My computer is constantly downloading something.

This is a discussion on My computer is constantly downloading something. within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. Hi there, My computer recently start to constantly download something. It does non-stop at the speed from 8 - 40


 
 
Thread Tools Search this Thread
Old 02-11-2012, 01:21 PM   #1
Registered Member
 
Join Date: Feb 2012
Posts: 1
OS: Windows 7



Hi there,
My computer recently start to constantly download something. It does non-stop at the speed from 8 - 40 KB/s, sometimes it jumps to 150-190 KB/s for a few seconds.
This issue has caused my internet browsing to slow down significantly. I has tried everything that I could do but does not fix it.
Below is the DDS.txt.I also attached the attach.txt in zip form in the attachment. There is no ark.txt because I run a 64-bit system.
Thank you in advance for any help.

Hannah TP


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Hannah TP at 22:15:38 on 2012-02-11
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2460 [GMT 1:00]
.
AV: Kaspersky PURE *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky PURE *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky PURE *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtblfs.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = about:blank
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
TCP: Interfaces\{02A876C6-D9F8-45B7-BD77-D0706AB9F9BA} : NameServer = 129.125.36.9,129.125.4.13
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
BHO-X64: link filter bho - No File
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Hannah TP\AppData\Roaming\Mozilla\Firefox\Profiles\nxq4rapl.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll
.
============= SERVICES / DRIVERS ===============
.
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\system32\DRIVERS\CSCrySec.sys --> C:\Windows\system32\DRIVERS\CSCrySec.sys [?]
R0 KLBG;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\DRIVERS\klbg.sys --> C:\Windows\system32\DRIVERS\klbg.sys [?]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys --> C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AVP;Kaspersky PURE;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe [2010-10-1 348760]
R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-5 136176]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-5 136176]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-02-10 06:21:16 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EA459435-9C9F-4AD6-9745-4C1E156D1818}\mpengine.dll
2012-02-07 06:08:58 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2012-02-07 0600 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-02-06 18:45:00 162392 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
2012-02-06 15:57:46 -------- d-----w- C:\Users\Hannah TP\AppData\Local\Adobe
2012-02-06 11:56:46 -------- d-----w- C:\Users\Hannah TP\AppData\Roaming\PCF-VLC
2012-02-06 11:51:23 -------- d-----w- C:\Users\Hannah TP\AppData\Roaming\Participatory Culture Foundation
2012-02-06 11:51:12 -------- d-----w- C:\Program Files (x86)\Participatory Culture Foundation
2012-02-05 23:58:39 -------- d-----w- C:\Windows\Panther
2012-02-05 20:09:49 158056 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin
2012-02-05 18:57:22 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-05 18:26:53 -------- d-----w- C:\Program Files\Common Files\WebM Project
2012-02-05 18:26:53 -------- d-----w- C:\Program Files (x86)\Common Files\WebM Project
2012-02-05 18:26:39 -------- d-----w- C:\Users\Hannah TP\AppData\Local\Google
2012-02-05 18:23:00 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-02-05 17:16:49 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2012-02-05 17:16:49 -------- d-----w- C:\Program Files (x86)\StarCraft II
2012-02-05 17:16:49 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2012-02-05 15:55:01 -------- d--h--w- C:\Windows\msdownld.tmp
2012-02-05 15:37:51 85048 ----a-w- C:\Windows\System32\drivers\CSCrySec.sys
2012-02-05 15:37:51 66104 ----a-w- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
2012-02-05 15:37:27 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-02-05 15:37:27 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2012-02-05 15:37:27 -------- d-----w- C:\Program Files (x86)\Common Files\InfoWatch
2012-02-05 15:36:24 -------- d-----w- C:\ProgramData\Kaspersky Lab Setup Files
2012-02-05 15:34:56 -------- d-----w- C:\Users\Hannah TP\AppData\Local\Diagnostics
2012-02-05 15:26:59 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e
2012-02-05 15:26:17 -------- d-sh--w- C:\Windows\Installer
2012-02-05 15:08:57 -------- d-----w- C:\Windows\SysWow64\Wat
2012-02-05 15:08:57 -------- d-----w- C:\Windows\System32\Wat
2012-02-05 15:08:37 -------- d-sh--w- C:\Recovery
2012-02-05 14:22:43 56320 ----a-w- C:\Windows\System32\drivers\L1E62x64.sys
.
==================== Find3M ====================
.
2012-02-05 15:09:05 14848 ----a-w- C:\Windows\System32\slwga.dll
2012-02-05 15:09:05 13824 ----a-w- C:\Windows\SysWow64\slwga.dll
2012-02-05 15:09:04 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2012-02-05 15:09:04 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2012-02-05 15:09:04 1008640 ----a-w- C:\Windows\System32\user32.dll
2012-01-29 04:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-19 14:58:00 77312 ----a-w- C:\Windows\System32\packager.dll
2011-11-19 14:01:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 06:41:18 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:38:39 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 22:16:15.03 ===============
Attached Files
File Type: zip Attach.zip (1.7 KB, 6 views)

__________________
Hannah TP is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need help - IE crashing and random redirects
I got the Windows repair virus virus a few days ago and was able to remove most of the symptoms using MBAM and Spybot but I still have a few issues: 1. IE 8 crashes upon launch most of the time. Mozilla Firefox works fine for now and I can live with it but need IE for some of my applications....
jb40967 Resolved HJT Threads 12 07-23-2011 08:03 AM
Computer freezes or constantly restarts
So I have a windows 7 computer and the problem is that for some reason my computer freezes up or restarts itself and when it is back on, the lan hardware is no longer working (it appears to say that either the lan is not plugged in or that the hardware is broken). So, I restart my computer again...
tico7 Windows 7 Support, Windows Vista Support 2 01-27-2011 12:10 PM
Is my PSU too weak? my computer constantly freezes or locks up.
My PSU is made by delta electronics inc. and is 400 Watts. model GPS-400BB i have a fresh install of windows xp pro as of today. I am running two HDD one 110 GB and the other 500GB, i have a pentium 4 3.0 GHz processor with 2 GB of RAM. I have an ati radeon hd 4350 graphics card with a fan. here...
Chris-elliott RAM and Power Supply Support 6 01-15-2011 01:58 PM
Power Supply Information and Selection
:smile: CHOOSING AND UNDERSTANDING A POWER SUPPLY UNIT The power supply unit in today’s modern computer assumes a role probably more critical than any other single component in your system even when compared to the CPU and motherboard. Therefore, there are multiple factors that must...
Tumbleweed36 RAM and Power Supply Support 0 07-09-2006 03:41 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2


All times are GMT -7. The time now is 03:22 AM.


Copyright 2001 - 2014, Tech Support Forum

Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts