i can tell ya whats going on.
the highest priority of the hacker that created the botnet system since aug 2008 was to make it undetectable. the main botnet is actually a backdoor injected into your motherboard through a chip flaw. if you was to format and install a firewall, you can use sysinternal's process monitor and watch it use both sides of the connection to breakthrough. the hacker injects radio packets from a smartphone through a phone tower to send a request for info of your system. he then uses codes to talk back and forth using cookies and smtp. if you had best security, the hacker would create an incoming cookie that i always choose block/allow/view info. no matter what you choose, the worm intercepts the packets and recieves commands from your hacker buddy. the worm in return if need be, creates an smtp packet with codes in the subject using dollarsigns before and after a word. that is how they mainly talk. when you see ANON scripts or packets, that means that he hijacked your first master boot record. this is where the codes are that he injects into your browser to connect to other sites. when you see the ARP packets, it means that he has hijacked your drivers/firmware/kernel and set it up to run independant of your operating system. you may be pinging as much as 2 or 3 thousand ips per hour 24/7.
the only way to detect so far(besides your connection being so slow), is to put a router with a good log between your connection and computer . this will show incoming and outgoing. all that is required for this to run is to turn your machine on. and later on if you get these kernel lags, you prolly have another infected machine locally that is turned on. or it seems he may alter timers and threads.
when this first started and may be how you guys can help me figure out, you could not even low level format any hardrive if there was more than 1 active anywhere on the network. now i cant even low level format any drive. when i used dban, it repeativly mentioned DAV. and of course the access violation(cache(part of chip hack)) related. i went through my notes and noticed an old message i wrote down while monitoring the worm that said AXEL.DAV = data interface. i would like to know if anyone knows t hat that is or means.
thanks