An old friend just moved into the downstairs apartment and I told him he could hook up to my wireless DSL.
Tonight his computer started doing something very strange. The web activity log of the router showed his computer connecting to Microsoft, Google, Yahoo, and Intel websites. Over and over again. 20-30 hits per second. He’s disconnected now, otherwise all web activity was blocked off from our other computers.
I went downstairs and ran malwarebytes and Super Anti Spyware. Nothing. AVG showed no problems either. We restarted the wireless card and the hits started again. He’s disconnected now.
He’s running Windows XP Corporate and a Netgear wireless card.
Sounds like botnet to me. Check the exceptions in the firewall, look at processes in task manager, stuff like that. Root Kit Revealer is good for diagnosing too. Errr… your wireless network is secured with a password, right?
As others have said, this is botnet behavior. Somewhere is a h4x0r using your roomy’s computer to eat bandwidth of the servers it is communicating with.
Download (free) and install MalwareBytes. Boot in safe mode,* have it get the latest updates. and see what it finds.
*The last malware I found blocked MalwareBytes updates hence the need for safe mode, which is always a good idea when you suspect an infection.