Hello everyone, first of all, awesome job you're doing! I hope I can get my issue resolved here.
I am running windows 7, and there is seemingly nothing wrong with it. However, I happened to look at my uploads and downloads, and saw that the 'system' process was constantly uploading data, without end, at speeds from 200KB/s to 3MB/s
This set off all my alarm bells, and I immediately did a system restore. Unfortately, it didn't help (my last system restore was a week ago, and it could easily be that the infection is more than a week old) . I also scanned my entire pc (with MBAM and MSE), and it didn't find anything. However I did run some suspicious files recently.
The strange thing is, the place it is uploading to is an internal adress: 192.168.1.46. The machines own address is 192.168.1.16. I also walked around the house and tried all the laptops and other pc's, etc... none of them came up as 192.168.1.46. The network is also password-protected, so I find it hard to imagine it's someone from outside.
Is there any way to find out to who the 192.168.1.46 belongs? And do I definitely have a rootkit/virus/whatever? In that case, is there anyway to detect/remove that rootkit? MBAM and MSE didn't find anything, but I'll try anything that is suggested.
Thanks in advance!
edit: to add, it seems to quit at some points, like just now. I don't know if this is because the 192.168.1.46 "device" is turned off, or any other reason. I do live with multiple people, so it could be that one of them just did something. I just know it's not me controlling it.
Edited by yoyie, 07 December 2013 - 03:17 PM.