Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Possible network infection and multiple computers possibly infected

  • Please log in to reply
No replies to this topic

#1 dreadpirate1990


  • Members
  • 1 posts
  • Local time:09:27 AM

Posted 30 June 2014 - 11:41 PM

This is something I have never really come across and had to ask for outside help.


I currently use FiOS as my ISP. I have the Actiontec MI424WR router and have multiple devices connected to the network. Some of the devices include two PCs with Vista, iPads, iPhones and printers. The tunneling adapter seems to keep enabling itself on all the computers and devices. I even have a Macbook Pro that was experiencing issues. I know for a fact that network sharing is disabled on all the devices. But I will still see files from one computer being broadcast onto other computers on the network. In the past, I have turned off the router, reset the router, reset the modem firmware, disabled port forwarding and purely used my iPhone hotspot to temporarily use as the network and the same thing would happen (I had thought it could be DNS Changer or something to that effect). I have been unable to successfully do repair-installs on some of the machines altogether and the MacBook actually locked me out from accessing certain parts of the hard drive. The same thing happened with the Vista desktop that I have; I was being denied permission to access the C drive and could not run any programs stating I did not have the proper credentials (even though I was on an admin account). When I began using the iPhone as a hotspot, my network usage flooded to over 300 times what it would normally be (even though I wasn't doing anything data intensive).


The strange part is I even brought my computer to a friend's house 30 miles away and connected to completely different network (strangely enough he had the same type of router I do) and I was still seeing files I know to only be on computers at my house being pushed to the computer on this completely different network. In addition, I even had files from my computer start showing up on my friend's computer.


I ran the obvious scans with MBAM (on the computers I was able to run it), MBAR and RogueKiller. Nothing was found. I don't know if this is some sort of bootkit since it seems to survive having clean installs or what the possible problem is. And the fact that when I used my iPhone as a hotspot and it flooded the network usage and basically had all of my computers being recognized as servers scares me that I could be part of some sort of botnet or something.


Any suggestions would be most appreciated,

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users