I am completely stuck on this one. I use OpenDNS umbrella to monitor our networks. One of our networks only consists of a computer, a video camera, and a time clock behind a router/DSL modem. For the past couple weeks, OpenDNS has been showing HUGE amounts of DNS traffic coming from that network. I checked and Kaspersky didn't detect any malware on the computer that is on the network. I physically disconnected the computer and all the other devices from the network and left just the router (with wi-fi disabled) connected to the internet. Even with NOTHING connected to the network, the requests continued to show up on my OpenDNS dashboard.
Here is an example of what the requests look like:
Text
1 2 3 4 | 3/14/14 13:51:02 Shipping Department qvklsxobyxkj.www.595mir.com x.x.x.6 x.x.x.6 Normal
3/14/14 13:51:02 Shipping Department epyvozqnwzyv.www.tpa.net.cn x.x.x.6 x.x.x.6 Normal
3/14/14 13:51:02 Shipping Department sfwfidipufen.list3.553p.com x.x.x.6 x.x.x.6 Normal
3/14/14 13:51:02 Shipping Department ynetwvedunafof.www.cn-dada.com x.x.x.6 x.x.x.6 Normal
|