Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Router Infection


  • Please log in to reply

#1
ShowMe

ShowMe

    Member

  • Member
  • PipPipPip
  • 121 posts
:) :unsure: I am in a somewhat remote area of rural Vermont and my nearest link to internet is from my neighbor's router which seems to have become infected. When I try to connect to the net, my Malwarebytes blocks the connection because "213.109.7*.**" ( did not write the whole address) is trying to access my computer from various ports. I traced the address and it seems to be from Russia. I should be able to access their computer in 4 or 5 days, and would like to know what things I can do to reclaim the router. Would a simple reset of router be enough? I can usually get to internet once a day when I drive 10 miles to town and can respond sporadically. Thanks in advance for any help.
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
If there is a separate dsl or cable modem then disconnect your neighbor's PC from the router. Press the RESET button on the router and hold it for 30 seconds. Connect your PC with a cable. Log on to the router and change the password. (If you don't know the router's address just Start, Run, cmd, OK and then type:

ipconfig

(With an Enter after the line). The router will be the same as the default gateway so open a browser and type in the ip address of the default gateway.)

You will need the password. Look at
http://www.phenoelit...rg/dpl/dpl.html
or
http://www.routerpasswords.com/

The first one you can print out the second is easier to use if you are on line.

Log on and change the password(s) to something else. (You can write the new password on a piece of paper and tape it to the bottom of the router.)

While there verify that the router is not running DD-WRT software. IF it is you may need to go to the router maker's website and download the latest version of the original firmware. I have seen one case where malware had presumably installed this open source router code and a day after the reset and password change it was reinfected so presumably the code had a back door installed in it. IF the router is wireless you should pick the newest encryption scheme it has (something besides WEP) and use a nice long password for it. We are seeing some drive-by hacks these days and the WEP encryption is easily hacked.

Odds are that your neighbor's PC is/was infected so perhaps you could run a good scan on it while you are there.

ESET's is very good:

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.

You can also try the bitdefender quickscan.

http://quickscan.bitdefender.com/

MBAM is also good:
http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

Rightclick on Malwarebytes' Anti-Malware and select Run As Administrator and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt


Ron
  • 0

#3
ShowMe

ShowMe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts
Thank you very much for your quick and very comprehensive reply. I will follow your instructions in a few days when m y neighbor gets back from Japan.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP