Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Routers and Viruses


  • Please log in to reply
10 replies to this topic

#1 sausage

sausage

  • Members
  • 390 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Colorado
  • Local time:11:27 AM

Posted 17 August 2010 - 08:58 PM

I couldn't find the right forum in the malware section to post this in. Mainly because I don't have specific information and I don't want to waste the HJT guys' time.

Anyways, my friend's got a nasty virus. It infected her mom's laptop and her sister's laptop while she was away in spain. the girls proceeded to google the virus on my friend's computer and it in turn was infected. so now to my question: (note that I do not know exact details of the virus, what I told you is all the info I have) if I virus transfers between computers through routers, is the virus in the router itself or is it just transferring through it. I don't want to tell her to reformat her computer if it's just going to come back.

Also, she can't download stuff for diagnosis because, as far as I'm told, she can't get onto the internet.

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,265 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:27 PM

Posted 17 August 2010 - 09:11 PM

This is very uninformed and unofficial...but my understanding is that there is malware which can now infect routers.

Google Links.

Louis

#3 sausage

sausage
  • Topic Starter

  • Members
  • 390 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Colorado
  • Local time:11:27 AM

Posted 17 August 2010 - 09:24 PM

Ok thanks. any ideas of how to get rid of it then?

#4 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,711 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:10:27 AM

Posted 17 August 2010 - 09:29 PM

You should post a topic in the AM I Infected forum where there are highly trained members that can help you.

http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#5 sausage

sausage
  • Topic Starter

  • Members
  • 390 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Colorado
  • Local time:11:27 AM

Posted 17 August 2010 - 10:12 PM

@mr. afraid of peanut butter sticking to the roof of your mouth:

The reason I didn't do that in the first place is because what they do is, tell you to download a program, post a log of that program and explain the situation to them. the problems with that are, my friend lives in st. louis, while I live in colorado so I cannot give the program to her via usb drive, doesn't have internet to download said program, and quite frankly, isn't computer literate enough to run the program correctly, also, I don't know exact details of the issue, as my friend didn't provide extensive details and was not present at the time of infection. Everything I know is listed in the first section of my post.

Edited by sausage, 17 August 2010 - 10:15 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:27 PM

Posted 17 August 2010 - 10:59 PM

Hello, I am moving this ftom XP to the Am I Infected forum just to make you mad at me :thumbsup:

The problem is actually based in your router.
Here is the entire fix(from the beginning) that you will need to run on each PC if networked.

Please download Malwarebytes' Anti-Malware from Here or Here

Next disconnect your system from the internet, and your router, then…

Double Click mbam-setup.exe to install the application.
  • Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



Next you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you don’t know the router's default password, you can look it up HERE

However, if there are other Zlob-infected machines using the same router, they will need to be cleared with the above steps before resetting the router. Otherwise, the malware will simply go back and change the router's DNS settings. You also need to reconfigure any security settings you had in place prior to the reset. Check out this site here for video tutorials on how to properly configure your router's encryption and security settings. You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.

Once you have ran Malwarebytes' Anti-Malware on the infected system, and reset the router to its default configuration you can reconnect to the internet, and router. Then return to this site to post your logs.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 sausage

sausage
  • Topic Starter

  • Members
  • 390 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Colorado
  • Local time:11:27 AM

Posted 17 August 2010 - 11:12 PM

^ sigh...........

whatever, just realize that I am in no way capable of running that. sooooo yeah. :thumbsup:

EDIT: actually, I may be able to do it, but don't get your hopes up.

Edited by sausage, 17 August 2010 - 11:13 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:27 PM

Posted 17 August 2010 - 11:34 PM

You're too kind :thumbsup: , why can you not run it. It's the ONLY solution. Even a reformat of the PC won't clear the router.

Disconnect , run MBAM..all PC's , reset router

Edited by boopme, 17 August 2010 - 11:37 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 sausage

sausage
  • Topic Starter

  • Members
  • 390 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Colorado
  • Local time:11:27 AM

Posted 17 August 2010 - 11:39 PM

yeah, that's an issue. But as said before, my friend is 1,500 miles away from me without internet. The only way this can be run is if she has a flash drive and is able to nab the malwarebytes from her library. I guess she could get it from her friends, but idk. I texted her to see if she had a flash drive, she hasn't responded.

Edited by sausage, 17 August 2010 - 11:39 PM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:27 PM

Posted 17 August 2010 - 11:50 PM

Well I guess they could try this. Substituting a scan with their installed antivirus for MBAm... Maybe it will get them in. Then aafter they recoonnnect they can download MBAM.
I have to leave now.

Edited by boopme, 17 August 2010 - 11:51 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 sausage

sausage
  • Topic Starter

  • Members
  • 390 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Colorado
  • Local time:11:27 AM

Posted 17 August 2010 - 11:52 PM

I'll try, I haven't been able to contact her though, I'll see if I can get her to try tomorrow, night.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users