Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Junk removal tool not touching upon router virus


  • Please log in to reply
4 replies to this topic

#1 jraju

jraju

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:12:49 PM

Posted 28 January 2016 - 01:45 AM

Hi, I value all the things from bleeping computer. I downloaded and ran JRT by thisusu. It kills various PUP and trojans present in the computer folders. It did not touch upon router, which is being attacked by crook programs making annoying experience of change of dns server address, causing internet connection loss to the users without their knowledge.

Moreover the PUP and popup commercial sites attack the open http port no80 and at times 21 and 23. While it may not be possible to close these ports in the router, the attackers use this port to inject sudden popups and unwanted sites without users browsing those things.

                    will the bleeping comuters fourm members recommend which does this protection to these users. changing of MAc address , and changing of password do not limit those attacks, If it could cause change in the router, by hiding and injecting whenever they want to inject those programs and popups.

                     Use of avast ofcourse, shows the vulnerability of the router, but resolving at times makes the access still more worse. That is , the problem in the router, and what it tries to resove without user consent is the problem there. If suppose, one clicks resolved, you get all this fixed message, but the users are not aware of what it is doing.

                        I request the maker of this tool, to include in his program and get user consent to proceed further if a threat is shown.


Edited by hamluis, 28 January 2016 - 09:31 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,607 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 28 January 2016 - 06:21 AM

I don't think this is going to happen. You cannot use JRT to "clean a router", and I don't see how you could do that with it anyway. If your router really is hijacked, I suggest you to reset it to it's factory defaults, reconfigure your network on it and then harden it (use secure DNS servers, disable remote admin on it, lock down the admin user with a strong password, etc.) There's no tools to my knowledge which are aimed at "disinfecting" routers, since they don't all work the same way, nor are they from the same manufacturer.

Junkware Removal Tool is a security utility that searches for and removes common adware, toolbars, and potentially unwanted programs (PUPs) from your computer.

Source: http://www.bleepingcomputer.com/download/junkware-removal-tool/

Keypart here being "from your computer", without the mention of router anywhere else.

Sorry, but if you are really under attack by hackers, even if JRT was somehow modified to clean routers, it wouldn't stop them from going after you.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 jraju

jraju
  • Topic Starter

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:12:49 PM

Posted 29 January 2016 - 12:34 AM

Thanks for the reply.I have done about 20 reset and so much reconfigurations. The router attack is the main thing now. Yesterday, when i posted this topic i have no problem. But today morning when i open the computer, i was not given internet access For your information, my homework icon had been changed from home to Public by the unknown commercial program. Not only that, my ip has been changed to some other ip. , say to 169.254.90.67 , which is not all . May be this router hijack has done to change this ip address. Now, i know the access points, so could get the internet back. Even trying of ipconfig commands does not solve the problem. I reentered the ip and all access points to resume the internet access.

                          I think it is implied meaning of router attack when i write something special. I will try to see that this ip address is about.

                          Regarding your suggestion, would you kindly say how to to remote access block, and port block. I checked in some software and found that port no.80 and 21 are open, which should be closed.

                            Can i change the default password and will it solve the problem, i mean changing the all in one password to something. I will be happy to receive suggestions from you.

                            I mean not disinfecting really, but keep away from attacks.

                            The router company has closed its business on sale of routers and the service personnel is just doing reconfiguring if any problem comes. But imagine disturbing them daily or two times a week for internet access.

                             What they do is simply reconfigure, without touching advance menu..

                             As different people have different modems, it is what they can do.

                           My router is tdsl300w2 type 2 teracom bband wifi router.



#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,607 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 29 January 2016 - 07:51 AM

Is this your router?

http://www.netvuze.com/2013/04/dsl-broadband-modem-configuration.html

Does the web config page for it looks like the one(s) in the link above?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,287 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:19 AM

Posted 29 January 2016 - 07:19 PM

JRT is not a comprehensive malware removal tool nor was it ever meant to be one.

JRT is a non-interactive batch program (command line tool) created by thisisu (a member of the BC Malware Response Team) that is designed to search for and remove many potentially unwanted programs (PUPs), adware, toolbars, browser hijackers, browser extensions, add-ons/plug-ins, browser helper objects (BHOs) and other junkware. JRT will remove all traces of these types of programs which includes related services, registry entries (values, keys), files, folders and potentially unwanted extensions.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users