Bay 12 Games Forum

Please login or register.

Login with username, password and session length
Advanced search  

Author Topic: F***ing malware. :(  (Read 876 times)

ptb_ptb

  • Bay Watcher
    • View Profile
F***ing malware. :(
« on: June 10, 2014, 08:05:27 am »

Suddenly the three computers on my local network (sharing internet connection) have all been hit by some sort of malware that blocks search sites and pretends to be an adobe flash update reminder. Ugh. Information on the subject seems to be confusing and/or contradictory. Suggestions include that it may be my rooter that is compromised (one of the TP-Link things).
Logged
()==[:::::::::::::>

miauw62

  • Bay Watcher
  • Every time you get ahead / it's just another hit
    • View Profile
Re: F***ing malware. :(
« Reply #1 on: June 10, 2014, 08:12:29 am »

I doubt it's the router. Router vulnerabilities are very specific to hardware, and they don't affect your computer.
Run SUPERAntiSpyware, Malwarebytes and HijackThis and see if that helps.
Logged

Quote from: NW_Kohaku
they wouldn't be able to tell the difference between the raving confessions of a mass murdering cannibal from a recipe to bake a pie.
Knowing Belgium, everyone will vote for themselves out of mistrust for anyone else, and some kind of weird direct democracy coalition will need to be formed from 11 million or so individuals.

ptb_ptb

  • Bay Watcher
    • View Profile
Re: F***ing malware. :(
« Reply #2 on: June 10, 2014, 08:29:24 am »

I doubt it's the router. Router vulnerabilities are very specific to hardware, and they don't affect your computer.
Technically, I'm not sure my computers have been affected. It's the IP for sites like www.google.co.uk that have been affected, which could indicate the router is being made to use a 'bad' DNS. I couldn't see anything obvious in the router settings, though. (DNS listed was a valid BT one).

Quote
Run SUPERAntiSpyware, Malwarebytes and HijackThis and see if that helps.
I've just done a quick scan with Adaware 11. Only found cookies though. I'm going to do a hard reset of the rooter and change rooter password just in case. It's a big hard to find stuff because the only search site I have left is http://www.yahoo.co.jp/ :P I'm going to try SUPERAntiSpyware next.
Logged
()==[:::::::::::::>

ptb_ptb

  • Bay Watcher
    • View Profile
Re: F***ing malware. :(
« Reply #3 on: June 10, 2014, 08:44:24 am »

SuperAntiSpyware didn't find anything on a quick scan, or a critical points scan. I'm running a complete scan now. (Will probably take ages).
« Last Edit: June 10, 2014, 08:46:41 am by ptb_ptb »
Logged
()==[:::::::::::::>

ptb_ptb

  • Bay Watcher
    • View Profile
Re: F***ing malware. :(
« Reply #4 on: June 10, 2014, 08:46:05 am »

Quote
SuperAntiSpyware didn't find anything on a quick scan, or a critical points scan. I'm running a complete scan now. (Will probably take ages).
Nothing found.
« Last Edit: June 10, 2014, 08:58:24 am by ptb_ptb »
Logged
()==[:::::::::::::>

miauw62

  • Bay Watcher
  • Every time you get ahead / it's just another hit
    • View Profile
Re: F***ing malware. :(
« Reply #5 on: June 10, 2014, 08:59:51 am »

* miauw62 shrugs
No idea. I guess it could be the router after all. Do you have any Android/iOS devices that probably wouldn't be affected by "normal" malware?
Logged

Quote from: NW_Kohaku
they wouldn't be able to tell the difference between the raving confessions of a mass murdering cannibal from a recipe to bake a pie.
Knowing Belgium, everyone will vote for themselves out of mistrust for anyone else, and some kind of weird direct democracy coalition will need to be formed from 11 million or so individuals.

ptb_ptb

  • Bay Watcher
    • View Profile
Re: F***ing malware. :(
« Reply #6 on: June 10, 2014, 09:16:42 am »

* miauw62 shrugs
No idea. I guess it could be the router after all. Do you have any Android/iOS devices that probably wouldn't be affected by "normal" malware?

Hmm... Yes actually.

Although Malwarebytes found some stuff that the other scanners didn't. Looks like it may have been a variation on conduit (something I've tangled with in the past). For the moment the computer I'm typing on now appears to be clean. :)  Thanks a lot for your advice - I didn't know those two scanner programs.

[EDIT] Final result.  All seems to be well. It appears it may well have been a router problem (although I am still not certain). It seems that the changes I made regarding proxy and DNS use did not have immediate effect but only made a difference after the computers had all disconnected from the Internet before re-connecting. Maybe. :P
« Last Edit: June 10, 2014, 09:47:07 am by ptb_ptb »
Logged
()==[:::::::::::::>