Jump to content

Browser Hijacks (all 5 pcs on home network)

RonChase
 Share

Recommended Posts

John A

John A

Posted
Posted

I am chipping in here because I had a similar issue this morning on three computers on a home network (modem/router combined). 2 x XP, 1 x W7 32 bit

I didn't have redirection issues, but key web sites such as microsoft.com, facebook, paypal timed out and Microsoft Security Essentials failed to update because of connection problems. But most other websites worked fine. Email worked fine.

I suspected some sort of hijacking. I was able to update Malware Bytes and scan but nothing was found.

I turned off the computers, turned off the modem/router and unplugged it for a minute then rebooted everything and I was back to normal - problem gone. I do have my own admin password for the modem/router and wireless security is on.

I have never seen anything like this before.

Help,

I am having serious issues.

I will first describe the general issues as this might be a different problem all together.

I have 5 Computers (family members, laptops, etc that access internet, 2 are wired, 3 are wireless, Secure, WPA)

All 5 have the exact same problems.

All are XP home and Pro, completely updated.

Malwarebyte finds nothing on any of them. Malwarebytes wont update (MBAM_error_updating, 12007, 0, winhttpsendrequest)

3 are running MBAM dbversion 4052, vers 1.46. 2 I manualled updated rules.ref (still finds nothing)

All 5 pcs have hijacked browsers, about every 3 pages, i see it say waiting for rds.yahoo.com or waiting for google-analytics.com

Various AV programs find nothing, Norton, Avira, etc.

Here is the kicker, I just completely reinstalled XP Home yesterday, did nothing but install 80 updates, never browsed the internet, turned on windows firewall, just started surfing and I have the same problems as every computer in my house. Seen from another post to try Avira, just did, found nothing. This is truly frustrating. Any help would be greatly appreciated.

Link to post
Share on other sites
yardbird

yardbird

Posted
Posted

Hi John, well the RU Fed./China, has been hi-jacking lots of routers, without the right steps in order to fix them. Only so much can be done. When cleand out or a flush DNS, or what you did, is fine, but they have left malware or worse behiend. After all the above steps, (from page 1 & 2) we them direct them to the Malware Removal Forum, to see what (if anything) was left... been going on for 2 months + now regards.....

Link to post
Share on other sites
VolcanoGod

VolcanoGod

Posted
Posted

I had a very similar problem with my Home network for a few weeks. Like you said it seemed to redirect to seemingly harmless websites. So i didnt give it that much consideration until the Hard drive went bad in one of my systems. i reinstalled windows and was getting redirected from a clean install. After lots of testing, hair pulling, and 2 more installs of windows. I found it to be my router.

In my router there is a setting where you can manually enter the DNS Server or the your IPS Choose one for you. Mine was set to "213.109.65.28" and another i didn't write down. It traces to the Russian Federation Like yardbird said. I simply choose to allow my ISP to provide the DNS and changed all my passwords and Usernames. 1 day later i haven't had any more problems.

If you cant find the settings it might be worth it just to reset your Router to Factory Defaults and re-setup the router. Hope this will helps.

Link to post
Share on other sites
John A

John A

Posted
Posted

OK, but it seems to have fixed the problem - at that time I was unaware that a router could be hijacked. I did some research after that and that is when I came across this thread. I also read that having a router admin password other than the usual defaults helps to prevent such hijacks.

Hello John A:

Similar problem(s) doesn't always mean same solution. By the way "I turned off the computers, turned off the modem/router and unplugged it for a minute then rebooted everything and I was back to normal" didn't do anything but clearing cache

Link to post
Share on other sites
John A

John A

Posted
Posted

Thanks Yardbird

I will do that.

Hi John, well the RU Fed./China, has been hi-jacking lots of routers, without the right steps in order to fix them. Only so much can be done. When cleand out or a flush DNS, or what you did, is fine, but they have left malware or worse behiend. After all the above steps, (from page 1 & 2) we them direct them to the Malware Removal Forum, to see what (if anything) was left... been going on for 2 months + now regards.....
Link to post
Share on other sites
noknojon

noknojon

Posted
Posted

Hi John -

First please use the ADD REPLY Tab , under the Quote tab to respond ,unless it relates to a special item or person -

You can also use @ John - as a director for a special individual reply , or Thanks Yardbird as you did above -

The REPLY Tab quotes the full response from the last posting -

Thank You -

Link to post
Share on other sites
noknojon

noknojon

Posted
Posted

Sorry but that should have been listed in the Micrisoft item - They usually do note it -

We normally note it in our items -

Any result yet ??

EDIT -

After talking to a few experts , they all say that a router hijack is being a more common item in the last few months -

We have only just found/devised these fixes because of these newer problems -

The infection "sticks" in the router and the memory of it must be also removed along with the infection -

Link to post
Share on other sites
Haider

Haider

Posted
Posted

Hello All:

Following will help any further hijack of router settings after a hard reset:

  1. Changing default admin login password
  2. Changing default IP
  3. Changing wireless encryption key

John A Windows Vista/7 require Run as Administrator

Anyone having similar issu, please start your own topic using PogTD.png button

Link to post
Share on other sites
noknojon

noknojon

Posted
Posted

Hi to all -

Sorry if this thread is "overflowing" a bit - You must note that it is hard enough to give directions to one person with one problem computer -

At this time there are about 7 or 8 computers involved in the thread - Each one needs to be treated as an individual unit with one problem -

Multi fixes are not always the best way to repair problems on an open forum , so we would like each one to submit each problem one at a time -

I hope you understand this , so please do not add to the thread and start your own New Topic as each unit may have other problems also -

Thank You -

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.