Machine 0 Posted September 22, 2018 Share Posted September 22, 2018 For 2 days now i am getting warning from ESET about this malware, almost everytime i open new link in google chrome or when some apps or software of mine tries to connect to internet. I have followed some steps recommended by microsoft how to get rid of malware, didnt work. It looks like it is not even inside of my pc, cause those Malware detectors did not find it. I recently reinstalled my router firmware, did not help either. Maybe you will know what to do. Attached one of the warnings. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,272 Posted September 22, 2018 Administrators Share Posted September 22, 2018 Most likely you are using a compromised Mikrotik router. Please install the latest firmware and reset it to factory settings to resolve the issue. If that doesn't make any difference, theoretically it could be that the problem is at your ISP. Link to comment Share on other sites More sharing options...
Machine 0 Posted September 23, 2018 Author Share Posted September 23, 2018 Using a TP-Link router, i can try reseting to factory settings. Will see. Link to comment Share on other sites More sharing options...
Daedalus 16 Posted September 23, 2018 Share Posted September 23, 2018 It could also be your TP-Link router see this link for an list of impacted routers: https://www.tomsguide.com/us/vpnfilter-router-malware-check,news-27545.html You can also run this test: hxxp://www.symantec.com/filtercheck/ Link to comment Share on other sites More sharing options...
itman 1,748 Posted September 23, 2018 Share Posted September 23, 2018 44 minutes ago, Daedalus said: You can also run this test: hxxp://www.symantec.com/filtercheck/ Note the disclaimer: Quote If this tool finds that your router is not infected with the ssler plugin, your router may still be compromised by other threats or components of VPNFilter. Link to comment Share on other sites More sharing options...
itman 1,748 Posted September 23, 2018 Share Posted September 23, 2018 I will also add that VPNFilter malware only applies to Wi-FI routers to the best of my knowledge. So if your connected to an Ethernet based router via an Ethernet cable, I think router based VPNFilter malware can be ruled out as a cause for the Eset detection. Likewise if your using Wi-FI via a WAP connected to an Ethernet router, router based malware can be ruled as the source. Link to comment Share on other sites More sharing options...
Machine 0 Posted September 23, 2018 Author Share Posted September 23, 2018 Factory reset did not help, my router is in the list of affected ones, but since it is older version there is no new firmware to update. I am using Wi-fi router and we get this notification on multiple computers, so the problem is either router or ISP. Link to comment Share on other sites More sharing options...
Daedalus 16 Posted September 23, 2018 Share Posted September 23, 2018 You can see if OpenWRT does support your router: https://openwrt.org/toh/start And if so maybe install that on your router. I am using it too, works fine! Link to comment Share on other sites More sharing options...
Machine 0 Posted September 24, 2018 Author Share Posted September 24, 2018 Worked it out, problem was not on my side, one of my ISP routers was infected, but anyway thanks for help. Link to comment Share on other sites More sharing options...
Recommended Posts