Avast Says My Router is Infected – How to Fix?
When you connect to the internet, your network could be hijacked, and your device can be hacked. This can also happen to your router. It can be used by cyber-criminals to push your system into a corner and steal your confidential data.
Antiviruses such as Avast are specifically made to detect these intrusions, warn you, and ideally quarantine them. After that, you can deal with the problem in whatever way you see fit.
In this article, we’ll be dealing with Avast’s red flags and how to deal with them.
Also, bear in mind, in many cases we’re talking about false positives. And, let’s all admit it, false positives are some quite controversial slips. While some view them as glitches in the Matrix, others deem them to be strategic errors, forcing your hand to buy the premium package.
Which is a preposterous and clearly over-the-top theory. I mean, who would do that?
After that, I’ll point out the necessary steps you have to take in order to change your router DNS settings to avoid any hijacking in the future.
1. Plan A
When Avast tells you that your router has been compromised and that your network connections are being routed through a malicious remote server, it will stop all ongoing activities and stop you from using the router.
What can you do?
Firstly, you will need to check every connection that leads to the router and then perform a full factory reset. Change the admin password as well and never use the old one again.
After you finish doing this, you will need to go to the Internet Setup. Change the primary settings option from DNS 1 to 18.104.22.168. As for the secondary setting option, change it from DNS 2 to 22.214.171.124. Then, hit Save and Apply.
Click on Ok, and after a few moments, the changes will take effect. If you want to see if your router is still “infected”, run an Avast scan again.
2. Plan B
The second solution that will work pretty much all the time except when you actually have a security issue on your hands is to buy the premium Avast version. Update the app and get the SecureDNS feature.
This way, you’ll get rid of all false-positive alarms (I know, right? That’s a big fucking coincidence, if I’ve ever seen one) and receive even more security features to safeguard your important data. If you want some serious protection, then you have to realize that free tools are not exactly very efficient.
3. Plan C
If you have the SecureDNS feature activated and you’re still getting the warning that your router is infected, then disable your internet connection now.
Update your router firmware to get updates and counter this issue. You can even change it completely to make sure nothing like this will ever appear in the future. There were obvious chinks in the cyber-shield that the old version was using, so changing it should prove to be the best solution.
You can also ask for help from the customer support or from the Avast technicians. They will come to your place, see what the problem is and come up with a reasonable solution without the hassle that you would have gone through.
This is basically all you have to do to get rid of the pesky money-whoring tactic that Avast probably uses in the form of these false-positives.
However, you could also have a real cyber-attack on your hands, and there’s no fucking around with them.
As such, let’s see how you can…
4. Change your router DNS settings
When the Avast Home Network Security tracks down an intrusive virus worming its way through your router, the notification you’ll receive will look something like this:
When Avast shows you this, it means your router is already emanating the rotten odor of death, that it’s already starting to decompose. Your DNS settings have been changed so as to provide important data and unrestrained access to your device.
Usually, when cyber-thieves manage to override your internet security protocols and exploit your router vulnerabilities, they will modify the DNS settings and reroute your internet traffic to rogue servers.
This is called a man-in-the-middle attack. Why it so dangerous?
Because your DNS or Domain Name System carries your IP signature. It’s just like a phone book that lists your real identity, your credentials and confidential data that make up your online persona.
The DNS is responsible for the identification of all the computers, services, websites or pretty any other resource on the web.
What happens is that you will be redirected to a corrupt version of the website you’re trying to access. You won’t be dealing with Jewish Jesus anymore. Nope, this time it’s the Latino Jesus you’ll be meeting, bending you over in the prison showers, and I’m not talking for praying purposes.
Every bit of information can be stolen at that moment, even your banking information, all your credentials you ever used, and other confidential data. I’m not entirely sure about your virginity as well. Depends where you end up. It might be your virginity too.
What’s more, this man-in-the-middle attack will spread its influence on the SSL and HTTPS security protocols. So, checking to see if a website is secure is actually useless because the virus can cut through this screening like hot knife cuts through butter.
One of the most probable causes of this infection is that many people don’t change their router’s default password. The factory credentials are very weak and are actually not intended to be used, merely to act as a temporary form of protection until you change them.
Solving this problem takes a bit of time but it’s nothing overly-complicated, and you can do this while sipping on the morning coffee or doing the morning jerk-off, whatever wakes you up better.
1. Configuring Asus wireless routers
- In order to change the DNS settings of an Asus router, follow the next steps:
- Go to the Wi-Fi Security results screen, then select Go to your router settings. This will open your router’s admin page
- Enter your credentials
- Go to Advanced Settings, then WAN – DDNS, and then check if the Enable the DDNS client setting is set to No
- Go to Advanced Settings – WAN – Internet Connection
- If you can input an automatic configuration and if the ISP allows this, then change the WAN Connection Type to Automatic IP or Dynamic IP. Next, you should make sure that all your DNS servers records are blank or if they’re set to 0.0.0.0.
- If you cannot automatically configure your router, which is to that your WAN Connection Type is set to Static IP, then fill in the DNS server fields with good IP addresses of secure DNS servers
- Confirm these changes. Click on Apply, then reboot your router
3. Configuring Netgear wireless routers
Netgear routers have a few differences in terms of settings but the changes essentially remain the same. This is what you have to do:
- From the Wi-Fi security screen, select the Go to your router settings option
- Enter your username or password. If you don’t know them, contact your router’s provider and ask for the credentials
- Go to Advanced – Advanced Setup – Dynamic DNS to make sure that the Use a Dynamic DNS service option is unchecked
- Go to Basic – Internet – Domain Name Server (DNS) Address
- From there, you will have to change your Internet IP address to Get Dynamically from ISP, only if your ISP supports automatic configuration
- If you can’t set an automatic configuration, then fill in the DNS server fields with a reliable IP address of a DNS server that you can get, for example, from Google Public DNS
Hit Apply, then reboot your router
As for Linksys/Cisco, ZyXEL, TP-LINK, Huawei, D-Link, and Sagem/Sagemcom routers, the changes remain essentially the same, so the instructions will have the same steps.
Furthermore, some users have said that the UPnP option has to be disabled and that you should do any port forwarding manually. Having this option enabled means that your device is made public for any other devices to notice, and this increases your chances of being hacked.
It’s better to keep yourself anonymous and out of the public eye for as much as possible. Latino Jesus is watching. You don’t want him to spot you.