A scan with Avast revealed that our router had been infected. A notice further reads:

"Your router has been compromised and your network connections are being routed through a malicious remote server". Part of another message reads: "Your router has been hacked and its DNS settings have been modified to serve malicious contents".

I immediately changed the router password via the TP-Link page on my browser (192.168.0.1).

Besides performing a firmware update to our router, is there anything else that you would recommend that I do?

Our router is:

TP-Link Wireless N Gigabit Router

Model: TL-WR1043ND Version 2

in case you haven't gone to the Avast website, this is from their site; https://help.avast.com/en/ws_android/1/tp-link/howto_dns_hijack.html#solution

Thank you for that, Razz & mta. Never had even run that scan with Avast. Came back OK.

Got a new router from my isp a while back, have not learned to trust it yet.

Feel better now.

Can't a phone call to the ISP reset the router and input a new password (that's part of what you're paying them for).

tvm for the link mta. I'll update the firmware and then proceed with configuration according to the instructions. Thanks again.

@ login: glad you feel better now Hopefully I will too soon.

Note: In case you haven't yet, it's a very good idea to change your password from the password that it was shipped with (usually "admin").

Can't a phone call to the ISP reset the router and input a new password (that's part of what you're paying them for).

Is that not only if your router was supplied by you ISP? We purchased ours from another source. Only the modem was supplied by our ISP.

"The password is...1...2...3...4...5..."

President Screwball - "That's amazing! I have the same password for my luggage!"

"The password is...1...2...3...4...5..."

President Screwball - "That's amazing! I have the same password for my luggage!"

tvm for the link mta. I'll update the firmware and then proceed with configuration according to the instructions. Thanks again.

@ login: glad you feel better now Hopefully I will too soon.

Note: In case you haven't yet, it's a very good idea to change your password from the password that it was shipped with (usually "admin").

Thanks for the reply. My isp recently replaced the old router I purchased with one they supply. The old one was out of date (imagine that, on a system of mine ) so I just allowed them to replace it. I could control anything I wanted in the old one, not so much on the new one. I checked everything I know how, and did fix the password, but don't completely trust it yet.

So the Avast scan made me feel better.

Fwiw, I think Corona's reply was a joke.

Am pretty sure of that, but my conclusion is not based on any quantitative empirical data.

A router firmware update won't necessarily change DNS settings. Check them manually! Usually you'll want to have it set to obtain DNS server addresses automatically from the ISP (DHCP feature). In rare cases (like the ISP DNS servers are unreliable) you might use OpenDNS or Google settings.

Thank you aBoijj, I'm all set.

The 2 posts circled are identical as far as I can tell, except in different forums.

Same URL, same content, etc. How can this be?

Am I seeing double double? Is a forum software glitch?

Don't think razz double posted.

No you aren't seeing double as I can see it too.

Usually when a post is moved to another area of the forum (e.g. Lounge to Win Security) it isn't seen in the original area, just the new area.

Not sure what happened here but it's gone now from the lounge to post heaven

I think the forum software is perhaps auto-cleaning itself as I've seen moved posts before with a link still in the improper forum area it was originally posted in.

Or someone is doing it. Not me though!

It was probably an expiring redirect.

As a mod on another forum (vBullitin based) I occasionaly move threads from one forum to another.

When I move a thread there are options to leave a redirect from the original location, and you can set these to expire after a set time (no redirect, 1 day, 1 week, 1 month, permanent).

This is partly so that anyone who has bookmarked (or subscribed to) the original location will be redirected to the new location.

It does leave the same thread showing in both locations until the redirect expires, but there is only one thread in reality.

As I say that's with vBulletin but I assume it's the same with IPBoard.

There's no options for us when moving here at least using IPB, you have the option to leave a link to the original location but no expiration time limit is available.