Lately, our desktop PC has problems getting results from Google. Any suggested “hit” goes to some random website. Ok, we figured our desktop PC has a virus of some sort. But, even when I bring home my work laptop (which I know is not infected) acts weird when I use Google at home via a wireless connection through my home’s router…but works fine at the office. What’s up with that? Can my router have a virus?
In theory it could through a firmware update but they don’t in real-life so let’s just say ‘No’ to this one.
I would have normally said this is so unlikely as to be for all intents and purposes impossible. But I decided to see if it’s ever happened, ever, and this was the first hit: http://tidystorm.com/423/the-redirect-virus-was-in-my-router/
In short, it’s not actually a virus in the router, but a virus on a PC connected to the router (which did not have its default password changed) and then changed the DNS server setting on it. I have to say this is entirely within the realm of possibility, and seems to match your described situation.
So … did you ever change your router’s admin password? If not (or heck, even if you did), check your router settings and look at the DNS server setting.
A router can get a virus. Most routers run some miniature version of linux, which is not 100 percent immune to viruses and such. Resetting the router (press the reset button or simply power cycle it) will reload the OS from the router’s firmware, which will usually wipe the virus out of the router.
As Shagnasty said it is theoretically possible that the virus could be loaded into the router’s firmware, but I’ve never actually heard of this happening in real life.
You may want to go into your router settings and see where it’s getting its DNS information from. It’s possible that someone simply hacked their way into your router’s settings and redirected its DNS requests. That doesn’t even require a virus.
Another possibility is that it’s not even your problem at all. Your ISP could be a victim of what is called DNS cache poisoning, where someone maliciously redirects your ISP’s local cache of DNS resolution addresses. If you have a known clean system, your router has been reset and its settings checked, and you still have a problem, then it’s probably a good time to check with your ISP and have them check their DNS server.
FWIW, I like OpenDNS.
Can’t anything that can store code get a virus? I would think so.
As eng_comp_geek mentioned, 99% guarantee that its the ISP’s fault. For instance, my dad gets his internet from Juno and whenever you type a wuery into firefox’s URL box it shows a search result page from Netzero. Just change the DNS settings in your network connection to 8.8.8.8 and that will fix everything.
Yeah, just trust Google… because they’d never “be evil.” Yeesh.
Sarcasms intended.
Good thoughts, but our iPhones use the same router from which we can Google just fine. How do you explain that?
My parent’s router had that last year. It was really annoying when I came to visit, and my laptop wasn’t working correctly (since I do a good job of keeping it clean). Running anti-virus/malware on my parent’s computer didn’t help, I had to do a complete reset of their router.
There’s a lot of missing information in this thread.
If your browser is indeed being re-directed, I’m sure it’s not going to a truly random site, that makes no sense. It’s likely re-directing to a site that you have never heard of or something similar.
[quote=]
when I bring home my work laptop (which I know is not infected) acts weird when I use Google
[/quote]
tells us next to nothing about what’s actually happening.
[quote=]
our iPhones use the same router from which we can Google just fine. How do you explain that?
[/quote]
I put my money on the router not being the issue, but your iPhone and your computer are totally different hardware sets with totally different software settings and limitations.
I’m leaning towards a DNS issue, and would hard reset the router just in case. Also clean the PC of any possible malware.
Google is the new Microsoft.
I’d say Apple is the new Microsoft, but that’s not really pertinent here.
Can you take a quick look at your .hosts file? I once had a virus overwrite it, so it would redirect certain addresses to phishing sites. (Cnn.com would go to something like cenn.com, an ad-generator, even though I painstakingly typed it out or used worked-before bookmarks.)
Or you could try pinging a website and then trying to connect by typing in the IP. If it still redirects, that’d be odd, but at least it would be a datapoint.
Google may be EVIL, but it’s not in their best interest to put out a DNS server that infects user’s machine or that otherwise works incorrectly. In fact, making sure you have access the entire Internet is kinda important to their main service of search provider. It’s not good if they give you results and then you can’t go to the page.