Sorry, but how can a virus hit a linux-based router? Given that the redirect is not made from all sites, I dare to assume that the blame for this garbage lies primarily on the administration of vulnerable sites.
P.S. And for the advice to reflash the router - thanks. The redirect did not stop, but finally the static routing started, which could not be cut as much as half a year in the asus.

Post has been editedBlackbusa - 06.03.12, 21:42

Blackbusa , you just try to do the reset when you change the firmware, the settings remain, I was so with Asus-n10.

You see, everything was decided.

I bought a new Asus rt-n56u router and left the old one in reserve, it will be flashed and packed!

I strongly advise Asus rt-n56u, he has 2 radio modules and Galaxy works at 5 GHz.

With the virus no longer met. Flight is normal!

How the virus enters the router is another story. Rutics are simply written there.

Rutics are prescribed, yes. If everything were so simple, the owners of routers would not get off with the usual redirect to websites with viruses in the attachments. Picked up various modes of operation of the opera in my Nokia E52, I found that this thing is a regular banner that chases after rewinding the page. And on the tablet, I did not start this nasty thing.
P.S. Oh yes, damn clear I completely dropped the router before stitching. In practice, I know that sometimes it is better not to regret 5-10 minutes and adjust everything anew.

Post has been editedBlackbusa - 07.03.12, 14:43

everything would be so ... but I also had the same ambush with the redirect on the iPad. And there a priori this can not be! : sveta:

Why can not? The vulnerability of the browser and javascript is used, that's all :). I do not completely rule out the possibility of a problem only in a router, but I consider this unlikely. If hacking was so simple, then the security guards would have long since torn their hair from paranoia. I checked the same sites from the phone now - indecency stopped by itself.

Post has been editedBlackbusa - 07.03.12, 16:09

Now I have 2 routers.

He put the old, without flashing, the problem appeared. Put new - the problem disappeared.

It is hardly a problem in the router’s firmware itself, since there is a lot of chopped linux kernel. Perhaps the problem is this:

There is such an applicationwifi kill, which can, through a certain vulnerability, conduct attacks on wifi routers, thereby disconnecting other users from them, intercepting cookies(well, this is already droidsheep)including redirect to a specific IP. Almost all are restored by rebooting. Hard reset should return to 99.9% of performance.
So, in my opinion, the problem is in your LAN. See who it carries the Trojan (PC, smart, PDA, etc.).

By the wayherehijackers detection application

I suppose it's a matter of infecting one of the hop routes on the route. And all the cases, how to deal - xs, routing control - not mine.

atomicsam, try here Android + PC = Internet the guys ask, can prompt.

PanM001,
I have no such problems, but somehow I met with such redirects at work — the proxy on the provider side was hacked into the investigation. one more time already at home - kulp culpability - the virus rewrote DNSy. well, in fact, once met with a massive infection - a redirect was immediately written to the heder, I suppose just one of the hopes. one of the proofs: when switching to the https protocol, all redirects flew right away.

Yes, I see people have already guessed that it was in the router, I also dropped the router by typing and everything fell into place :)

For me, rebooting the router to the factory settings for several reasons was not possible.

The solution is the following: we force the DNS from Google 8.8.8.8 and 8.8.4.4

I helped, advertising disappeared: rolleyes:

Helped: reset to default settings, fresh firmware. Then returned the user settings.
ASUS WL-520GU router. : thank_you:

Flew on this problem.
Details here:
Questions beginner (Post # 12436963)
Tablet - Notion Inc. Adam. In the network goes through tridzhi. So the flashing of the router will not save - it is not voosche. The problem on all browsers, which are on the tablet, and only in the address of one site.
I took a smart vinmob from the shelf - and on it a forced redirect.
Above write that a complete reset does not help - it is clear, since this reptile can cling to different OSes.
How to be? Yes, if hardrezet helped, and this baidu again screwed - each time hardrezitsya?
Ambush. Apparently, hackers have learned how to infect not mobile devices, but sites. And the treatment is not yet visible.

Post has been editedMNG - 05.04.12, 22:46

MNG,
And how does he come to the site with BB? Fine? Tried in the opera, for example, put a tick to present a desktop browser?

Gridzilla, with BB, you can still go.
And on the tablet, manipulations with browsers, attempts to outsmart the trap of the result do not give - nothing helps - it gets out of the trap. The site with a plastnet not to get.
In my opinion, the new situation. Previously, extortionists created trap sites. If you don’t want to go, don’t go to unfamiliar resources. So now, they hang their tops on working sites. That is, a normal, thematic site is turned into a virus.
Moreover, what is dangerous - they also allow the site to work, the participants log in from the BB, the site is functioning. And if someone looks from the tablet - here these reketers are waiting.
Actually, because of these freaks, I cannot get to the site for several days, which my friends and I pay for together. To find out the status of the site, you have to go to friends, as I have an Internet only on the tablet.
Lousy situation, even a lawyer hire. Although, why a lawyer, the situation is absolutely clear, according to the same law on the protection of personal data. We need a solution .... It can spread the addresses to which the fraudsters redirect - maybe someone from decent programmers and squeeze bastards. At least something ...

Post has been editedMNG - 06.04.12, 17:35