Tom's Guide > Forum > Windows XP > Windows XP General Discussion > Need Help Mystery Bug

Need Help Mystery Bug

Forum Windows XP : Windows XP General Discussion - Need Help Mystery Bug

TomsGuide.com: Over 800,000 questions and answers to address all your high-tech questions. Sign up now! Its free!

Related content
News

See all topics related to "tomshardware"

Does anyone know of some virus or malware that changes the IP address within a home network? When I ipconfig /all, it shows that my IP address and default gateway IP have changed the 3rd octet from .0 to .15

Unless I manually change my TCP/IP settings, I can't even access the router. My ISP is good. I've run all the anti-virus and spyware apps under the sun, tried MS malicious software remover, updated the firmware on the router and had Norton Internet Security Suite 2007 updated and running before all this happened.

Thanks for whatever info you can provide.

Add a reply

I've not seen that before but I have seen malware which adds some dodgy DNS servers to your network settings.

Are you using DHCP ?

Reply to hubbardt

The only time I have seen this in the past is when the user has installed a application that masks there IP adress from the web (example Surf Anonymously), there are others. If this is not the case you could try a reset on your router (will bring it back to factory settings) And you can also try removing all the protocals on your network card then re-install the protocals (sometimes programs like AOL will add there own protocals to your network card).

Reply to pcjim

Quote :

I've not seen that before but I have seen malware which adds some dodgy DNS servers to your network settings.

Are you using DHCP ?

Yes, I was using DHCP. It did change my DNS server, too. It seemed to move across my network to my other two computers, both of which had firewall, AV, and active anti-spyware running. I was using NIS 2007 on one and Zone Alarm Security Suite on the other, all kept up to date.

It changed the third octet from the default .0 to .15 on the individual IPs, default gateway and dns server.

I had to manually change the TCP/IP settings from auto to static using the former default IPs and unused client IP. The closest thing I've been able to find was some form of Sasser worm?

My email provider has good Kaspersky AV protection, and although possible, I have a hard time believing it got past that and the security on my PCs. I'd like to be able to pinpoint how it got on my computers and if the damage is only annoying or if it is actively stealing personal data.

pcjum - I don't use AOL. The only masking app that might do something like that is a feature from NIS 2007? This did it on its own out of the blue and from nothing I did manually. I did reset the router and even flashed it to the latest firmware. I ran MS malicious software remover, all NIS scans, loaded AVG and scanned, Ad-Aware, Spybot, and they all came up clean.

The one thing I haven't tried yet is using BartPE and run an AV scan with that. I've never used BartPE and not sure if this would even make a difference.

Thanks for the replies.

Reply to JackM

reinstall the software that came with the router....... after removing the old install.

Reply to danny616

Ask the community Add a reply

Tom's Guide > Forum > Windows XP > Windows XP General Discussion > Need Help Mystery Bug

Go to:

Help |
Forum rules

There are 10 identified and unidentified users. To see the list of identified users, Click here.

Page generated in 0.529 seconds

Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel

Google ads