Clean malware from a router

Last Updated on November 25, 2018 by Dave Farquhar

I see a few misleading articles out there promising to tell you how to scan your router for malware or viruses. Unfortunately they don’t really explain the problem. They also don’t explain the alternative way to solve the problem you want to solve. What you really want to do is clean malware from a router–and viruses too. And that’s something you can do pretty easily. For free.

Yes, that’s right. You won’t have to pay 50 bucks a year for a subscription to keep your router clean.

Why you can’t scan your router for malware

clean malware from a router
How do you keep malware off one of these? Reboot it a lot, and change its IP address. No need to pay 50 bucks.

A router has CPU, RAM, and an operating system like a regular computer. It’s a simple, low-power computer, but it’s still a computer. As such, it stands to reason you could get it to run viruses.

But most routers lack storage, at least in the way that we think of storage on a PC. So router-based malware or viruses generally don’t attempt to write themselves to disk. They just hang out in memory until the router reboots. Since most people don’t reboot their routers unless the power goes out, that’s fine. The malware can sit in memory for months or even years and nobody ever knows.

How to clean malware from a router

The two things router malware can do are steal processing power, and redirect your web traffic to malicious DNS servers.

To stop the former, schedule your router to reset once a week, if your router has that ability. If it doesn’t, make a habit of power cycling it once in a while.

To stop the latter, check your DNS settings. Switch them to Cleanbrowsing.org’s servers, which filter malware. The upshot of this is you’ll probably end up with better Internet connection speeds since Cleanbrowsing’s servers are probably much faster and more reliable than your ISP’s servers.

To make your router harder to infect, update its firmware or install DD-WRT if that’s possible. And if you’re using your router’s default username and password, change it to something else.

It also helps tremendously to move your router off 192.168.0.1 or 192.168.1.1. Just changing its address to 192.168.0.2 or 192.168.1.2 helps. Since more than 98% of home routers live on one of those two addresses, malware just assumes your router is at 192.168.0.1 or 192.168.1.1. If nothing is at those addresses to infect, then the malware just sits harmlessly.

So, even though you really can’t scan your router for malware, you can clean malware from a router, keep it from coming back, and improve your security dramatically.

If you found this post informative or helpful, please share it!