drudgereport.com redirection

DrudgeReport.com RedirectedDefault Home Page in IEIE LAN SettingsHi,
  I have a strange situation with this user's Windows 7 PC.
  He as two browsers - IE and Firefox. Recently this computer was attacked by some type of viruses and it planted some stuff in Proxy settings, so I had to clear those in both browsers.
  Now the problem is that even if I set the home page to http://www.drudgereport.com/ on both IE and Firefox, when I open them, it displays an error screen like above screenshots.
  I can visit ESPN.com, YAHOO.com w/o a problem.
  The reason "Proxy server" section looks recessed is because I ran GPEDIT and disabled it so that no one can add anything to proxy server section.

  Can you help?
sgleeAsked:
Who is Participating?
 
sgleeAuthor Commented:
SearchConduit malware taken over ChromeChrome Search Engine SettingYes They subscribe to AT&T  DSL Service. I just ran NSLOOKUP and it showed:
C:\Users\Brent>nslookup ibm.com
Server:  dsldevice.att.net
Address:  192.168.1.254

I also just installed Google Chrome and I can browse www.drudgereport.com.
Now I am just confused as to why Google Chrome does something different from IE and Firefox.
Also I noticed that this computer is infected with SearchConduit malware. Even though I set default URL to google.com in Chrome, it displays something else like screenshot.
0
 
Chris WongConnect With a Mentor Commented:
Conduit Search – Virus Removal Guide

http://malwaretips.com/blogs/remove-conduit-search-virus/
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
Dave BaldwinConnect With a Mentor Fixer of ProblemsCommented:
You can remove Conduit in 'Uninstall programs' but you also need to change the default home page and search engine too.  Just did that on a client's computer this evening.  And usually if you have Conduit, you also have several of it's 'friends'.  My client had 6 different installs from yesterday and she said she didn't install anything on purpose.  I just looked at the install dates in the Add/Remove Programs list to find them.
0
 
Dave BaldwinConnect With a Mentor Fixer of ProblemsCommented:
This info is just telling that ATT forces DNS lookups to go thru their service.  I've seen this on other AT&T modems.  I have a Netgear router that does that also.  It screws up the 'nslookup' program but still allows 'normal' DNS queries to go thru.
C:\Users\Brent>nslookup ibm.com
Server:  dsldevice.att.net
Address:  192.168.1.254

Open in new window

0
 
sgleeAuthor Commented:
Update:
I found an article on google regarding SearchConduit. It suggested that I use CCleaner. So I downloaded it and ran it and and it worked.
IE and Firefox displays drudgereport.com as home page upon start.
This computer has spydoctor anti-virus program installed, but when it scans the hard drive,  it does not catch SearchConduit as virus or malware.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.