Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

drudgereport.com redirection

Posted on 2014-02-06
6
Medium Priority
?
1,196 Views
Last Modified: 2014-02-11
DrudgeReport.com RedirectedDefault Home Page in IEIE LAN SettingsHi,
  I have a strange situation with this user's Windows 7 PC.
  He as two browsers - IE and Firefox. Recently this computer was attacked by some type of viruses and it planted some stuff in Proxy settings, so I had to clear those in both browsers.
  Now the problem is that even if I set the home page to http://www.drudgereport.com/ on both IE and Firefox, when I open them, it displays an error screen like above screenshots.
  I can visit ESPN.com, YAHOO.com w/o a problem.
  The reason "Proxy server" section looks recessed is because I ran GPEDIT and disabled it so that no one can add anything to proxy server section.

  Can you help?
0
Comment
Question by:sglee
  • 2
  • 2
  • 2
6 Comments
 
LVL 8

Accepted Solution

by:
Chris Wong earned 1000 total points
ID: 39841031
0
 

Author Comment

by:sglee
ID: 39841044
SearchConduit malware taken over ChromeChrome Search Engine SettingYes They subscribe to AT&T  DSL Service. I just ran NSLOOKUP and it showed:
C:\Users\Brent>nslookup ibm.com
Server:  dsldevice.att.net
Address:  192.168.1.254

I also just installed Google Chrome and I can browse www.drudgereport.com.
Now I am just confused as to why Google Chrome does something different from IE and Firefox.
Also I noticed that this computer is infected with SearchConduit malware. Even though I set default URL to google.com in Chrome, it displays something else like screenshot.
0
 
LVL 8

Assisted Solution

by:Chris Wong
Chris Wong earned 1000 total points
ID: 39841093
Conduit Search – Virus Removal Guide

http://malwaretips.com/blogs/remove-conduit-search-virus/
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 1000 total points
ID: 39841226
You can remove Conduit in 'Uninstall programs' but you also need to change the default home page and search engine too.  Just did that on a client's computer this evening.  And usually if you have Conduit, you also have several of it's 'friends'.  My client had 6 different installs from yesterday and she said she didn't install anything on purpose.  I just looked at the install dates in the Add/Remove Programs list to find them.
0
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 1000 total points
ID: 39841231
This info is just telling that ATT forces DNS lookups to go thru their service.  I've seen this on other AT&T modems.  I have a Netgear router that does that also.  It screws up the 'nslookup' program but still allows 'normal' DNS queries to go thru.
C:\Users\Brent>nslookup ibm.com
Server:  dsldevice.att.net
Address:  192.168.1.254

Open in new window

0
 

Author Comment

by:sglee
ID: 39841566
Update:
I found an article on google regarding SearchConduit. It suggested that I use CCleaner. So I downloaded it and ran it and and it worked.
IE and Firefox displays drudgereport.com as home page upon start.
This computer has spydoctor anti-virus program installed, but when it scans the hard drive,  it does not catch SearchConduit as virus or malware.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

879 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question