One of my clients had a a problem in their business office last week. Intermittently, they would get an unsafe message about a web site the company has been using for years. We know it’s safe and some of their computers were fine on this site. All sorts of things were checked on this computer with the problem. The web browser was thoroughly checked and every cache item cleaned. All temp files was cleaned and unused programs were removed. It was scanned for malware and nothing was located. I started looking at the DNS settings and found a pecular name server as the primary and the secondary was odd as well. It was pointing to a Moscow, Russia ISP. There was no reason for this because it’s too far away to offer fast response and we don’t know how safe it’s results would be. Now I had to find the source. After investigating I found it on a router in their office and no one knew how it got there. Once I changed it to something safe in the US, the browsing errors were gone.
Why is it set to a server in Moscow, Russia?
