|FYI - Our company, which has a wireless ISP with 15 IPs, was also affected by the "Huo99.com" or "123.huo99.com" Google redirection starting December 3rd 2010. |
After 6 weeks of intense scrutinization and scanning of all our servers and workstations, we were at our wits end trying to locate it.We then tested our Sonicwall TZ210W for possible contamination by performing various tests including restoring it to default settings, disconnecting out network, and plugging a single laptop to the Sonicwall and creating a single gateway - the redirection still occurred.
We then bypassed the Sonicwall with the laptop, assigning the laptop a single IP and ISP gateway settings. The redirection still occurred providing us with the confidence that our Sonicwall was clean. In addition we tested our Internet DNS servers from outside our office and found no trace of the redirection, thus indicating that the contamination may be in our ISPs network.
We then contacted our ISP.
Tests by our ISP indicated that their router attached to our antenna was compromised (breached). Their tech reset their router/converter and the redirect issue cleared up entirely.
We hope this helps anyone who has this nasty rouge redirecting issue