Hey I'm infected and I can't find any information on how to get rid of it. I have a paid subscription to BidDefender Antivirus Plus 2017 and it doesn't detect it. Malwarebytes also doesn't detect it! Here's what I know: It effects Chrome, Edge, IE when I do a search it takes me to a different page than Google Search. When I open a new tab it sometimes (not all the time) takes me to a random page.
I found this under "Local Area Network (LAN) Settings/Automatic Configuration"
Use automatic configuration script was checked with the following address: http://noblok.biz/wpad.dat?29aeff2ae067ce295fdcbd033cba7b2027354439
I unchecked the box and erased the address, however when I go back into the settings the box remains unchecked but the address is still there "Grayed out, but still there"
Under "Internet Properties/Content/Certificates/Trusted Root Certification Authorities" I found this:
Issued To: noblok.biz
What virus/malware/etc is this? How do I get rid of this? How do I find out if there are other Malicious "Trusted" Certificates, etc? How do I permanently erase the Address under Automatic Configuration?
I'm running Windows 10 on a brand new HP OMEN 15-ax243dx