Msftconnecttest redirect (Free Instructions) - 2023 update

by Gabriel E. Hall - - | Type: Malware

Msftconnecttest redirect Removal Guide

What is Msftconnecttest redirect?

Msftconnecttest redirect: what is it, and how to fix it?

Msftconnecttest redirectMsftconnecttest redirect is an error that users encounter when their DNS settings get hijacked by cybercriminals

Msftconnecttest redirect is a phenomenon that users are facing for several years now. According to them, all of a sudden, their Google Chrome, Mozilla Firefox, Safari, MS Edge, or another browser can not correctly connect to the internet, and instead delivers “http://msftconnecttest.com/redirect” error message. Additionally, it was reported that a suspicious connecttest.txt file is attempted to be downloaded. The connectivity issues also prevent users from downloading security software to check the system for malware.[1]

It was reported that the web browsers begin random redirects to msftconnecttest.com, which displays a message asking to download and install an application “COVID-19 Inform App” allegedly developed by the WHO (World Health Organization) to keep up with the coronavirus pandemic.

It is easy to assume that the redirect is not something legitimate and suspicious. It is the case in many situations – the reason is often related to DNS hijacking, where hackers meddle with the router's settings, changing the channels the internet is delivered through. 109.234.35.230 and 94.103.82.249 are known malicious DNS servers used by cybercriminals to deliver fake messages to users.[2]

In other cases, however, Msftconnecttest can relate to legitimate Microsoft domain that regular users should not be able to access, and issues usually arise due to internet connectivity problems or incorrectly set network settings. Regardless of which problem you are dealing with, we provide answers for both situations.

Name Msftconnecttest redirect
Type Potentially unwanted program/redirect virus/adware
Platform Windows OS
Symptoms Disables access to particular websites; blocks the downloading of some software, e.g., antivirus; changes DNS settings; attempts to install Oski info-stealing Trojan via a fake COVID-19 information app
Relations azureedge.net, 109.234.35.230 and 94.103.82.249 DNS servers, connecttest.txt
Distribution The delivery methods of DNS hijacking are unknown, although it is speculated that the attack is performed via weakly protected Remote Desktop (RDP) connections
Elimination Eliminate the malicious DNS settings by accessing your router administrator's panel or internet settings. If you clicked on suspicious files, you should also perform a full system scan with anti-malware software – more details below
Fix tool If you have infected your computer with malware, you should get rid of it and then perform a full system scan with FortectIntego to repair the system damage

That is Msftconnecttest.com?

Originally, Msftconnecttest.com is a legitimate domain used by Microsoft to send probes to a computer – it shows the connectivity status. This is done to check whether the machine is actively using the internet or not. If the server receives a failed request via the “Microsoft Connect Test,” it warns users about connection problems.

However, those with the suspicious redirect problem will not be rerouted via the official Microsoft IP address but one that is under the attacker's control. As a result, users see a completely different landing address that can be configured by hackers. In some cases,

Currently, there are no exact details about how attackers manage to gain access to users' routers. However, there have been several reports from the infected users that they did have a Remote Desktop connection open. This way, the attackers can scan the internet and access the router or computer via the default port. Thus, to mitigate this attack, you should never leave your RDP visible.

Those who are affected by the Msftconnecttest redirect hijack will not see the official MSN.com or any other website for that matter. Instead, they will be shown a suspicious notification that reads:

COVID-19 Information App

Install this app, to have the latest information and instructions about coronavirus (COVID-19).

World Health Organization.
Part of the U.N. Sustainable Development Group.

It is not a surprise that this scam is not the only one that attempts to push malware through fake emails, ads, and redirects, which allegedly provides information on the coronavirus pandemic situation.[3] Malicious actors want to abuse the concerns about the global crisis – ransomware attacks have plagued the health sector, despite the increasing workloads.[4]

Msftconnecttest redirect virusMsftconnecttest redirect is an issue might result in Oski Trojan infection

Those who get tricked by this message and downloads the alleged COVID-19 app, instead infect their machines with Oski Trojan. This malware can steal a variety of information once installed, including browser cookies, login credentials, F2A databases, text files, crypto wallets, and more. As a result, the infected users can suffer serious privacy issues to the point where they could lose their identity. Therefore, it is important to stop the redirect and never download anything offered.

In case malware was indeed installed, Msftconnecttest redirect removal should be first performed with powerful anti-malware, such as SpyHunter 5Combo Cleaner or Malwarebytes. Since a Trojan infection can seriously impact system files, resulting in crashes and other stability issues, experts also recommend using FortectIntego to fix virus damage.

DNS hijacking – a rather rare but dangerous practice

DNS hijacking is something that does not come along often, although tools like DNS Unlocker has caused major issues to users in the past. DNS, or a Domain Name System, is users to convert IP addresses into domain names – it would not be possible to access any website by typing in an URL without it. In other words, you would have to know the IP address of every website to visit it (a real pain, indeed).

DNS address can be provided by your ISP or set to come from another provider, such as Google. By using different DNS, you can bypass certain restrictions. On the contrary, cybercriminals might use this practice in order to restrict their internet access, deliver intrusive advertisements, or redirect them to malware-laden websites.

In most cases, the malware installed on the computer behind users' backs is the culprit of unsolicited changes made to DNS servers. Nonetheless, the attackers can access router settings via other channels, such as RDP or unprotected WiFi connection.

Thus, be careful with potentially unwanted programs, as they might change DNS settings without permission. When installing new apps/freeware from third parties, always pick Advanced/Custom installation settings when prompted, decline all the offers, read the fine print, and remove all the ticks from pre-checked checkboxes.

Deal with suspicious redirects

Msftconnecttest redirect removal is necessary not only for the normal operation of the computer but also for your own safety. There are several steps that you can take to do that, although the most important thing is to eliminate the Oski Trojan if such was installed on your system. For that, scan your machine with powerful anti-malware software – we recommend SpyHunter 5Combo Cleaner or Malwarebytes. In case you experience crashes, errors, and other Windows issues, you can employ FortectIntego to fix them automatically.

Once you are sure that the malware is eliminated and your computer is clean, you should then remove Msftconnecttest redirect problems. First of all, you need to ensure that you delete the DNS settings applied by the attackers. To do that, you can either reset your network components or change the DNS manually (alternatively, you can access your router's Administrator's panel) and change the settings from there. Here's how to do that:

  • Right-click on Start and select Settings
  • Go to Network & Internet and select Ethernet on the left
  • On the right, pick Change adapter options
  • Right-click on your connection and select Properties
  • Select Internet Protocol Version 4 (TCP/IPv4) and pick Properties
  • Check Obtain DNS server automatically and click OK.

Msftconnecttest redirect DNS settingsChange your DNS settings back to default

Once you change the DNS settings, you should reboot all your devices connected to the network, including gaming consoles, laptops, tablets, phones, etc. Finally, you should reset all the installed web browsers, change all the passwords for all your accounts, employ a secure password-managing app, and enable two-factor authentication where possible.

Other ways to fix the issue that could be useful if your DNS was already correct and no proxy was set up before:

  • Check your network settings on your device and ensure that the correct network is selected and that the settings are correct.
  • Disconnect and reconnect to your network.
  • Restart your router or modem.
  • Follow the instructions below to clean your browsers and remove any suspicious extensions or apps.
  • If the problem persists, contact your internet service provider or a technical support representative for assistance in resolving the issue.

You may remove virus damage with a help of FortectIntego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

Offer
do it now!
Download
Fortect Happiness
Guarantee Download
Intego Happiness
Guarantee
Compatible with Microsoft Windows Compatible with macOS
What to do if failed?
If you failed to fix virus damage using Fortect Intego, submit a question to our support team and provide as much details as possible.
Fortect Intego has a free limited scanner. Fortect Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Fortect review | Terms of Use | Privacy policy | Refund Policy | Uninstall guide
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Fortect, try running SpyHunter 5.
Download SpyHunter 5 Review »
Privacy policy | Terms of Use | Product Refund Policy | Uninstall Instructions
Malwarebytes
Download | Review | Privacy policy | Terms of Use | Product Refund Policy | Uninstall Instructions
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.
Download Combo Cleaner Review »
Privacy policy | Terms of Use | Product Refund Policy | Uninstall Instructions

Getting rid of Msftconnecttest redirect. Follow these steps

Uninstall from Windows

Instructions for Windows 10/8  machines:

  1. Enter Control Panel into Windows search box and hit Enter or click on the search result.
  2. Under Programs, select Uninstall a program. Uninstall from Windows 1
  3. From the list, find the entry of the suspicious program.
  4. Right-click on the application and select Uninstall.
  5. If User Account Control shows up, click Yes.
  6. Wait till uninstallation process is complete and click OK. Uninstall from Windows 2

If you are Windows 7/XP user, proceed with the following instructions:

  1. Click on Windows Start > Control Panel located on the right pane (if you are Windows XP user, click on Add/Remove Programs).
  2. In Control Panel, select Programs > Uninstall a program. Uninstall from Windows 7/XP
  3. Pick the unwanted application by clicking on it once.
  4. At the top, click Uninstall/Change.
  5. In the confirmation prompt, pick Yes.
  6. Click OK once the removal process is finished.

Remove from Google Chrome

Delete malicious extensions from Google Chrome:

  1. Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
  2. In the newly opened window, you will see all the installed extensions. Uninstall all the suspicious plugins that might be related to the unwanted program by clicking Remove. Remove extensions from Chrome

Clear cache and web data from Chrome:

  1. Click on Menu and pick Settings.
  2. Under Privacy and security, select Clear browsing data.
  3. Select Browsing history, Cookies and other site data, as well as Cached images and files.
  4. Click Clear data. Clear cache and web data from Chrome

Change your homepage:

  1. Click menu and choose Settings.
  2. Look for a suspicious site in the On startup section.
  3. Click on Open a specific or set of pages and click on three dots to find the Remove option.

Reset Google Chrome:

If the previous methods did not help you, reset Google Chrome to eliminate all the unwanted components:

  1. Click on Menu and select Settings.
  2. In the Settings, scroll down and click Advanced.
  3. Scroll down and locate Reset and clean up section.
  4. Now click Restore settings to their original defaults.
  5. Confirm with Reset settings. Reset Chrome 2

Remove from Microsoft Edge

Delete unwanted extensions from MS Edge:

  1. Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
  2. From the list, pick the extension and click on the Gear icon.
  3. Click on Uninstall at the bottom. Remove extensions from Edge

Clear cookies and other browser data:

  1. Click on the Menu (three horizontal dots at the top-right of the browser window) and select Privacy & security.
  2. Under Clear browsing data, pick Choose what to clear.
  3. Select everything (apart from passwords, although you might want to include Media licenses as well, if applicable) and click on Clear. Clear Edge browsing data

Restore new tab and homepage settings:

  1. Click the menu icon and choose Settings.
  2. Then find On startup section.
  3. Click Disable if you found any suspicious domain.

Reset MS Edge if the above steps did not work:

  1. Press on Ctrl + Shift + Esc to open Task Manager.
  2. Click on More details arrow at the bottom of the window.
  3. Select Details tab.
  4. Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running. Reset MS Edge

If this solution failed to help you, you need to use an advanced Edge reset method. Note that you need to backup your data before proceeding.

  1. Find the following folder on your computer: C:\\Users\\%username%\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  2. Press Ctrl + A on your keyboard to select all folders.
  3. Right-click on them and pick Delete Advanced MS Edge reset 1
  4. Now right-click on the Start button and pick Windows PowerShell (Admin).
  5. When the new window opens, copy and paste the following command, and then press Enter:

    Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\\AppXManifest.xml” -Verbose Advanced MS Edge reset 2

Instructions for Chromium-based Edge

Delete extensions from MS Edge (Chromium):

  1. Open Edge and click select Settings > Extensions.
  2. Delete unwanted extensions by clicking Remove. Remove extensions from Chromium Edge

Clear cache and site data:

  1. Click on Menu and go to Settings.
  2. Select Privacy, search and services.
  3. Under Clear browsing data, pick Choose what to clear.
  4. Under Time range, pick All time.
  5. Select Clear now. Clear browser data from Chroum Edge

Reset Chromium-based MS Edge:

  1. Click on Menu and select Settings.
  2. On the left side, pick Reset settings.
  3. Select Restore settings to their default values.
  4. Confirm with Reset. Reset Chromium Edge

Remove from Mozilla Firefox (FF)

Remove dangerous extensions:

  1. Open Mozilla Firefox browser and click on the Menu (three horizontal lines at the top-right of the window).
  2. Select Add-ons.
  3. In here, select unwanted plugin and click Remove. Remove extensions from Firefox

Reset the homepage:

  1. Click three horizontal lines at the top right corner to open the menu.
  2. Choose Options.
  3. Under Home options, enter your preferred site that will open every time you newly open the Mozilla Firefox.

Clear cookies and site data:

  1. Click Menu and pick Settings.
  2. Go to Privacy & Security section.
  3. Scroll down to locate Cookies and Site Data.
  4. Click on Clear Data…
  5. Select Cookies and Site Data, as well as Cached Web Content and press Clear. Clear cookies and site data from Firefox

Reset Mozilla Firefox

If clearing the browser as explained above did not help, reset Mozilla Firefox:

  1. Open Mozilla Firefox browser and click the Menu.
  2. Go to Help and then choose Troubleshooting Information. Reset Firefox 1
  3. Under Give Firefox a tune up section, click on Refresh Firefox…
  4. Once the pop-up shows up, confirm the action by pressing on Refresh Firefox. Reset Firefox 2

After uninstalling this potentially unwanted program (PUP) and fixing each of your web browsers, we recommend you to scan your PC system with a reputable anti-spyware. This will help you to get rid of Msftconnecttest registry traces and will also identify related parasites or possible malware infections on your computer. For that you can use our top-rated malware remover: FortectIntego, SpyHunter 5Combo Cleaner or Malwarebytes.

How to prevent from getting malware

Access your website securely from any location

When you work on the domain, site, blog, or different project that requires constant management, content creation, or coding, you may need to connect to the server and content management service more often. The best solution for creating a tighter network could be a dedicated/fixed IP address.

If you make your IP address static and set to your device, you can connect to the CMS from any location and do not create any additional issues for the server or network manager that needs to monitor connections and activities. VPN software providers like Private Internet Access can help you with such settings and offer the option to control the online reputation and manage projects easily from any part of the world.

 

Recover files after data-affecting malware attacks

While much of the data can be accidentally deleted due to various reasons, malware is one of the main culprits that can cause loss of pictures, documents, videos, and other important files. More serious malware infections lead to significant data loss when your documents, system files, and images get encrypted. In particular, ransomware is is a type of malware that focuses on such functions, so your files become useless without an ability to access them.

Even though there is little to no possibility to recover after file-locking threats, some applications have features for data recovery in the system. In some cases, Data Recovery Pro can also help to recover at least some portion of your data after data-locking virus infection or general cyber infection. 

 

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

If this free guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Gabriel E. Hall
About the company Esolutions

References