martedì 22 novembre 2011

Off script

Q: I recently downloaded some software that appeared to install some malware on my computer. I installed some additional security software from issue 132 and scanned my computer with Avast and also several malware checkers having first disabled the system restore. I seem to have cleaned the computer, as the scans picked up two infections and subsequent scans show nothing.

However, recently when I try to log on to a website I sometimes get Firefox cannot load a page, or it seems to be redirected through delaying the page from loading. Do you know if this is part of the previous infection I may have had or something that has been introduced by Google through the recent Firefox update? Either way it is very annoying. Can I get rid of it or should I just change my browser?

A: Most likely you’ll find that the browser is trying to redirect via a spoofed page. This is because the virus has poisoned your machine’s DNS (Domain Name Server) cache. So when the browser gets a legitimate request for Google Analytics – which is used by many websites to track visitors – it tries to redirect to another page which then attempts to run a script to re-infect the machine. Hence the fact that Firefox hangs as the site will probably have been reported and taken down by now.

You should be able to cure it by flushing out the DNS cache. Close all browser sessions, then click Start/ Run – or use the Start menu Search box in Windows 7 – type in ipconfig /flushdns and press Enter. When you next run your browser the cache will be empty so you shouldn’t get the problem. If it persists and you have a router, check that the DNS settings on there haven’t been corrupted too.

To stop this from happening in future you can download NoScript a Firefox add-on which prevents webpage scripts from running without permission.

You can clear out the DNS cache using the ipconfig command You can clear out the DNS cache using the ipconfig command

Originally featured in PCU134


Nessun commento:

Posta un commento