Troubleshooting Security Issues – CompTIA A+ 220-1102 – 3.2

The security of an operating system is critical to providing ongoing uptime and availability. In this video, you’ll learn about network access issues, desktop alerts, false antivirus alerts, browser security errors, and more.

If you’re working on your computer and find that has very slow access across the network, or it tends to hang up or have problems doing normal operations, then you might be infected with malware. Malware, of course, is well known for causing problems on your system, and you might see messages or symptoms that indicate that malware is the root cause of these problems.

It’s very common for malware to prevent you from doing things on the internet because it doesn’t want you downloading the malware removal programs. Along those same lines, malware might prevent your operating system from communicating to the internet because of it downloads the latest security patches it could potentially remove this malware. If there’s information on this computer you have to recover, then you might want to try using a malware removal tool.

But in most cases, completely deleting everything on the system and starting with a fresh configuration is often the best practice when dealing with malware. Some malicious websites will use features within your browser to fool you into thinking that something wrong is occurring on your system. These are usually presented in your browser as push notifications. So if you allow a particular site to send you these notifications, they might send you messages telling you that your antivirus is out of date and you need to download the antivirus from their website to get everything back up and running.

In reality of course, your antivirus is not expired and everything on your system is running normally. However, if you download the software they’re suggesting, it almost certainly contains malware at which point you will be infected. Fortunately, most browsers allow you to change these settings associated with these notifications. It’s probably under a security setting where you can decide whether sites can ask to send you notifications. Or you can disable all notifications and only enable them for known good websites.

And of course, if you’re not sure if these messages may indicate malware on your system, it’s time to perform a scan and see if anything is identified as known malicious software. If malware is indicated on your system, you can delete everything and install from scratch or recover from a known good backup. These false antivirus alerts are very common. And you might see them appear in your browser or a separate Windows that pop up when you visit a website.

These may present messages asking you to resubscribe for another year of access. In reality, of course, you’re simply handing over some money to the attackers. Or it may present a message on the screen saying that your system is locked. In reality, of course, your system is running normally, but they’re trying to scare you into providing them with additional money to unlock your system.

For these very specialized types of malware, you may need a third party standalone malware removal tool. Sometimes you can download these from known trusted anti-malware sites or you may delete everything on your system and reinstall from scratch. If you’re trying to troubleshoot a problem and you notice that some of the Windows operating system files have been modified, it might give you an idea that something malicious is occurring on the system.

Files might be changed, other documents may be missing completely because the malware has decided to start removing files from your computer. You might also notice that the permissions for certain files have been changed to allow malware access to those files, or there may be access permissions that are preventing you from accessing files that you’ve already saved. This all indicates some type of malware might be running on the system, and of course, you should delete everything on the computer and reload or install from a known good backup.

You may occasionally see errors occur in your browser specific to certificate problems. Usually this will present a message on the screen that tells you why this particular problem is occurring in your browser. It might tell you that the site you’re visiting is unsafe or it may say that your connection is not private. To get more details on what might be causing this problem in your browser, you should look at the cert details.

Usually you can click the lock icon that’s in your browser to pull up more information about the cert. It may be the site you’re visiting has a certificate that’s expired and your browser is informing you that the certificate has not been updated. Or it may be that you’re visiting a particular website, but the certificate that’s been provided to you is for a completely different fully qualified domain name.

You might also have cases like this one where it tells you your connection is not private because this certificate has not been signed by a certificate authority that’s trusted by your browser. Once you drill down into the cert details, you can see the domain name that’s associated with the certificate, and you can understand who the trusted certificate authorities are that signed this particular cert. If this information does not look correct, then that something may be wrong with the certificate that’s being provided by that website.

Because these certificates do rely on a correct date and time, you should check the clock on your own computer. If the date and time on your computer is incorrect, then your browser may show errors associated with that incorrect date and time. For many of us, we use Google as a search engine. But what if you went to your computer, brought up a browser, and performed a search but the results did not come from Google?

In those cases, it could be that your browser is being redirected to a different search engine. This link to a third party search engine may be a way to have more malware provided through these links, or it may be a way to present you with advertising that makes more money for the attacker. Although you could try using an anti-malware or antivirus cleaner to remove this browser redirection, this is generally not the best idea.

The best practice is to delete everything on the system, install a fresh version of the operating system, or install from a known good backup.