One of the things I do like about my work in Information Technology is that it does help out at home.
A few days ago, I was looking at some street photos at a site to which I always go. Suddenly my Microsoft Security Essentials log popped up; it had caught a malware bug. I used the program to quarantine the bug and then delete it. From my experience at work, I knew that there could be more to this than just this one occurence.
One of the programs I have for just such a case is Malwarebytes Anti-Malware software. So I opened it and downloaded the latest definitions and then ran a quick scan. After a few minutes it had found 10 infected files and replications. I used the program to delete these files and then re-booted the PC.
After coming back up I then ran another, but full, scan of the HD on my PC, and went and took a shower. When I came back it showed that the HD was clean and at that point I decided to go on-line and make sure that the Microsoft Security Essentials and Malwarebytes were up to date but, lo and behold, I had no internet access…
Uh, ooh…
The first thing I tried was to access my router/modem to check connections but I could not open up the web-based program that ran it. “OK, now what?” is what I thought. I couldn’t access the Internet and I could not access the router/modem program. So, my thought at this time was that maybe one of the files that had been infected was somehow connected to that piece of equipment.
I checked the files in the quarantine folder and none of them, as I could tell, was not something connected with R/M. At this point I knew that I had an older R/M and went and got it. I set it up in place of the other piece of equipment and proceeded to access the web-based program that it had.
Know what? I couldn’t access it as well. ???
Now I really had a mystery on my hand. At this point I thought, “OK, if I was I work, what would be the first thing that I would check?” Of course, internet connection settings…
In Internet Explorer I went to Tools, Internet Options and then the Connections Tab. On the Connections Tab I found the listing for my Internet connections and selected my main one which is Verizon. I then selected the “LAN Connections” button and in the next window I found that the settings for using a “Proxy Server” was checked off. That should not have been.
I immediately un-checked the Proxy Server selection and then clicked on OK and kept backing out to the main window. I then re-booted the PC just to make sure all was up and running OK.
As soon as the PC came back up and was ready I then clicked on Internet Explore and up came the Internet to my home page. All was well. Evidently, when the Malware hit there must have been a backdoor selection to it so that when I went to delete the software it would disable my ability to access the router/modem and the Internet. Most likely so that I could not retrieve any programs needed to get rid of it.
However, since my Microsoft Security Essentials was already up to date, it caught it before it could do anymore damage than it did and that allowed me to be able to update Malwarebytes and do the scan’s needed to capture, quarantine and delete the bug and it’s associated bots. This PC is now clean.
If I had not had any knowledge of this, or of what I should have been checking, I wonder if I would have been able to make effective repairs to my PC without paying for it. Most people would not have been able to do so. Knowing what to do first and then where to check for where the possible problem might have been is something I learned because of my work, and for that I’m grateful.
As a follow-up to the Proxy Server selection I should give a brief explanation of just what a Proxy Server is. Basically it is just another piece of equipment that can control your access to resources on your network or in making a connection to the Internet. When the LAN settings Proxy Server is checked, your PC would first look for that server before trying to access the Internet. If it doesn’t see the Server you won’t get a connection to anything. Because of rules that can be applied to it, the Server would either allow or dis-allow your request for Internet connection.
In my case, since there is no Proxy Server, my PC could not see the Internet as it could not gain access to a supposed Server. Thus, no Internet connection, not even to the router/modem as the Proxy Server would have been between the R/M and my PC. That is also why I could not access the web-based program.
This is why I love the work that I do and why I do not mind in bringing home my work. It sure helps in time of need… 🙂
This is how my router/modem looks:
Thanks for the info. Will you be available for lessons when you retire? Really!