3.2 Troubleshooting Common Personal Computer (PC) Security Issues
COMPTIA A+ CORE 2 - DOMAIN 3
Cyber Wizard
This article provides a detailed guide on diagnosing and resolving common PC security issues, including network access problems, antivirus alerts, system modifications, and browser-related threats, as required for the CompTIA A+ exam.
CompTIA A+ Exam Domain: Domain 3.2 - Given a scenario, troubleshoot common personal computer (PC) security issues.
Common Security Symptoms and Their Causes
Identifying security-related symptoms is the first step in mitigating potential threats.
Unable to Access the Network
Causes:
Malware modifying network settings (e.g., changing DNS settings to malicious servers).
Firewall misconfigurations blocking legitimate traffic.
Unauthorized changes to TCP/IP settings.
Troubleshooting:
Check ipconfig /all for incorrect DNS or IP configurations.
Reset network settings: netsh winsock reset.
Verify Windows Defender Firewall and third-party security software settings.
Scan for malware using Windows Defender or Malwarebytes.
Desktop Alerts (Security Warnings or System Messages)
Causes:
Fake security alerts from adware or scareware.
System integrity warnings due to failed OS updates.
Troubleshooting:
Open Event Viewer (eventvwr.msc) to analyze security logs.
Identify and uninstall suspicious applications.
Run a full system scan with updated antivirus software.
Check taskschd.msc for rogue scheduled tasks triggering alerts.
False Antivirus Protection Alerts
Causes:
Fake antivirus software (scareware) prompting users to pay for unnecessary services.
Unauthorized antivirus software being disabled by malware.
Troubleshooting:
Verify antivirus status in Windows Security Center (securityhealthservices.exe).
Uninstall rogue security applications via Control Panel > Programs and Features.
Boot into Safe Mode with Networking and remove threats using Malwarebytes.
Reset Windows Security settings using sfc /scannow and DISM /Online /Cleanup-Image /RestoreHealth.
Altered System or Personal Files (Missing/Renamed Files)
Causes:
Ransomware encrypting or renaming files.
Unauthorized user account access.
Troubleshooting:
Check File History or Windows Restore Points for missing files.
Look for unknown user accounts (lusrmgr.msc) and remove unauthorized ones.
Scan for ransomware using Emsisoft Decryptor Tools or No More Ransom.
Disconnect from the network immediately to prevent further file encryption.
Unwanted Notifications Within the OS
Causes:
Adware injecting pop-up notifications.
System settings modified to allow excessive notifications.
Troubleshooting:
Open Settings > System > Notifications & Actions and disable unnecessary sources.
Check installed applications for recently added unknown software.
Use msconfig to disable unwanted startup programs.
Run AdwCleaner to remove adware.
OS Update Failures
Causes:
Corrupt Windows Update cache.
Malware preventing security patches from installing.
Insufficient storage space.
Troubleshooting:
Run Windows Update Troubleshooter (msdt.exe /id WindowsUpdateDiagnostic).
Clear update cache (net stop wuauserv & net stop bits, delete C:\Windows\SoftwareDistribution, then restart services).
Check free disk space and remove temporary files.
Use sfc /scannow and DISM /Online /Cleanup-Image /RestoreHealth to repair update-related corruption.
Browser-Related Security Issues
Random or Frequent Pop-Ups
Causes:
Adware infections.
Malicious browser extensions.
Websites using aggressive advertising techniques.
Troubleshooting:
Remove unwanted browser extensions (chrome://extensions, about:addons).
Reset browser settings (chrome://settings/resetProfileSettings).
Scan with AdwCleaner to detect adware.
Enable pop-up blockers in browser settings.
Certificate Warnings
Causes:
Expired or self-signed website certificates.
MITM (Man-in-the-Middle) attacks intercepting secure connections.
Incorrect system time causing SSL/TLS errors.
Troubleshooting:
Check and update system time (timedate.cpl).
Verify site legitimacy before bypassing certificate warnings.
Use certmgr.msc to inspect trusted root certificates.
Run a DNS check (nslookup website.com) to detect hijacked domain resolutions.
Unwanted Browser Redirection
Causes:
Browser hijackers changing homepage and search engine settings.
Malicious DNS settings redirecting traffic.
Phishing sites tricking users into visiting fraudulent pages.
Troubleshooting:
Reset browser settings (chrome://settings/reset, about:support).
Check DNS settings (ipconfig /all) for unauthorized changes.
Flush DNS cache (ipconfig /flushdns).
Use Malwarebytes and HitmanPro to remove hijackers.
Preventive Measures for Future Security Issues
Enable Real-Time Protection
Ensure Windows Defender or third-party security software is active.
Keep antivirus definitions up to date.
Use a Secure DNS Provider
Cloudflare (1.1.1.1), Google DNS (8.8.8.8, 8.8.4.4), or OpenDNS provide security against phishing and malware.
Enable Multi-Factor Authentication (MFA)
Reduces risk from credential theft by requiring an additional verification step.
Educate Users on Phishing and Social Engineering
Encourage users to:
Avoid clicking on unknown email links.
Verify sender legitimacy.
Check website URLs before entering credentials.
Regularly Update the OS and Software
Keep Windows and third-party applications updated to patch vulnerabilities.
Enable automatic updates where possible.
Final Thoughts
Troubleshooting PC security issues requires understanding common threats, identifying symptoms, and applying effective mitigation strategies. The CompTIA A+ exam evaluates an IT professional’s ability to diagnose security problems, remove malware, and secure systems against future attacks.