[squid-users] Remove squid cache?

[Amos Jeffries]

On 26/08/2015 2:54 p.m., Cindy Yang wrote:
> Hi all,
> 
> I hope this is the right place to ask for help. A few weeks ago I
> updated my laptop to windows 10. It worked great for a few weeks and
> then I noticed that certain websites were not able to load. I paid no
> attention to it since I figured it was my shitty wifi. Well turns out
> I've somehow installed squid cache on my computer and its preventing
> me from visiting certain websites. I get the error "The remote host
> or network may be down. Please try the request again".
> 
> I don't have the time or patience really to be dealing with this. Can
> someone help me in removing or righting whatever I did?

Hi Cindy,

Good news is I doubt its anthing particular you did. Bad news is that
might mean there is nothing you can do about it.

The modern popular browsers all have some 'developer tools' or such that
you can use to view the page traffic. In particular where the browser is
connecting to and what HTTP messages are happening. If you can check the
HTTP message headers on the reply the browser is getting back it should
show a Via: or Server: headers with domain name(s) hinting at where
exacty the Squid is.


The rest of this is all maybe and guesswork. So see if you can do the
above to get some solid info.

...

Firstly, Squid is server software not generally useful for PC or
workstations. But *is* commonly used by ISPs or website CDNs. Thats
behind the bad-news part.

 If your ISP is using Squid you need to talk with them about your problems.

 If its the website owners themselves the same deal, but with somewhat
more difficulty finding who to contact.

...

On the other hand if Squid is actually on your machine you are going to
have to locate how it was installed and see if you can remove the thing
it was bundled with. A bit of work but with a solution at the end.


Start with your browser settings to see if there is a proxy host:IP or
PAC file configured. And also the system "Internet Options" contol panel
(was under the Network Sharing last I saw). If there is a localhost,
127.0.0.1, or ::1 configured as proxy address that might just be your AV
vendor - so go carefully with changing, but its worth a try.

The legitimate Squid for Windows are installed via the normal progm
install so should show up in "Programs and Features" control panel.
Other ways are a bit nasty.


In the far past I've seen some virus using squid and other proxies to
grab web traffic on the machine. But that practice seems to have died
away, so you would be very unlucky if it was. Well worth a good AV scan
anyway though.

It may also actually be a part of your AV vendors product - I'm aware of
Squid being used somehow by Symantec AV suite / security utilities (for
servers), Trend Micro AV security suite (for servers), or any "cloud"
based security product.
 Note that the big names there are server/ISP products not designed for
end users devices anyway. So checking the product suitability to your
device might be in order.


Since Squid is usually network software and you mention wifi, you could
be seeing signs of someone hacking your wifi access point. Using only
securely encrypted wifi/wireless security is the only way to avoid that.
Maybe changing the password/phrase there if it has not changed in a while.

Hope this helps.


Amos