yeah, it came up but the firewall is dismantled, like it was before.
so, that's what this thing does, whatever it is:
1) somehow installs via firefox
2) there is a hard reboot, at some point
3) uses windows update to install some kind of active directory service
4) shuts down my firewall, from the active directory
and, i don't know what it does after that.
i'm not interested in undoing what got done. rather, as mentioned, i'm going to format the machine and put the clean copy in. but, i'm going to make a few tweaks, and we'll see if it helps or not.
given that it seems to be the active directory that they're using, dismantling the active directory seems to be the best thing to try next.
obviously, i'd rather the attacks just stop, but i'm not a network person. i have no academic background and no experience doing networking in any context, whatsoever, at all. i have a math degree, not a computer science degree, and what i did study in school that was computer-related was 100% programming. as the only reason i did it was to get a job, all i know is what they taught me. so, i don't know anything about networking, i don't know anything about hardware and i don't even know anything about smart phones. not only am i not really very interested in computer science, but i'm not even really that interested in technology, in general, except in the context of sound recording. it took me until 2017 to buy a smart phone, and i've only turned it on a handful of times. i made a mistake, and i realized it a long time ago. remember: i spent my last years at carleton studying law, actually.
i have more work experience doing windows troubleshooting, and that's the part of this that i'll actually be able to figure out. i'm far more likely to succeed in locking the machine down locally than i am to win some kind of war with some gamers. in context, the smart thing for me to do here is to recognize my ignorance and play to my strengths.
i don't have the money to buy expensive routers, either, which might be what the issue actually comes down to.
so, i actually don't think i'm capable of blocking the attacks at a network level, and if that's what somebody is expecting then they'll be sorely disappointed. i would need to ask for somebody's help to do that, so i'm throwing that out there - if anybody wants to take some of those servers down, please do it.
rather, i'm going to focus on eliminating the functionality, locally. in the end, whomever is doing this - be it the cops or somebody trying to "pwn" that kid in new york - will probably still be able to hack into the machine. i probably won't be able to stop that. but, hopefully, they won't be able to do anything when they get in.
or, we can keep reinstalling every couple of days until they got bored and find somebody else to bother.
given that it seems to be the active directory that they're using, dismantling the active directory seems to be the best thing to try next.
obviously, i'd rather the attacks just stop, but i'm not a network person. i have no academic background and no experience doing networking in any context, whatsoever, at all. i have a math degree, not a computer science degree, and what i did study in school that was computer-related was 100% programming. as the only reason i did it was to get a job, all i know is what they taught me. so, i don't know anything about networking, i don't know anything about hardware and i don't even know anything about smart phones. not only am i not really very interested in computer science, but i'm not even really that interested in technology, in general, except in the context of sound recording. it took me until 2017 to buy a smart phone, and i've only turned it on a handful of times. i made a mistake, and i realized it a long time ago. remember: i spent my last years at carleton studying law, actually.
i have more work experience doing windows troubleshooting, and that's the part of this that i'll actually be able to figure out. i'm far more likely to succeed in locking the machine down locally than i am to win some kind of war with some gamers. in context, the smart thing for me to do here is to recognize my ignorance and play to my strengths.
i don't have the money to buy expensive routers, either, which might be what the issue actually comes down to.
so, i actually don't think i'm capable of blocking the attacks at a network level, and if that's what somebody is expecting then they'll be sorely disappointed. i would need to ask for somebody's help to do that, so i'm throwing that out there - if anybody wants to take some of those servers down, please do it.
rather, i'm going to focus on eliminating the functionality, locally. in the end, whomever is doing this - be it the cops or somebody trying to "pwn" that kid in new york - will probably still be able to hack into the machine. i probably won't be able to stop that. but, hopefully, they won't be able to do anything when they get in.
or, we can keep reinstalling every couple of days until they got bored and find somebody else to bother.