so, some time this morning, i stopped myself from pushing forward with the tweaks, put the thing back together and went to sleep. i was up about 17:30 and have been typing a little since. i'm going to stop, get something to eat, clean up the mess from the last few days and try to focus for tomorrow.
i just lost a week that i didn't want to lose. so be it.
what did i do to the machine?
- the firewall is locked down.
- i removed as much of the remote assistance software as i could. i'll have to keep an eye on that
- windows update, which was the direct recent problem, is uninstalled. the catroot is wiped. task scheduler is also uninstalled. i've uninstalled a large number of other services, as well.
- i've installed a detailed group policy that should block remote attackers, police or otherwise, from doing most things.
- i'm going to be running the process monitor essentially all of the time.
as a local admin, i can only take so much control over this machine. linux opens up a can of worms - i know i have a learning curve if i'm going to get into a fight. but, with windows, you don't know what the fuck the machine is actually doing. so, i need to be empirical about what's actually happening.
the procmon is the log i want, the log i was looking for. and, if there's anything going on, i'll find out.
for now, i think that this is enough and i'm willing to get back to work.
Thursday, December 5, 2019
i was just about done. really.
i locked the firewall right down - only firefox can access the network. i deleted all kinds of services. i locked the group policy editor down.
i was just going to check my email, and i wanted to figure out how to fix this nagging task manager error first, which is something that i've fixed before but can't get right now. so, i loaded up process monitor and rebooted a few times and scared the hell out of myself.
what is it doing in the catroot folder? it shouldn't be in there.
and, why is it installing registry keys to the terminal service?
on a whim, without thinking, i just undid it - i deleted it. and, the thing came up to a blank screen. in hindsight, it's obvious that i deleted the logon.
i was able to fix it by copying it over from the other control set. so, i'll have to double check what i did, and i realized i've still got services sitting.
but, i think i stumbled upon what needs to happen - i need to just let the process monitor run constantly and react to it as shit happens.
i should be up within a few hours. i'm sure of it. and, i don't intend to go back down any time soon. if there's somebody hacking in here, i'm going to catch them. so, be warned - you're on notice.
at
06:18
and i'm going to state this clearly.
a big part of the reason that i've been just fixing this and moving on is that i'm assuming that whoever's doing it will get bored.
if that person or organization doesn't back off soon, and i'm able to gather more and more information regarding remote access requests, i'm going to have to get the police involved.
this has been going on for far too long.
at
00:11
as mentioned repeatedly, my sites are on the side.
if it's not on the side? it's not my site.
at
00:04
i *am* finding bad clusters, specifically in the recycle bin, and i do think it was creating access issues. i don't think this is pointless.
i spend essentially my whole life in front of the computer, don't i? and, i'm not particularly upset or concerned about it. it's what i do, and when the devices are functioning, i tend to be fairly productive. i've just been dealing with these constant attacks now, for months, and don't actually know what the point of them even is.
as we can see, i don't have difficult getting back on the internet. i'm still blogging. if the purpose of this is to shut me down, it's not working.
if the purpose of it is to spy on me, i'm baffled as to why when i post most of my life to the internet. you don't need to spy on me - i'm volunteering the information.
is what i'm volunteering not enough? well, according to who? you'd think i get to determine what's enough and what isn't, and that anybody trying to interfere with my choices is trampling all over my privacy rights. but, regardless, this isn't working out so well, is it? the machine just keeps shutting down, and i keep formatting the drive. by trying to gather more information than i'm volunteering, you're actually getting less than you'd get in the first place. and, you're just slowing everything down.
but, i mean, i don't know what they're looking for. i'm a disabled person with no friends or family, by choice. i prefer to spend 95% of my time alone. that's a choice. i don't like being around people, except when i'm experiencing live music. and, as mentioned, everything i do on he internet is centralized at a blog.
there's nothing further to gather....
there's nothing further to gather....
the bottom line is that it's not up to anybody except me to determine what i'm posting wherever i'm posting it. these are my sites. if you don't like my viewpoints, i don't give a fuck, and you can fuck off. there's absolutely nothing you can do to shut me down, and it's better if you just accept it.
and, the other bottom line is that i'm very transparent and open. i'm not hiding anything. there's no secret life of jessica - what you see is really what you get.
and, the other bottom line is that i'm very transparent and open. i'm not hiding anything. there's no secret life of jessica - what you see is really what you get.
if you want me to hurry up, there are two things you can do:
1) back off and let me work.
1) back off and let me work.
2) send me money so i'm stable.
distracting me or fucking with me or trying to gather more information than i'm volunteering is not helping anybody, it's just slowing me down and wasting everybody's time.
at
00:03
Subscribe to:
Posts (Atom)