so, some time this morning, i stopped myself from pushing forward with the tweaks, put the thing back together and went to sleep. i was up about 17:30 and have been typing a little since. i'm going to stop, get something to eat, clean up the mess from the last few days and try to focus for tomorrow.

i just lost a week that i didn't want to lose. so be it.

what did i do to the machine?

- the firewall is locked down.
- i removed as much of the remote assistance software as i could. i'll have to keep an eye on that
- windows update, which was the direct recent problem, is uninstalled. the catroot is wiped. task scheduler is also uninstalled. i've uninstalled a large number of other services, as well.
- i've installed a detailed group policy that should block remote attackers, police or otherwise, from doing most things.
- i'm going to be running the process monitor essentially all of the time.

as a local admin, i can only take so much control over this machine. linux opens up a can of worms - i know i have a learning curve if i'm going to get into a fight. but, with windows, you don't know what the fuck the machine is actually doing. so, i need to be empirical about what's actually happening.

the procmon is the log i want, the log i was looking for. and, if there's anything going on, i'll find out.

for now, i think that this is enough and i'm willing to get back to work.