What about the problem that I am dealing with as far as RATTING on my pc goes? What do you think the best solution is for that?
Back up and reload your stuff on a fresh install of windows after setting up 2 factor. The router may be a secondary infected thing.
Qubes is also a great choice if you need windows but want extra security
2 Likes
This might be possible since an attacker does leave traces, but finding them is not easy and in your case probably impossible. Also, attackers and malicious programs try to remove the traces left, by clearing the event viewer for instance, so Iâd argue that it isnât.
As @wendell has hinted, there is a way to recover your password, but Iâd also try to reset the account if possible. Unfortunately, infecting a router as mentioned by @wendell, is not that complicated. In case youâre interested, I recommend Samy Kamkarâs BlackHat/DEFCON talk âHow I Met Your Girlfriendâ
1 Like
Thank you for the advice. What kind of routers do you recommend in my situation?
Does Qubes run with Windows? I unfortunately have to use Windows because my DAW just works with Windows or Mac.
Also, I unfortunately have 2 factor already authorized on that account. Thatâs the problem, I canât get into the account that is linked with 2 fa and everytime I try the other options google comes back and says that they cannot verify that I am the owner of the account. 
Thank you for the help, I really do appreciate it. What do you mean by reset the account?
Glasswire. Thatâs a Wireshark type program for normies. Itâs quite good tbh.
1 Like
I see you are a musician so Iâm sure you have these tools/ software. I would start with:
If you have programs that require you to set up keys/tokens or re-authenticate like your music software you will have to go through their steps to get those active once you rebuild this PC.
For example: AbletonLive9, FLStudio, Adobe products, Traktor, Serato. You might need to authenticate the software as if you just purcahsed it, sometimes itâs as easy as logging in to the software, or maybe having a keyfile issued by the app. There are ways to do this but you will need to go through the apps you have one by one or their help options.
.
.
Go through the windows app and see if you can back up / export / download .csv of your contacts and download your emails. I would go ahead and purchase an external USB HDD (a large one ) to prepare for backing up data and programs.
.
.
Things have changed since I last used DAW software years ago, but I donât think its easy to set up considering you might have midi controllers and other devices that need direct access to software interfaces like AbletonLive9 or Serato etc.
.
.
.
This is my personal opinion portion:
If at all possible and once you have saved/backed up Contacts, emails, dat files, project files, music, compilations and leave no stone unturned, I would personally âNuke and Paveâ the PC.
Meaning, I would do a full removal of the OS and reinstall brand new, reinstalling all apps and immediately imaging the drive to an external drive. Then move all music/file back onto my PC. this way you have a fresh install you can restore from and your property is on another drive safe as well. Just my opinion.
4 Likes
What type of router do you think I should buy when replacing my old one? I have spectrum, will replacing it cause a problem with my service provider?
Thank you for the detailed response, I do appreciate it. And when you say a full removal do you mean that I should purchase a new copy of Windows?
That is a great question in this day and age as a consumer. What brands make routers and patch and support them for 6 years 10 years. Im using an ADSL2+ modem / router thats 10 years old, only with no updates,
In a world where now routers are the target of most attacks.
Im more leaning towards making my own router with open source. Im stuck with ADSL2+ modems.
2 Likes
PFsense could work, or a used industry (cisco, extremenetworks, etc.) could also work.
There is another Enterprise Level company I would like to suggest MikroTik. I was introduced to the company by a forum member ( I donât remember his name.) while I havenât purchased a unit from this company yet, I plan on doing so soon.
I realize I have recommended Pfsense in the past, but since running Pfsense on a virtual machine, I have come to realize Pfsense isnât as secure as I once thought it was. I am willing to admit maybe the way I had to modify the install script of Pfsense to work with my IPS provided router has caused the situation where Pfsense isnât as secure as it can be. I am not trying to start a flaming war, but just stating my opinion on Pfsense.
1 Like
do a bios update just in case that it wasnât a noob.
And spektre and meltdown patches!
1 Like
Restore the machine to known-good backup is possibly the least amount of time and most amount of âfeel-goodâ that itâs clean. If you donât have routine backups, thisâll suck.
I know you donât want to hear this now. If it helps, weâve all been there at least once and seriously empathize. We all seem to go through the pain at least once before getting serious about good backups. Here are some things to consider when youâre doing your post-disaster / after action review.
Backups:
3-2-1 is the rule. This goes double if this is a machine you make a living on. This is considered the industry best practice.
3 â Three copies of everything, minimum. Thatâs the original in place, plus two backups. Sync like Dropbox is not a backup since syncing services will happily sync corrupted/infected files overwriting the original. Theyâre also not as cost effective as a proper backup anyway with todayâs larger data sets.
2 â Two of the copies should be local (original and local backup) but should be split among at least two mediums/devices. Backing up to a hard drive in the same machine isnât a great plan. Even a USB drive isnât great. A machine infection could corrupt the local backup pretty easily. A network device is a better option.
1 â One of those locations should be off-site and preferably in a location that wouldnât be susceptible to the same natural disaster that could hit you. Burglary, fire, flood, tornado, hurricane, earthquake⌠even social unrest and political upheaval might be a concern for you. This is what the off-site backup is for.
There are as many ways to accomplish these goals as there are people doing it, but here are some thoughts for SOHO folks.
- Backblaze is a cheap way to handle one of the backups and take care of the off-site part. I wouldnât rely on it as a sole backup though. Even they advise against it. They recommend their service as a supplement to local backups. Personally, I might not use them if I was located in California where they have their data centers since I prefer my geo-redundancy to be pretty distant from me.
- If you use the same software for both backups, you could have a software bug or vulnerability affect both of your backup sets.
- Acronis has some really great backup software for handling the local backup. They offer the option of a cloud backup as well, but it isnât unlimited and see bullet #2. In my experience, bare metal recovery with Acronis was pretty painless, fast, and easy.
- One of the reasons to have a local backup set is time to recovery. If your backup set is large, recovery time could mean a lot of downtime if you have to download it all over the Internet.
- SyncBackPro is a cheap approach to a local backup as well. If you have a NAS somewhere to which you can dedicate some backup space.
- For the tech-savvy, throwing up a FreeNAS box with Bacula running on it is a robust yet free and open source solution for the local backups.
Whichever solution you decide on, do some trial runs including a bare metal restore.
In my small office, we run Backblaze for remote backups and Acronis pointing to a local FreeNAS box for local backups. Bare metal restore with Backblaze isnât awesome, but it is only there for the complete disasters. Acronis restore is as simple as booting to a USB stick, it can see the NAS, pick the backup set you want, and go take a coffee break. Come back and the machine is in the prior state. Individual file level restore is also pretty easy.
Anyway, I hope you find this useful in making the next time less sucky. This isnât an âI told you soâ or âYou dummy, you shoulda.â I feel your pain. Iâve been there. This is in hopes that a comrade wonât have to feel the pain again. Hopefully it can be downgraded from crisis to minor annoyance.
(I have no affiliation with any of the products/services mentioned.)
2 Likes
I appreciate this so much man.
Again, I am not entirely sure whats going on with my CPU. Mainly because I donât know even how to check and find these things that might be spying on me, such as a keylogger or some sort of ratting service as mentioned above.
I am probably going to get Geek Squad out to my residence and have them perform the back up and reset along with a fresh router install.
What do you think about that?
If you are too afraid to do it yourself than it is probably the right thing to do, I used Geek Squad once and wasnât all that impressed with them. It seemed I knew more how computers work than he did, I hope your experience is a lot better.
1 Like
Yeah, that is a concern that I have as well. I have not been impressed by services such as Geek Squad myself. It is due to the fact that I have zero experience with this process that I am relying on them.
I appreciate the help!
if you want to be secure in the files you wish to save then use a portable hard drive.
when you go to save the files save them to the portable hard drive instead of on the pc.
then take the drive with you or lock it in a safe!
this is an easy solution!
wireshark is but one of many programs out there that can monitor your net traffic, and is a good one.
but if you are considering security issues for protecting your content then its a simpler idea to limit the computer from accessing the internet by disabling the internet connections and setting up a strong admin password
you can also disable autorun features for the optical drives as well