The original post: /r/homenetworking by /u/johnk442 on 2024-05-20 00:50:55.
Hello, and TIA. I have a home networking question; please do advise and forgive me if I have posted in the wrong subreddit, or posted the wrong question, etc.
* * * *
TL;DR: Client got hacked, bad, and wants a new laptop installed instead of fixing old system.
-> Can I simply install the new system and connect it to the Internet without worrying about the previous hack, since 1) the client left two obvious password files on his computer desktop, and 2) Avast gave a warning of open router ports? His ISP is Spectrum, so I don’t have access to open/close any ports individually as far as I know, even from within the My Spectrum app.
-> Would a factory reset of the router work, or even be advisable?
* * * *
I am basically new to computer tech support, and while I have a piece of paper saying I have studied networking, I have never had the opportunity to actually work in the field. So I am being ultra-cautious with a client who got hacked.
I have many years’ experience using software and PCs but only 1 1/2 years in actually doing stuff in this new arena. I was a contractor (eww? but I did gain experience) for a year and now am a part-time, bottom-feeding freelancer, helping senior citizens with stuff that’s hard for them but that I can do (ISP router and modem setup, printer connection and TS and repair, system research and recommendation, data transfer, OS reset, etc) without negatively impacting them. I happen to live in a retirement mecca, so…
Anyway, I have a client who got hacked, bad, (RAT with accessible password files, multiple-file deletion, etc), and he wants a new laptop - he thinks we can just plug it in and connect it to the internet, and all will be well; he is disconnecting and storing the old laptop and the data thereon rather than face the difficulties of remediation, which would be beyond my current capabilities. I tried referring out to a PC tech company but the client instead wants a new system.
Avast gave a network warning saying there are open ports on the router. Given that the hack was a RAT and that the client literally had two files named “Passwords…[date]” on his desktop, and that the hacker presumably has them, as well as the previous access info for his router, I am concerned that simply hooking up the new laptop will be a disaster, as for one thing, it will be a while before the client can change all the passwords, disconnect logged in accounts, set up 2FA, etc.
His ISP is Spectrum, so I don’t know how or if the hacker actually got blocked ports, unblocked. I just checked Spectrum’s site and there is an extensive list of the ports Spectrum itself blocks. So, I don’t even know if the Avast warning was anything to worry about.
Thanks for all answers, and if I have posted in the wrong subreddit, please advise and forgive.