Windows 10 Securing My Laptop: Disabling Remote Access and Creating a Recovery USB

iOftheStorm

New Member
Joined
Mar 7, 2018
Messages
29
Hi guys.

Unfortunately I have lovely neighbours who keep hacking me and have done on my windows laptop for the last 7 months.

I want to switch off any facilities that allow them to make any changes to the laptop that will cause it to have problems.

So I would like network sharing off. Remote Desktop and remote admin and also any vpn site to site connections because they use them on all devices.

They have set up a Smb file share on my router.

How do I use the internet without them being able to play around and mess up my laptop.

It’s the second time it’s been wiped.

Also does anyone know how I can create a recovery usb and how I use it if I need it.

I have an updated Lenovo yoga 500 that was updated from win 8 to win 10 please help.
 
Sort by date Sort by votes
No, you can only Jailbreak up to iOS 11.1.2 at the moment, and if you restored, that means you're on a later version. I recommend you root the Android device using something such as KingRoot, or if you feel safe doing it and your device is supported, flash a custom recovery menu and root it, then use an application such as this to delete the files(because you will be the "root" user with this app and have all permissions)

libcrypto is a library for SSL, so I wouldn't be too worried about that file in general, but those being dumped is very suspicious. Where are these files dumped to? (What is the path)
 
Upvote 0 Downvote
The lib files seem to vary from device to device there is one called boringSSL another one libxml2 liboauth2 I think they are messing with the certificates on my devices and cracking passwords by tricking the phone into thinking it’s making an https connect but it’s http because when I’ve run a http sniffer before I reach the website I want I’m getting redirected and also I’ve put into my chrome browser Link Removed or whatever the site is and it’s got stuff about token data when they were last Downloaded. There’s like a table of things that are to be synced and it includes my credit card data which has been stored and I can’t get off I’ve reported it to the police now but they aren’t quick to react. They are taking forever. There was mention of them moving. But it won’t matter if they have that direct connection because I’ve noticed when I do a port scan over my local host when I’m away from home there is an open port named stun p1 when I’ve googled it. It’s to do with a Cisco tunnel. And that happens on mobile data and any other Wifi other than mine. If you do a port scan over my broadband ip I’ve got 80 http 139 netbios 443 smb over ip Microsoft ds 445 https 8080 sun answerbook gnu something and 10000 Amanda back up utility. These ports were not opened by me and were opened before I connected my laptop. I’m wondering does this mean they have a pc connected directly to my internet constantly. When you do a scan over my public ip (which is meant to be dynamic) but never changes I get port 7 echo port 21 22 and another port with pptp open for it there is more but can’t remember off the top of my head.
 
Upvote 0 Downvote
Oh yeah and for my streaming devices like chrome cast and fire stick they have set open ports that say apache jserv 3 I think it is have no idea what that means either if I posted something do you think you could try to make sense of it because I think they’ve routed my ipv4 and ipv6 to make it static
 
Upvote 0 Downvote
Should my net mask be 0.0.0.0


Interfaces:
dummy0
MAC: a2:4e:97:92:87:e9
sit0
p2p0
MAC: d6:0b:1a:5e:0f:74
lo
IPv6: ::1
IPv4: 127.0.0.1
rmnet_usb0
MAC: a2:4c:70:ae:34:fe
wlan0
IPv6: fdaa:bbcc:ddee:0:6897:ff42:1f05:e3c3
IPv6: 2a00:23c4:4f0f:a200:6897:ff42:1f05:e3c3
IPv6: 2a00:23c4:4f0f:a200:d60b:1aff:fe5e:f74
IPv6: fe80::d60b:1aff:fe5e:f74
IPv6: fdaa:bbcc:ddee:0:d60b:1aff:fe5e:f74
IPv4: 192.168.1.68
MAC: d4:0b:1a:5e:0f:74
Bytes: 90,609 IN, 21,450 OUT
Packets: 163 IN, 215 OUT
rev_rmnet0
MAC: ce:ff:22:0b:02:ae
rev_rmnet1
MAC: fa:54:aa:ee:f9:47
rev_rmnet6
MAC: 06:1f:05:28:38:6e
rev_rmnet5
MAC: ce:a1:eb:f5:32:72
rev_rmnet7
MAC: d6:ba:ad:44:3d:99
rev_rmnet3
MAC: ca:a5:b8:fc:03:3d
rev_rmnet2
MAC: e6:09:ee:80:a1:5f
rev_rmnet4
MAC: 2a:96:f2:26:e3:65
rev_rmnet8
MAC: 0a:c5:be:1c:de:b0
rmnet0
rmnet1
rmnet6
rmnet5
rmnet7
rmnet3
rmnet2
rmnet4

Ipv4 Routes:
192.168.0.0/255.255.0.0 dev wlan0
192.168.1.254/255.255.255.255 dev wlan0
default via 192.168.1.254 dev wlan0

IPv6 Routes:
2a00:1450:4009:809::200a/128 via fe80::42c7:29ff:fe17:7c25 dev wlan0
2a00:1450:4009:80a::2004/128 via fe80::42c7:29ff:fe17:7c25 dev wlan0
2a00:1450:4009:80a::200e/128 via fe80::42c7:29ff:fe17:7c25 dev wlan0
2a00:1450:4009:80c::200a/128 via fe80::42c7:29ff:fe17:7c25 dev wlan0
2a00:1450:400c:c09::bc/128 via fe80::42c7:29ff:fe17:7c25 dev wlan0
2a00:1450:4010:c0d::bc/128 via fe80::42c7:29ff:fe17:7c25 dev wlan0
2a00:23c4:4f0f:a200:6897:ff42:1f05:e3c3/128 dev lo
2a00:23c4:4f0f:a200::/64 dev wlan0
2a00:23c4:4f0f:a200:d60b:1aff:fe5e:f74/128 dev lo
::1/128 dev lo
default dev lo
default via fe80::42c7:29ff:fe17:7c25 dev wlan0
fdaa:bbcc:ddee:0:6897:ff42:1f05:e3c3/128 dev lo
fdaa:bbcc:ddee:0:d60b:1aff:fe5e:f74/128 dev lo
fdaa:bbcc:ddee::/64 dev wlan0
fe80::/64 dev wlan0
fe80::d60b:1aff:fe5e:f74/128 dev lo
ff00::/8 dev wlan0
ff02::1/128 dev wlan0
ff02::1:ff05:e3c3/128 dev wlan0

Wifi connection:
AP(BSSID): 40:c7:29:17:7c:28
Name(SSID): "BTHub6-MX3S"
Signal(Rssi): -70
IP: 192.168.1.68
Netmask: 0.0.0.0
Gateway: 192.168.1.254
Dns1: 8.8.8.8
Dns2: 0.0.0.0
Dhcp Server: 0.0.0.0
Lease duration: 0s

Sockets Information:
sockets: used 211
TCP: inuse 0 orphan 0 tw 2 alloc 1 mem 1
UDP: inuse 0 mem 0
UDPLITE: inuse 0
RAW: inuse 0
FRAG: inuse 0 memory 0
 
Upvote 0 Downvote



May be he has your mac address
that why he always know your wifi password
U can reset your router and enable to mac binding
and allocate your IP address
change your ssid and change your security on wp2 encrryption
then u can protect your pc as well wifi data
 
Upvote 0 Downvote
When I factory reset the router the last time it was showing 2 WiFi’s with the same name and on was wep key and one was wpa2 I got the screen shots on my iPhone but when I connect it’s saying I got wpa 2. Unfortunately my Bt home hub doesn’t allow for all that I don’t have a separate router. I’m scared to go out and pay over 100 pound for one. And for them to damage it by flashing it with a Linux based kernel which is what they seem to be doing with all my devices
 
Upvote 0 Downvote

If I make a list of some of the lib’s could you give me an idea of what they are for / doing to my device because they also flashed my PS4 and I would like to know what’s going on with that as well
 
Upvote 0 Downvote
blackmagicislam said:
Buddy, you can make your mac binding on your router
and relieve this problems
Click to expand...
If there are open ports on the router going to the Internet, MAC address filtering will not prevent wide area network attacks. Although it does sound like someone is directly accessing LAN traffic. Either way, if the router is compromised, MAC address filtering is useless since someone can just turn it off. Hey, do we know for sure this is real hacking? Who are your neighbors, members of the CIA or something? If the router has been hacked, file a police report and tell them to knock it off. Maybe you can get them on damage to property, unauthorized access of a computer system or network, etc. Maybe you could reflash the router and harden the password, but how did they get in originally? If they used WIFI, most routers will reject requests to access the gateway/admin console, by default, from WiFi. Also, maybe you should just buy a new router :/
 
Upvote 0 Downvote
iOftheStorm said:
Should my net mask be 0.0.0.0
Click to expand...
No. There is a long explanation for this, but lets not get into it. Either way, that is not a "real" IP address. It literally means the range of IP addresses you can use on your network is nothing. You would want it, in most instances, to be 255.255.255.0.
 
Upvote 0 Downvote
It's a cell phone, they do support IPv6. The Ipv6 address that start with FF or FE are local addresses. The ones that start with 2 are resolvable over the internet. I believe those 2a00... are all google addresses
 
Upvote 0 Downvote

I’ve done all you’ve said bin the past and they are quick enough to run to the police. They don’t leave the house honest. So they just have time on their hands I reckon. Yup they have lan access I can’t tell you that for a fact as I’m seeing spoofed Mac addresses on my technical logs on the router. If I go out and buy another router how do I know they won’t pentest that one and get through.
 
Upvote 0 Downvote

But 0.0.0.0 is show as key mask
 
Upvote 0 Downvote
The subnet mask typically comes as an option from the dhcp server and since you have no dhcp server listed (also 0.0.0.0) you wouldn't get the mask
 
Upvote 0 Downvote
You must log in or register to reply here.