J
JaredJaz
Hi all, i have been struggling for the last two months and im running out of ideas on how to regain my network/pc’s full control. So i’m pretty new to a lot of this so please bare with me if i get some things incorrect. From what i can tell my network has DNS set up, DHPC enabled. All of my UEFI boot options are gone for each of my computers. Have only been able to boot in legacy.
System reserved always has some existing data in it even if i delete all partitions and format. as soon as I’m done with a fresh install of win10 drivers start auto configuring. Also upon fresh instal device manager shows the below device drivers under system devices:
APCI Fixed Feature button
Composite Bus Enumerator
Direct memory access controller
High precision event timer
Microsoft ACPI-compliant system
Microsoft Hyper-V Virtualization Infrastructure Driver
Microsoft System Management BIOS Driver
Microsoft Virtual Drive Enumerator
Microsoft Windows Management Interface for ACPI
NDIS Virtual Network Adapter Enumerator
Numeric data processor
PCI standard host CPU bridge (x8)
PCI standard ISA bridge
PCI to PCI bridge (x3)
plug and play software device enumerator
programmable interrupt controller
Remote desktop device redirector bus
UMBus Root Bus Enumerator
in regedit my user is listed as the windows server convention
s-1-5-21- 1237831382- 1057207205- 1098550068- 1001
under volatile environment>2
LOGONSERVER REG_SZ \\WIN-LM1EUOS93SF
when i go to “turn windows features on or off” i can disable things for eg. Hyper-V however it gets installed even tho its selected as off.
i also observe virtual ethernet adapters being installed and configured
Some files im not sure about in windows system32 folder
TransformPPSToWlan.xslt
TransformPPSToWlanCredentials.xslt
VmApplicationHealthMonitorProxy.dll
vmdevicehost.dll
vmictimeprovider.dll
Network settings auto configured (with subnet)
IPv4 169.254.25.192/16
IPv6 fe80::5d25:51f3:a8a0:19c0%3/64
DNS fec0:0:0:ffff::1%1, fec0:0:0:ffff::2%1, fec0:0:0:ffff:3%1
VPN is set on by defult
my group or username under security follows the windows server convention - (DESKTOP-AP5HJVM\lele)
admin is the same but with \administrators
under my environment variables>system variables i am unable to edit them.
OS windows_NT
Path has several entries that point at Windows, system32, Wbem, powershell\v1.0
PSModulePath %ProgramFiles%\WindowsPowerShell\Modules;C:\Windows\System32\WindowsPowerShell\v1.0\Modules
i can add rules to windows defender but there is always exceptions added to allow service through them.
I also found this with a networking app, from doing some research it seemed to be the convention for AWS or azure?
ip-10-1-1-1.us-west-2.compute.internal
the longer i leave the systems i loose me and more access to the system.
i have no access to the TPM (legacy boot) i have tried the steps to revoke permissions to the server
i even had my ISP change my public IP. I am at a loss at what to do can some please help me, what do i do to regain control of my network.
Continue reading...
System reserved always has some existing data in it even if i delete all partitions and format. as soon as I’m done with a fresh install of win10 drivers start auto configuring. Also upon fresh instal device manager shows the below device drivers under system devices:
APCI Fixed Feature button
Composite Bus Enumerator
Direct memory access controller
High precision event timer
Microsoft ACPI-compliant system
Microsoft Hyper-V Virtualization Infrastructure Driver
Microsoft System Management BIOS Driver
Microsoft Virtual Drive Enumerator
Microsoft Windows Management Interface for ACPI
NDIS Virtual Network Adapter Enumerator
Numeric data processor
PCI standard host CPU bridge (x8)
PCI standard ISA bridge
PCI to PCI bridge (x3)
plug and play software device enumerator
programmable interrupt controller
Remote desktop device redirector bus
UMBus Root Bus Enumerator
in regedit my user is listed as the windows server convention
s-1-5-21- 1237831382- 1057207205- 1098550068- 1001
under volatile environment>2
LOGONSERVER REG_SZ \\WIN-LM1EUOS93SF
when i go to “turn windows features on or off” i can disable things for eg. Hyper-V however it gets installed even tho its selected as off.
i also observe virtual ethernet adapters being installed and configured
Some files im not sure about in windows system32 folder
TransformPPSToWlan.xslt
TransformPPSToWlanCredentials.xslt
VmApplicationHealthMonitorProxy.dll
vmdevicehost.dll
vmictimeprovider.dll
Network settings auto configured (with subnet)
IPv4 169.254.25.192/16
IPv6 fe80::5d25:51f3:a8a0:19c0%3/64
DNS fec0:0:0:ffff::1%1, fec0:0:0:ffff::2%1, fec0:0:0:ffff:3%1
VPN is set on by defult
my group or username under security follows the windows server convention - (DESKTOP-AP5HJVM\lele)
admin is the same but with \administrators
under my environment variables>system variables i am unable to edit them.
OS windows_NT
Path has several entries that point at Windows, system32, Wbem, powershell\v1.0
PSModulePath %ProgramFiles%\WindowsPowerShell\Modules;C:\Windows\System32\WindowsPowerShell\v1.0\Modules
i can add rules to windows defender but there is always exceptions added to allow service through them.
I also found this with a networking app, from doing some research it seemed to be the convention for AWS or azure?
ip-10-1-1-1.us-west-2.compute.internal
the longer i leave the systems i loose me and more access to the system.
i have no access to the TPM (legacy boot) i have tried the steps to revoke permissions to the server
i even had my ISP change my public IP. I am at a loss at what to do can some please help me, what do i do to regain control of my network.
Continue reading...