none
WNS Apps & unauthorized remote DISM access to my computer RRS feed

  • Frage

  • This file (CDPGlobalSettings.cdp) is stored in the Connected Devices Platform folder on my Windows 10 machine and appears to be a customized, developed UWP app which was remotely deployed to my machine, without my permission. I know this is not the only WNS app remotely deployed via DISM to my machine.  I need the remote DISM access to my machine disabled, also looking for help with that here, along with this set of notifications being sent to Azure from my machine in the Connected Devices Platform folder. This is an ongoing problem i am having here for a very, very long time. I m trying to be vague in the hopes i am not flagged here and can get help with this issue for my Windows 10 machine.  

    I have removed my activityStoreId and the VirtualDeviceId from the text below for security reasons. I have turned all of the true settings to false (below), hoping that would break the connection and desperately trying not to break Windows. Can someone point me in the right direction?

    I have the right to control my own machine and I am also requesting i get help with the unauthorized remote access to my Windows 10 computer. I have bought many computers to replace the hacked ones and every computer gets hacked in this exact same manner, no matter what i do. Looking over this file and studying the logs, i now see how all of my online activity is being monitored, illegally. I do not have control of my own computers in this way. 

    If am buying Microsoft products, Microsoft can help me. You do not want to know how many computers i have replaced due to this ongoing remote hacking issue. I have also posted in the Technet forum multiple times with no luck. I very much appreciate the help, if someone can help me. I will provide my phone number or whatever, literally anything to get help with this issue, maybe someone would consider calling me and walking me through the steps in a private way. The last time i posted here about the remote DISM access to my machine, which was a different Windows 10 computer, I was told to take my computer to a local repair shop and then i was blocked by multiple Microsoft Moderators. The Microsoft Moderators block my requests for help here on this forum constantly. This is obviously, the reason i cannot get help with this DISM remote hack. This has happened to me multiple times on this forum. If someone could please reach out to me and help me solve this problem once and for all. I would really appreciate it. 

    {
       "AFSEnvironment" : 0,
       "AFSUrl" : "https://activity.windows.com",
       "AccountSettings" : [],
       "ActivityStoreInfo" : [
          {
             "active" : false,
             "activityStoreId" : "**",
             "stableUserId" : "2cefe788f9892061"
          }
       ],
       "AfcDefaultUser" : "undefined",
       "AfcPrivacySettings" : {
          "ActivityFeed" : 0,
          "CloudSync" : 0,
          "PublishUserActivity" : 0,
          "UploadUserActivity" : 0
       },
       "AfsConnectivityEnabled" : false,
       "AfsPostInitializeSyncWaitMs" : 10000,
       "AfsSyncFrequencyMs" : 86400000,
       "Authentication.Environment" : 0,
       "BluetoothTransportEnabled" : false,
       "BluetoothTransportHostingAllowed" : false,
       "CcsApiVersion" : "/api/v1",
       "CcsDefaultServerName" : "romeccs.microsoft.com",
       "CcsPollingEnabled" : false,
       "CcsPollingInterval" : 0,
       "CcsSeenRequestIds" : [],
       "CcsSeenRequestIdsLastUpdatedTime" : "0000-00-00T00:00:00.000",
       "Cloud.SessionIdleTimeoutIntervalSecs" : 3600,
       "CloudDataGroupPolicyActivitiyPolicies" : [
          {
             "BlockedOperationFlags" : 0,
             "Scope" : {
                "PermisionScope" : "",
                "Type" : 11
             },
             "Source" : 1
          },
          {
             "BlockedOperationFlags" : 0,
             "Scope" : {
                "PermisionScope" : "Microsoft.Credentials",
                "Type" : 11
             },
             "Source" : 1
          },
          {
             "BlockedOperationFlags" : 0,
             "Scope" : {
                "PermisionScope" : "Microsoft.Personalization",
                "Type" : 11
             },
             "Source" : 1
          },
          {
             "BlockedOperationFlags" : 0,
             "Scope" : {
                "PermisionScope" : "",
                "Type" : 12
             },
             "Source" : 1
          },
          {
             "BlockedOperationFlags" : 0,
             "Scope" : {
                "PermisionScope" : "Microsoft.Credentials",
                "Type" : 12
             },
             "Source" : 1
          },
          {
             "BlockedOperationFlags" : 0,
             "Scope" : {
                "PermisionScope" : "Microsoft.Personalization",
                "Type" : 12
             },
             "Source" : 1
          }
       ],
       "CloudDataMDMActivitiyPolicies" : [
          {
             "BlockedOperationFlags" : 0,
             "Scope" : {
                "PermisionScope" : "",
                "Type" : 11
             },
             "Source" : 2
          },
          {
             "BlockedOperationFlags" : 0,
             "Scope" : {
                "PermisionScope" : "",
                "Type" : 12
             },
             "Source" : 2
          }
       ],
       "CloudTransportEnabled" : false,
       "CloudTransportHostingAllowed" : false,
       "CustomAuthClsid" : "",
       "DdsAadRegisterUrl" : "",
       "DdsAadSyncUrl" : "",
       "DdsMsaRegisterUrl" : "",
       "DdsMsaSyncUrl" : "",
       "DdsRegistrationEnabled" : false,
       "FastPathEnabled" : false,
       "FlowControl.AckSendInterval" : 100,
       "FormatVersion" : 33,
       "InboundMessageThreadPoolCount" : 4,
       "LargePayload.ExtendedTimeoutSecs" : 180,
       "LargePayload.ThresholdBytes" : 65536,
       "LatestCdpUsedTime" : "0000-00-00T00:00:00.000",
       "LatestFixAccountToastTime" : {
          "0003BFFD16B9C5F6" : "2020-06-09T09:12:26.580"
       },
       "LowestRssiAllowedForBleDiscovery" : -75,
       "MaximumConcurrentBluetoothSends" : 5,
       "MaximumSocketBuffers" : 32,
       "MaximumUnreliableMessageQueueSize" : 100,
       "Metrics.iKey" : "A-Rome",
       "OutboundMessageThreadPoolCount" : 1,
       "POBoxes" : [
          {
             "alternateId" : "cortana.xdevice",
             "name" : "ShareFileBinaryHost",
             "packageId" : "cortana.xdevice",
             "type" : "binary"
          },
          {
             "alternateId" : "cortana.xdevice",
             "name" : "NotificationActionBinaryHost",
             "packageId" : "cortana.xdevice",
             "type" : "binary"
          }
       ],
       "ProtocolLiveTraceEnabled" : false,
       "ProtocolLiveTraceServer" : "",
       "ProtocolVersionBrokerEnabled" : false,
       "TcpTransportEnabled" : false,
       "TcpTransportHostingAllowed" : false,
       "TcpTransportUpgradeRequired" : false,
       "TraceLog.EnabledHandlerTypes" : 66,
       "TraceLog.Level" : 3,
       "UdpTransportEnabled" : false,
       "UdpTransportHostingAllowed" : false,
       "VirtualDeviceId" : "**",
       "WifiDirectTransportEnabled" : false,
       "WifiDirectTransportHostingAllowed" : false
    }

    Mittwoch, 10. Juni 2020 18:52

Alle Antworten

  • This forum is for end-of-life product Virtual Server 2005, it has nothing to do with security or Windows 10.

    Please repost in a relevant forum.

    Mittwoch, 10. Juni 2020 20:46
  • Ahh, let me guess my first Moderator comment. And what would be the most relevant forum, in your opinion? However, please note this really is not a Windows Security issue, nor does either category or subcategory say Virtual Server 2005. Both the main category and the subcategory are "Virtual Server".

    On top of that, i am extremely limited in the categories i can post on due to previous experience on the Technet Forum. Nonetheless, your feedback would be appreciated, if it is true. Moderator or not, please feel free to give me your recommended best choice for the category i should be posting this issue on, unless you really do not care either way. If you are a Moderator in this category and I am in the completely wrong forum, you would have the responsibility to help me find the right forum and get me off of yours, if it is indeed the wrong one. If you are not a Moderator, why would you care? Until then, i think i am fine here for now, especially considering i posted this issue over three hours ago and it has not been deleted, yet. I am ecstatic at the fact my post is still up for multiple reasons. I am just looking for help and just hoping a Microsoft Expert comes across my issue. Literally, as long as the issue is posted someplace on this forum (even the wrong category) this increases the bleak odds i might receive help, among other things.

    The reason i chose these two categories, Virtual Server > Virtual Server, is because Microsoft Experts who possess expertise in Virtual Servers - will a) have expertise in this area and/or b) be able to point me in a specific direction. I am trying to keep this posted (anywhere) for as long as possible, get it seen by as many people as possible, as this will increase any odds i have that a Microsoft Expert will want to help me enough to actually help me. This also increases the possibility of other things i am seeking. 

    Looking for a Microsoft Expert, here. Any Microsoft Expert, there are thousands of them all over this Forum that will literally work. As long as my issue is still posted, the odds of getting help increase dramatically. This is my only goal. Posting my issue anywhere on the Technet Forum is an incredible long shot. It is a long shot that most likely will end up fruitless, simply because the wonderful Microsoft Experts are being advised NOT to help me...as i already know and have experienced multiple times over three years. I am indeed prepared for this. I have seen them try to help me (in the past), as i am a Microsoft customer with Microsoft products...and they were prevented within minutes of my first attempt at posting on this Forum in 2017...

    In 2017, within minutes of my post and an immediate response from a wonderful Microsoft Expert and/or Moderator, i was blocked and could not log back into Microsoft Live for months. I had no idea how or why. I also had four computers and couldn't login on any computer? I literally could not get onto the Microsoft Technet Forum website, nor login with a Live account. This continued for months. I changed computers and changed the source of my internet multiple times during this time. I had no idea how such a thing was even possible, nor why that was occurring and at the time. I seemingly gave up pursuing Microsoft Expert help here, at least for the moment. Giving up on what would normally be an easy fix, or a reasonable, common solution, became the norm for me many times since 2017. Easy fix, reasonable, common expectations did not apply to me since 2017 in more ways than just this issue with my Microsoft computers, and each computer i bought to replace the last. This was through no fault of my own, because i tried literally everything. Can you see what i was thinking? Being out of all other options to get un-hacked, i would replace my computer after trying every single other possible solution. I did that more than 20 times since 2017. Because it was completely impossible for me to get un-hacked....not for lack of trying on my part. I have tried every single possible thing, to not, be continually, ongoing hacked. Having every single thing on my machine controlled by an unknown and remotely monitored. Eventually the hack would destroy my machines, such as disabling the WIFI adapter, as well as other Windows components permanently. No reset or re-install of any OS would fix it, although i tried for years. There was a time that i was wiping the drives of four computers and reinstalling the OS on all four machines, every single day. That was my ritual for months. I could not figure out how after wiping the drive, before i even installed an OS, that the hacker was on the computer. I did not even know who or what the hacker was back then. 

    I am a female, so other females would look at me so puzzled, why would my life be taken over by getting hacked, no matter what degree. This is where myself and other mothers, women differ i am a website developer - this was detrimental to my livelihood and life.  Of course, my intention remained to figure out how to get un-hacked. The good news is now? I am almost there. It took three years, but to my credibility i learned everything i could and determined the source and means of these crimes. 

    The first time i ever posted my issue on the Microsoft Technet Forum in 2017, i watched two Microsoft Experts jump into action on my behalf. It was as if they were online just waiting for people to post their Microsoft issues and their only job was to help whomever with whatever they posted. In 2017, the original post of this same issue, one Microsoft Expert literally replied to my issue within seconds of my post. This Microsoft Expert was answering me as soon as I posted the issue, as in immediately. I posted it, re-read what i wrote, and within seconds a Microsoft Expert was delegating people by name to help me. He was instructing them to help me via comments to me under my own post, instantaneously. He even described what he thought might be occurring based on my tiny, limited knowledge of the insane hacking to my four machines, back then. 

    That was the same issue in 2017, as this is today. I just did not understand the logistics of the hack or how it was even possible anyone could remotely access my four computers. However, I knew it was indeed a fact, because I had four computers in 2017. Therefore i had an enough time experiencing the same issue over and over, on four different machines (machines i knew inside and out and had used, never once experiencing any problem, ever) for me to learn i was being remotely hacked, no matter how impossible it seemed to my limited, ignorant mind. All i knew then, was that the hackers were remotely accessing my Windows machines as well as the machine components of each computer, without the hackers ever having any direct access to the computer itself, not one, but four computers. I literally had no idea how what i knew was true, could even be possible. Impossible or not, it was happening. It was fact. I know now. It is simply a DISM remotely deployed hack where my machine becomes the client (virtual) machine. DISM is how they are able to remotely deploy software to my computer, re-writing my own programs (the computers came installed with) with their programs and completely taking over every aspect of every computer i have owned since 2017. All i could do was connect my computer to WIFI and watch as it happened for THREE years and 20+ computers. This DISM remotely deployed hack is most efficient on a Windows 10 computer, by far. Please note, it is now over 20 computers later, since 2017. I learned in 2017, there are Microsoft Experts standing by waiting for posts like mine, they immediately jump into action. They are standing around on this forum waiting to help people just like me. Just like me, but they are not allowed to help me. I am literally the only person blackballed from the Technet Forum due to the involvement of AON in these crimes. 

    Just hoping for a miracle here.

    I do appreciate your help, either way, though, so thank you. I knew a comment like yours was coming. The most recent attempt at posting this issue "DISM remotely deployed hack" on this Forum was in Nov 2019. I posted it under Deployment Image Servicing and Management (DISM) category. I had a Moderator actually tell me there, i have the wrong forum for my issue titled "DISM Remote Hack". Sure, bud. This same moderator (who i will not name here) I had an ongoing issues with him over the several days. This last post, was like the fifth attempt at posting the issue for several days in a row in November 2019. I had been lied to by multiple random commentators, received a lot of comments, unlike this day in 2020. I was logged out of my Live account and blocked more than once, ridiculed and mocked. This went on for days, eventually a Senior Moderator (whose name shall not be stated here) pretended to answer my issue, manipulated my post as "answered" or "solved" by him giving me a completely BS answer, told me to download updates and closed my issue as "answered". This closed all further comments under my post. He told me, if i was really remotely hacked as i described, obviously, Microsoft updates would solve the issue. I could not even respond to him, his answer was false. Microsoft updates do not install on my DISM remote hack - this i knew from three years experience with this exact issue for which i had troubleshooted this exact issue to death! Like, ugh, if i could just download the updates to my computer - this is why i am posting the DISM remote hack here on the Technet Forum! My issue "solved" and/or "answered", closed and archived. I could not contact him. I could not respond to his false "answer" and the dude knew it, which is why he closed out and archived the issue ensuring i could not comment back. I did email the Microsoft Support and they ignored me. I could not even start another post on the Forum and once again had no choice but to seemingly give up for now. My account was blocked and locked on the Forum, although i could login. It was this event and experience in its entirety that made me realize that Microsoft IP addresses had been an integral part of this ongoing DISM hack and it also made me realize i had proof of this from my website logs from 2018.  Without Microsoft deploying the DISM hack to my machines from Microsoft IP's, this remotely deployed DISM hack would have never been possible. And this revelation was very good news to me. Random hackers, even these hackers responsible for hacking me for three years now could not deploy a remote DISM hack to my computer (any any computer for that matter) on their own. This was a combined effort, not possible under normal circumstances. This remotely deployed hack, only worked because the DISM was deployed from Microsoft! It is very good news to me. This revelation also made me realize Microsoft is liable for my family's damages, including my 20+ Windows machines. Why would Microsoft allow me to continue buying their computers and repeating the same bizarre series of completely illegal events to a consumer of their products? 

    I know there are Microsoft Experts reading this right now, probably hundreds of them who could help me. However, they cannot respond to me at all. I am a Microsoft customer and a Microsoft Consumer. I bought Microsoft computers, then continued to buy their computers and those Microsoft Experts are being prevented from helping me. At the moment there appears there is not much i can do about it, nor can they. It sucks, but i do know they are not to blame for this fact and they are there and could help me if all of this wasn't happening. These crimes themselves cannot not last forever. I remember how hopeless i felt in 2017 when i saw that Microsoft Expert immediately start delegating people to help me, at the same time, i was logged out and blocked from the Technet Forum and could not log into any Live account for months. I could not even access the Live sign-in screen, nor access the Microsoft Technet Forum from any of my four original computers. **Just like to this day, i have been remotely prevented (from my own machines) from accessing the FBI IC3 website. I can access the FBI website and browse all pages of the FBI website, no problems. But IC3 is its own separate server (I would speculate), i cannot click on the IC3 link from the FBI website. I have been prevented from accessing the IC3 website from any of the 20+ computers, as well as the four separate locations (separate internet and WIFI) i have lived since 2017. So to sum up as basic as possible, this remotely deployed DISM hack to each of the 20+ computers i have owned since 2017 - has prevented me from accessing two websites: 1) Microsoft Technet Forum and 2) IC3 of the FBI. (Two websites that provide substantial clues and help me finally crack the code as to how this DISM remotely deployed hack was possible.Also one other irrelevant website, not even worth mentioning here, which is why i am not mentioning it. )

    Coincidence? 

    You wanna know the most ironic part? My late father was a MSDN software developer. He was awesome and i know how awesome Microsoft developers and experts are. These crimes do not minimize this fact. I cannot help, nor change I am and will probably always be a Microsoft consumer. I am a website developer and i cannot imagine using anything and do not want to use anything but Microsoft. Like i said, it is technically not Microsoft's fault (especially the individual Experts i need so desperately) and i will not hold a grudge against them. This issue/ongoing problem actually has nothing to do with Microsoft. I love Microsoft. Microsoft are my computers and i live breath and work from my computers. My life will go back to normal with my Microsoft machines, where i will be able to build websites and blog about everything i want to blog about. At the risk of sounding cocky when i say this, I will ensure this is never allowed to happen to anyone else, ever again, like literally ever. There will be multiple federal laws passed about what has happened to my family. I am not mad at Microsoft at all. My family has lost everything....but we will recover to be stronger and better than ever. In the meantime, I wish the Microsoft Experts reading this were permitted to help me, but i will continue to wait. It may sound stupid, just telling Microsoft here what i have been dying to say, after my ordeal in November 2019, is actually, surprisingly therapeutic.

    The reason the Senior Moderator (not stating this man's name) closed my issue as "solved" or "answered" and archived it, was because i was upsetting the Microsoft Experts who actually wanted to help me. So basically "they" had to shut me up by getting rid of me and what i was describing even in the midst of organized, premeditated, planned, excessive ridicule in comments under my post meant to discourage and embarrass me. At the time was meant to make me look crazy, but apparently failed. Been there, done that, multiple times with my hackers. Did it on Reddit. I have done it a million times in various settings and venue's since 2017. That last attempt failed in November 2019, which is why they had to shut me up, get rid of me, my description of what occurred by closing the issue as "solved" and archived. If you look on this Forum, please notice solved and answered issued are not usually archived the way mine was in Nov 2019. 



    • Bearbeitet Sarah BB26 Donnerstag, 11. Juni 2020 02:21
    Mittwoch, 10. Juni 2020 22:11
  • This is a dead forum for a dead product. 

    No "experts" come here. 

    I am not a moderator.

    Since you're using Windows 10, try one of the Windows 10 forums.

    Freitag, 12. Juni 2020 23:28
  • Hmm, if that is true, how did you find this post, sir?

    Secondly, on the Moderator's end, all unanswered forum posts remain open and visible to the Moderators on a list, even this one. Most likely even the Microsoft Experts can see the open/unanswered posts on this forum, each and every single one of them. Obviously the Microsoft Experts are the Moderators. I just tend to not want be so accusatory of my Experts - therefore disassociate the two from each other. Even though they are one in the same. 

    Which is why you, essjae were notified as soon i posted the issue on June 10, 2020, as you were my first comment.  How did you know i posted in this forum? Because you could see it on the Moderator's end, on the list. This Technet Forum post is still on that list and remains in the "unanswered"/"unsolved" list. 

    Furthermore, when you posted the above last reply to me on June 12, 2020, my account was disabled, blocked and i could not reply to your comment. Gee, sir, i wonder why?

    As far as posting on the Windows 10 forum, if i post there my post will be deleted, but thanks for the comment i could not reply to for two days! This has been extremely helpful, as usual.

    You can just tell me, "Microsoft will not help you Ms. Bucklew", but don't lie to me. It is very unbecoming for the Moderators to "play dumb" in response to myself and my posts. You guys are not dumb and the comments meant to look like you are, are not believable. As soon as I post on this forum, there are specific instructions sent to all Moderators/Experts to the affect of, "Do not help her, or reply to her!" 

    Then like clockwork, all replies/comments are strategically planned with more than one person at Microsoft before the replies are posted to me, here. Just like your two replies to mine above, also the reason your two replies are the only one's in response to mine. As i stated, this post is still lingering in the "Unsolved/Unanswered" list ALL Moderators & Experts can see. Why? Because it is unanswered/unsolved, as there are specific instructions sent out to the Moderators - not to reply to me, in order to actually help me. 

    Lastly, tying to make either myself or the Moderators look dumb by your replies to my post? Further reiterates what I am describing is occurring and it is involving Microsoft. The post on this forum of the CDPGlobalSettings.cdp file (above) copied directly from its (local) location on my computer in its entirety, is evidence that my most recent Windows 10 computer has been remotely accessed using an "unauthorized" DISM deployment and done so on June 9, 2020. The only way to accomplish such as remote hack to my computer? Is via Microsoft. If it was not Microsoft hacking my computer from Microsoft? Well, then i would be able to obtain help for the issue here, in literally any section of the forum. 

    Please note, this particular file of which the contents are posted in the post above, which is one file from the Connected Devices file on my local machine? Is only one of the files remotely deployed to my machine and stored locally on my computer. These files are also being copied to a secure encrypted external drive and will be used as evidence. Again, the above file proves my machine was remotely hacked on June 9, 2020, but it is not the only file to prove this. I get it, you guys are not allowed to help me or assist me. Please do not try to insult my intelligence or pretend this is in any way my fault Experts are not providing me expert assistance here. It literally makes no difference what section of the forum i post my issue in. 

    You can search the entire forum (https://social.technet.microsoft.com/Forums/en-us/) then typing "Virtual Server" in the search box on the left to discover Virtual Server is not a dead forum for a dead product, at all. 

    https://social.technet.microsoft.com/Forums/en-us/home?category=virtualserver&filter=alltypes&searchTerm=WNS%20Apps%20%26%20unauthorized%20remote%20DISM%20access%20to%20my%20computer

    Recent Posts in Virtual Server > Virtual Server
    Remote App/ VDI's and Direct Access Server 2012
    Remote Desktop Access
    Remote Desktop App (Not RMD Connection) and Multiple Monitor
    help with remote desktop web access on sever 2008
    Remotely Accessing DC Event Logs From Powershell
    The remote connection was not made because the name of the remote access server did not resolve
    How To Access a Hyper-V Virtual Machine From A Remote Location

    Reading these other posts from list copied above, proves i was actually 100% correct in posting in this section of the forum. This is precisely my exact issue, which is why i posted it here. Although, the comment from essjae made me second guess myself, not only is Virtual Server not a dead forum for a dead product, at all, this is the correct category for my issue. 

    Thank you Microsoft.




    • Bearbeitet Sarah BB26 Sonntag, 14. Juni 2020 20:29
    Sonntag, 14. Juni 2020 18:21