My main question is does anyone know how to block incoming requests through bluetooth/wifi at the login screen?
I have been getting hacked this past year.
My router is Wi-Fi 6. I am not getting hacked though the router.
I am getting hacked through bluetooth or wifi-direct.
I have a windows 11 home single language operating system.
I am being hacked through fileless malware and using dcom and wmi scripts to access my machine.
E.g. WinHttpAutoProxySvc is disabled in services, but it still says running. If I logoff and login, Services.msc still says disabled but the WinHttpAutoProxySvc is running.
The service stop button is disabled - this means that I cannot stop it manually anymore.
I cannot use: sc stop WinHttpAutoProxySvc - It gives me an access denied message.
In the past I was able to stop the service manually and now I can only disable it - not that it helps because the service still runs.
Windows defender and microsoft updates are updated to the latest version.
I have bitdefender as an antivirus solution - but because this is a home pc, the fileless malware and the default settings of windows - Malware is received during the installation of the pc.
After the script runs I manually update gpedit.msc and disable remote shell and windows remote management.
The hackers usually turn off my internet by deleting my network adapter.
When I run the script attached - it stops the hacking only for a little while
until the the pc restarts or logs off to the login screen.
If it logs off - then HKEY_LOCAL_MACHINE\Schema appears and my internet access is blocked.
I set my pc to never sleep.
Some how my pc logs off. the time it takes to log off changes.
It can take 1 minute, i.e. every minute it attempts to log off
or anything between that minute and 3 hours, i.e. every 3 hours it attempts to log off.
Sometimes my pc just restarts, I have no way of stopping the restart - If my pc restarts like this:
-My internet access is removed and my task bar is disabled.
-I cannot right click on any icon.
-The search bar on the taskbar does not accept any characters.
-I cannot click on the start button or the widgets button.
-The entire right side is hidden:
--No language icon
--No Network, Sound or battery icon
--No Date Time.
This forces me to reset my device.
My script seems to be working - but I noticed that they require my pc to go to the login screen and this is when they hack me.
Does anyone know how to block incoming requests through bluetooth/wifi at the login screen?
The attacks get less when I delete all subkeys in the registry: HKEY_LOCAL_MACHINE\Schema
the subkeys are wcm://
and I then set all the permissions to read only for this Schema registry key.
Please see my script that I am using below.
I Download Windows Media Creation Tool from
Direct Link - https://go.microsoft.com/fwlink/?linkid=2156295
The script can be found here -> https://justpaste.it/aa5hf
Thanks for your time