Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft Teredo Tunneling Adapter - Used for Hacking?


  • Please log in to reply
4 replies to this topic

#1 UpandComing

UpandComing

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 19 June 2017 - 12:01 PM

I have suffered extreme targeted hacking by some extremely knowledgable criminals.  

 

It appears that an "Unidentified network" is connecting to my computer.  Also, when I look at "ipconfig /all" it shows that the Microsoft Teredo Tunneling Adapter is connected.  I have attached screen shots of both the unidentified network notice and the ipconfig /all screen.

 

Can anyone please help me?

 

I am receiving an error that due to my browser setting I cannot attach the screenshots.  

 

Can anyone help me with that as well? 


Edited by hamluis, 19 June 2017 - 01:35 PM.
Moved from Introductions to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:10 AM

Posted 19 June 2017 - 02:58 PM

Open a Command prompt and type the following -

 

ipconfig /all > network.txt

 

This will log the results to the text file network.txt, which will be located in your C:\Users\<Your Username> folder.

 

Open the file and copy/paste the text into the thread.

 

Tedero allows IPv6 routing through IPv4.

 

http://www.networkworld.com/article/2228489/microsoft-subnet/configuring-ipv6-routing-through-ipv4-in-a-microsoft-windows-environment.html



#3 UpandComing

UpandComing
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 19 June 2017 - 05:38 PM

Ty I did as you instructed.  Here is the txt file

 

 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : DESKTOP-B8QGAS8
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : attlocal.net
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : F4-8E-38-AC-F4-29
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet 2:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : ExpressVPN Tap Adapter
   Physical Address. . . . . . . . . : 00-FF-C4-1C-6E-67
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::fcdd:8eb:1f6:39f1%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.74.36.158(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.252
   Lease Obtained. . . . . . . . . . : Monday, June 19, 2017 5:28:23 PM
   Lease Expires . . . . . . . . . . : Tuesday, June 19, 2018 5:28:23 PM
   Default Gateway . . . . . . . . . : 
   DHCP Server . . . . . . . . . . . : 10.74.36.157
   DHCPv6 IAID . . . . . . . . . . . : 134283204
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-22-E8-85-F4-8E-38-AC-F4-29
   DNS Servers . . . . . . . . . . . : 10.74.0.1
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Wireless LAN adapter Local Area Connection* 4:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : B2-C0-90-B0-67-91
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : attlocal.net
   Description . . . . . . . . . . . : Dell Wireless 1801 802.11b/g/n
   Physical Address. . . . . . . . . : B0-C0-90-B0-67-91
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:30a:c04b:4690:d5e6:8f19:d9a8:47c(Preferred) 
   Temporary IPv6 Address. . . . . . : 2602:30a:c04b:4690:317d:1a95:c512:ff75(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::d5e6:8f19:d9a8:47c%2(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.96(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, June 19, 2017 2:20:58 PM
   Lease Expires . . . . . . . . . . : Tuesday, June 20, 2017 5:28:18 PM
   Default Gateway . . . . . . . . . : fe80::8661:a0ff:fe1d:f670%2
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 45138064
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-22-E8-85-F4-8E-38-AC-F4-29
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : B0-C0-90-B0-67-92
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 14:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes


#4 UpandComing

UpandComing
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 19 June 2017 - 05:40 PM

jwoods301

 

Can you help me from here?  I hope so!!



#5 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:10 AM

Posted 19 June 2017 - 06:30 PM

Given that this is a snapshot in time, to me it looks normal.

 

What makes you think you've been hacked?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users