http://%2A:2869/upnp/eventing/ along with security warning upnp has impersonated and logged in as svchostThe application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user GT-ZRBUMBEE\shado SID (S-1-5-21-1422898446-3898395416-3154244632-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. and from here my device is accessed and attack began. Removed URL (http://*:2869/upnp/eventing/) from URL group (0xFE00000020000002). Process Id 0xE08 Executable path \Device\HarddiskVolume4\Windows\System32\svchost.exe, User LOCAL SERVICE and were connecting to me through my under age daughters tv which I guess is android possibly but no doubt google apps and Google is there preferred method and this Hacker is the same individual over and over How or can track stop make stop or do anything about it has been long overdue and ongoing over a year or more. I am asking what I can do about this and how to track them besides the authorities efforts to catch child predators I would rely on something more effective if available. Our Local state and federal authorities have been notified but busy busy busy they are so any actual direction ,help, anythinf would be appreciated.
<PII removed>
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 53%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWW%3C/text%3E%3C/svg%3E)
