 |
|
how do i know if I have a remote monitor on my computer...like maybe someone using wmi remotely?
Posted on: Wed, 01/02/2008 - 4:01am
how do i know if I have a remote monitor on my computer...like maybe someone using wmi remotely?
also, if i do, can they look at stuff when my computer is turned off? Can this be checked? have had some weird stuff showing up on my comp. |
User loginOnline Member Info:Out of 15540 registered users there are currently 21 users and 134 guests online.
New forum topicsRecent comments
|
last seen 43 weeks 6 days ago
here is a tip for windows:
press windows button and the pause key.
press the remote tab (top right tab).
uncheck the box for remote assistance.
no, this doesnt stop all the intruders tactics, but it is helpful.
And yes, even when your computer is turned off people can access your computer.
Heres a tip:
When not using your pc, unplug your data cable/ethernet cables to your computer/modem/router. Unless the nosy people have super-magical powers they cant touch you then.
Im sure someone will chime in with more tips for you.
here is a tip for windows:
press windows button and the pause key.
press the remote tab (top right tab).
uncheck the box for remote assistance.
no, this doesnt stop all the intruders tactics, but it is helpful.
And yes, even when your computer is turned off people can access your computer.
Heres a tip:
When not using your pc, unplug your data cable/ethernet cables to your computer/modem/router. Unless the nosy people have super-magical powers they cant touch you then.
Im sure someone will chime in with more tips for you.
for some reason i find that very funny..so funny i just spit my oj on my computer screen from laughing.....'course it's 6 am and i can't sleep.
Could you paste the security audit error into a post?
There is a little clipboard in the error window, just click that then right click paste into a post.
A shortcut to event viewer is to type eventvwr.msc in the run command.
Also, with very little research done on this by me, you may also want to see if IIS has been started.
Type services.msc in the run command box then look for Internet Information Services. I see no reason why you would need that started so select manual. That may clear your issue.
It may also be virus scan time - to see if a backdoor trojan is opening a port for remote user usage.
Be sure to check Windows updates and perform all updates on Quicktime, Adobe, Java, browser, etc.
In the New Year, may your right hand always be stretched out in friendship, never in want. - Irish toast
Hi, thanks for the reply. I checked for IIS, don't even see it on the Local list. But there are alot of other things running that maybe a concern, maybe not...I'm not sure. But networking, remote access stuff, etc is either running, automatic, or manual. Is that normal? Is there another name for the IIS? I have that list I can paste here, but it is kind of a jumble and super long.
I run a virus scan every day automatically, so that is done.
For pasting the security list, do you mean the event viewer, the security list only? That one is HUGE! Is that okay to post here?
Also, don't know if you read, but this person could have admin access to my comp as they have worked on it before. So might have access that way.
With services click this
Then set this to manual and maybe even try stopping the service.
Then go to event viewer and click this (you can edit out your computer name)
And post the offending messages (errors).
In the New Year, may your right hand always be stretched out in friendship, never in want. - Irish toast
here is a tip for windows:
press windows button and the pause key.
press the remote tab (top right tab).
uncheck the box for remote assistance.
no, this doesnt stop all the intruders tactics, but it is helpful.
And yes, even when your computer is turned off people can access your computer.
Heres a tip:
When not using your pc, unplug your data cable/ethernet cables to your computer/modem/router. Unless the nosy people have super-magical powers they cant touch you then.
Im sure someone will chime in with more tips for you.
Okay, wow, I had this--remote assistance. I unchecked it. The problem is...the person who may be doing this could possibly have administrator privelidges..they used to be our computer set up person. They have worked on our computer/harddrive. :\ How can I tell if they are doing this? is there a record?
Thanks!
Ok, about a log. If your hacker knows what he is doing then he can delete any logs.
I suggest a reinstall of your operating system (when you reformat your harddrive it will also remove any keyloggers, viruses, etc.)
As Hubby on gug has recently posted is that reformating your harddrive shouldnt be your first choice of action in relation to viruses and stuff. But in your case, do it.
----------------------------
here is a link for some more tips on protecting yourself:
timewarnercable.com/centralny/customer/support/prevent.html
Plus you can find more tips here on gug, and on google.
---------------------------
Another addon to my tip for disabling remote assistance:
The XP firewall has an exception in regards to remote assist requests. So to remove the exception (which is there by default). Do this for all of your connections:
click start
click control panel
click network connections
find your connection and right click and choose properties
click on advanced tab
choose exceptions tab and ensure that remote assistance is deselected.
----------------------
And remember, like Ashton said, you have to be really targeted for people to do this crap to you.
edit: btw, before you do a reformat and reinstall your operating system to its original configuration as if it just came out of the box...be sure to first backup your data!!!
While you are reinstalling your os, dont have your internet connection turned on--dont have your cords unplugged to modem, etc.
as soon as you get to the windows screen after installing the os, immediately turn on windows firewall.(some os do this by default but XP sp2 doesnt) Enable windows update if you didnt do that in the reinstall (i am saying all this based on the assumption of using XP)
also turn off file sharing. undo remote assistance like i mentioned and the other step i mentioned about remote assistance.
create a restore point (start, all programs, accessories, system tools, system restore. and create a restore point and label it something like "after reinstall and before connecting to the interent)
you will then need to connect to the internet to get the latest windows updates (there are currently 80 of them) and you need to install your virus program such as norten, mcafee, etc.
There are alot more tips you can find. There is almost never enough things you can do to stop those darn hacker crackers.
Also... on that link to TimeWarner that you gave me, it says this: "Disable file and print sharing on your computer Use of the file sharing feature increases the risk that other Internet users could gain access to any of the files on your computer's hard drive."
How do I do this? It doesnt say. I did go on the Firewall security and unchecked the file sharing box. But is there something else I should do with this? Thanks!
im not sure what os you are using so here is a link click here.
google is very helpful
ok thanks ..done.
But i still would like to know about the logs if its not too much trouble. 
Or if I can see where a remote person (with administrator priveleges) has logged on, is there a record? Thanks so much