Is someone using Remote Assistance on my computerwithout my knowle

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I am a relative novice at understanding computers, so please bear with me.
I will greatly appreciate any insight you can give me.

I have reason to believe that a hacker may have interfered with my computer
and transferred files from it without my knowledge. This person could
have been in my house and changed settings on my computer. He has
threatened me that he knows everything about me for the several years and
plans to use it against me.

I use Windows XP Professional 2002.

Remote Assistance has appeared on my Start screen without my doing anything
to put it there.

When I right click on Remote Assistance from the Start screen, I get various
options, including:

"Add to "rcimbly.rar"
Compress to "rcimbly.rar" and e-mail
WinZip
Add to rcimbly.zip
Add to recently used Zip file
1D:\Program Files\mrplatis2005.zip
Zip and E-mail rcimbly.zip

i do not know who or what rcimbly.rar is, or what mrplatis2005.zip is.
Are these normal Remote Assistance options, or is this unusual? I tried
googling rcimbly.rar, but nothing showed up. How do I find out what this
website is?

How do I check if my computer is being accessed in a hidden manner, and
files sent out?
 
He has threatened me that he knows everything about me for the several years and
plans to use it against me.
Click to expand...

Stop there, forget about your computer, call the Police.
 
I have retained an attorney and filed police reports about specific incidents
related to this. However, I do not have enough knowledge of what these
entries on my Remote Assistance program mean to even know if they are a
normal part of the program, or something unusual and troubling. Boss Hog,
what is your take on this? Is this just a normal part of the Remote
Assistance program, and if not, what does it mean?

Thanks for your interest and attention to this.
Silversmith
 
Turn off or disable the following items. You do not need any of it running.

Open System Properties...
Click Start | Click Run | Type: sysdm.cpl | Click OK |
Click Remote tab | Uncheck: Allow Remote Assistance... and
Allow users to connect... | Click Apply | Click OK

Open Services...
Click Start | Click Run | Type: services.msc | Click OK |
Scroll down to and double click Remote Access Auto Connection Manager |
If running, click the Stop button | Set to Disabled under Startup type |
Click Apply | Click OK | Double click Remote Access Connection Manager |
If running, click the Stop button | Set to Disabled under Startup type |
Click Apply | Click OK |Double click Remote Desktop Help Session Manager |
If running, click the Stop button | Set to Disabled under Startup type |
Click Apply | Click OK |Double click Remote Registry |
If running, click the Stop button | Set to Disabled under Startup type |
Click Apply | Click OK | Close Services

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In
 
If you are trying to prosecute you should not touch your computer and
immediately find someone that is a specialist [ask your lawyer or police and
this will not be cheap] at such situations to preserve the state of your
computer and preserve the "chain if custody". Typically such a specialist
will dump reports of running processes, port usage, services, applications,
open files, connections, registry, file history, etc and then make a clone
or two of your hard drive.

If you are not prosecuting or do not plan on using the computer as evidence
[not wise if you are prosecuting] or have already altered the state of your
computer I would have the operating system reinstalled to a formatted hard
drive, hardened, and the network secured with a firewall to have a clean
start. Of course you should backup your data and configuration to have for
the new install and all backed up data should be scanned for malware before
restoring to your computer. --- Steve
 
Back
Top