Question

Locked

Highjacked computer

By gcarson ·
I'm pretty sure that my lap top computer has had some type of program physically installed on it that runs in the back ground. I have stumbled across files that are manipulating my computer. I think there is some kind of Microsoft snap in that is able to run services and processes in the back ground. This computer is my personal computer and the only programs it should contain are ones that I have installed. I have come across files and folders that tell me I don't have permission to access or access is denied. When I go into security settings, there are users like "TrustedInstaller", and other names that have special permision rights. I'm trying to figure out a couple of things. #1 who put it on my system, I believe it is someone I know with an axe to grind, #2 how to get rid of and keep it from happening again and if all else fails #3 formatting my hard drive and starting over. Does anyone have a possible solution. I also believe it is sending information out via something called rasphone.pbk and Geospatial Portal Initiatives along with Metadata. If I can track where the mail is going I might figure out who it is. Help Please

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

more specifics needed

by bhatnagar_nitin In reply to Highjacked computer

Are you using some kind of remote access on your notebook or somebody else is accessing your data remotely?
The Rasphone.pbk is basically a remote access phonebook file and Geospatial Portal Initiatives are services in the OpenGIS field. These clearly shows that either you or someone else is using your data remotely.
Check this article :
http://support.microsoft.com/kb/284269

If this case is not intentional and you need to remove this, then quickly disconnect your notebook from the network first. Then try to stop these services by going into Run->services.msc.
Infact, disable these services so that they can not be started on next reboot.
As a next step, do a complete spyware/virusscan. Finally, on next reboot, remove the "TrustedInstaller" user from the user profiles.

Back to Hardware Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums