Highjacked computer

Question

Creator

Topic
March 1, 2007 at 7:51 pm #2268430

Highjacked computer

Locked

by gcarson · about 16 years, 3 months ago

I’m pretty sure that my lap top computer has had some type of program physically installed on it that runs in the back ground. I have stumbled across files that are manipulating my computer. I think there is some kind of Microsoft snap in that is able to run services and processes in the back ground. This computer is my personal computer and the only programs it should contain are ones that I have installed. I have come across files and folders that tell me I don’t have permission to access or access is denied. When I go into security settings, there are users like “TrustedInstaller”, and other names that have special permision rights. I’m trying to figure out a couple of things. #1 who put it on my system, I believe it is someone I know with an axe to grind, #2 how to get rid of and keep it from happening again and if all else fails #3 formatting my hard drive and starting over. Does anyone have a possible solution. I also believe it is sending information out via something called rasphone.pbk and Geospatial Portal Initiatives along with Metadata. If I can track where the mail is going I might figure out who it is. Help Please

This conversation is currently closed to new comments.
Creator

Topic

All Answers

Author

Replies
- March 1, 2007 at 7:51 pm #2536867
  
  Clarifications
  
  by gcarson · about 16 years, 3 months ago
  
  In reply to Highjacked computer
  
  Clarifications
- March 2, 2007 at 1:24 am #2536822
  
  more specifics needed
  
  by bhatnagar_nitin9 · about 16 years, 3 months ago
  
  In reply to Highjacked computer
  
  Are you using some kind of remote access on your notebook or somebody else is accessing your data remotely?
  The Rasphone.pbk is basically a remote access phonebook file and Geospatial Portal Initiatives are services in the OpenGIS field. These clearly shows that either you or someone else is using your data remotely.
  Check this article :
  http://support.microsoft.com/kb/284269
  
  If this case is not intentional and you need to remove this, then quickly disconnect your notebook from the network first. Then try to stop these services by going into Run->services.msc.
  Infact, disable these services so that they can not be started on next reboot.
  As a next step, do a complete spyware/virusscan. Finally, on next reboot, remove the “TrustedInstaller” user from the user profiles.
Author

Replies

Viewing 1 reply thread

Start or Search

Start New Discussion

Cybersecurity demands and the stakes of failing to properly secure systems and networks are high. While every organization’s specific security needs form a unique and complex blend of interconnected requirements, numerous security fundamentals almost always apply to each of these groups. It stands to reason that cybersecurity pros who effectively identify network and systems risks ...

In this guide from TechRepublic Premium we’re going to explore the various things you can do with a Linux server. We won’t leave out any steps, so you won’t have to refer to another tutorial to complete the process. The only step we will leave out is the installation of Linux, as we’ll assume you ...

If you want to deploy applications into a Kubernetes cluster, be warned — it’s not the easiest task. There are a lot of moving pieces that go into these scalable containers. Don’t you wish you had a complete roadmap, from start to finish, to walk you through the process of deploying the Kubernetes cluster, deploying ...

Hardware

Question

Highjacked computer

All Answers

Clarifications

more specifics needed

Checklist: Network and systems security

How to host multiple websites on Linux with Apache

How to deploy an application with Kubernetes

Cross-training tool kit