xp pro remote assistance problems

[Chris Cowles]

I use Remote Assistance to help resolve problems on my Mom's computer. We
both have XP Pro SP2, fully patched. Fast user switching is enabled on her
computer. Her primary account is limited.

Sometimes, when she turns off the computer, she gets a pop-up that says
another user is connected. I know that message appears if you fast-switch
from another account, but she sees it even if she turned on the computer
from a cold start and never logged into the administrator account.

This makes me suspicious about someone having logged in with remote desktop.
She's on a DSL line and had some viruses and malware at one point. I did not
do a full rebuild but spybot and norton didn't find anything after the
initial discovery was cleaned up.

I assume anyone logging into RD would have to have a password, would they
not? Or can guest somehow log in? To address the possibility of someone
having the admin password, we just changed it. I can't disable terminal
services because remote assistance would then be disabled, as well.

I have a static IP address on my computer. I can configure windows firewall
to use certain programs only from a specified ip addresses. If I can do that
with the programs that run terminal services, I could be confident nobody
but me can connect. Can I do that? If so, how?

It may or may not be related but, every time we attempt to use RA and I
connect, she gets a pop-up that says remote assistance failed. Then
everything proceeds normally. She has to dismiss the message box but after
doing so everything works fine.

All sincere suggestions are appreciate.

Thanks in advance.

 

[Mark L. Ferguson]

First thing to check is the 'sessions'. Have her go to start/run, and type FSMGMT.MSC. The Sessions folder shows all connections (if
found, the menu does a "disconnect all sessions")

The password protection should be enough to stop other users, and permit you to connect.

The RA failure is probably due to the use of a NAT somewhere in the connection. (A router, hub, etc.) An email invite can be
slightly hacked to allow the connect, if so.


..

 

[Chris Cowles]

Thanks for the response.

I'll have her try fsmgmt.msc if she see it again, but I just tried it on my
computer with a limited account and was denied access. The account from
which she sees the message is her limited account. Without getting into
gpedit, can I make fsmgmt available to limited users?

The RA failure actually occurs at two points: one when she initially
attempts to create an invitation, and another when I am successful
connecting and waiting for her acknowledgement. We had some initial problems
with NAT on both ends but for some reason MSN Messenger now works when
inviting a contact to help. We'll use that in the future, but the one-time
error still happens when she grants control.

 

[Mark L. Ferguson]

-see the help entry on 'runas' for fsmgmt.


..

 

[Chris Cowles]

Forgot about that. That'll work.