SBS 2011 restricting access to the server


We've recently taken over IT support for a small company, which runs a SBS 2011 server, the previous IT provider has not taken this well.

There were a couple of remote access/monitoring programs which had been installed;

Remote Utilities Host
VNC Free

These have all been removed and the server has been restarted.

There were also two administrator accounts, which were in use, which I have changed the password for both. The built-in administrator account was also active, which again I have changed the password for.  

I've removed access to the RDP port , RWW, and the only open ports are port 25, and also HTTPS (443). The router is a draytek router.

The previous IT support, is still claiming that they have access to the server, and also that it is reporting status to them. However, I've been through the entire program list and can see nothing there (despite sending screenshots of the program list, apparently I'm stupid to not be able to see the program which should 'have been removed').

I'm concerned that despite all the precautions taken, that it is still possible for remote access to be occurring in some way (the other party has sent a screenshot to prove this - although this could be an old screenshot)  - so will go through the user PC's to make sure that there is no remote access there.

My questions is two-fold;

1) I've attached screenshots of the entire program list and the scheduled task list, can you see anything which could be reporting back?

2) How can I be sure that remote access to the server is not possible?

Any advice on how to secure this further would be gratefully received, as the 3rd party is casting aspersions and I want to make sure that we've covered all bases here.

Thanks a lot.

Program File List 1Program File List 2Program File List 3Scheduled Task List
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Harper McDonaldCommented:
Remove TeamViewer or change the code if it is active.  There will be a blue box on the task bar that if you hoover over it will display some numbers.  If you have that installed they probably have the unattended access feature enabled.  Also, are you running any VPN on your router?
foxpc123Author Commented:
Hi there thanks for the fast response, I should have said, that the Teamviewer is our remote access!!

There is no VPN.

Whilst I've been going through this again, I can see that there is a program in the Program Files list called 'Simple Help' which doesn't appear in the add/remove program list.

I'm just looking at this now, and can see that this appears to allow remote access connections, so am going to uninstall this as well.
Harper McDonaldCommented:
Yes, I would remove both of those :)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
foxpc123Author Commented:
This has now been removed and can see that this has also removed a service called 'Remote Access Service', I'd obviously made a mistake there as I thought that was part of the 'remote access services' installed along with SBS 2011.

However, I can see now that this is part of the PC Monitor/Simple Help software, which obviously doesn't get removed when the PC Monitor software is removed as well.

Lesson to self, hide all Microsoft services and then go through the list in msconfig, finally gave this one away!!

Thanks a lot for your help - feel better now, thought was going mad for a moment!
Harper McDonaldCommented:
LOL no problem!  Have a good one :)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.