See what's going on when you are away from your pc using a simple search. ~ Ask The Admin

Saturday, June 07, 2008

See what's going on when you are away from your pc using a simple search.

When the cat's away the mice will play!

Ever get the feeling someone has been messing with your machine while you were away?

Your trusted Anti-virus isn't telling you there is something wrong but you know deep down in your gut something is off- and chances are it is! After all an unprotected windows machine can be infected on the Internet in under 10 seconds now-a-days so if you are missing some patches or have an easy password... Whoa Boy!

This is what The Admin does when he gets that not so secure feeling aka the "I think I have been hacked" panic.

So now you have that not so secure feeling? You can follow these easy steps with no software other than windows search needed.

  1. I open task manager with Control Shift Escape and sort my processes by CPU usage from high to low - I kill what i don't know ( I do know a lot of process names and such but even I don't know every process in the world - if you are unsure Google it! - FYI - Windows will not let you kill system processes.)
  2. Next I open a search box and look for modified files within the last 24 HRS (or however long you were away for!)
  3. Now you have a perimeter to cordon off - your crime scene so to speak. Scrutinize these files as your jump off point.
  4. Open Log files, examine exe files, read text files to make sure they don't contain your personal info in them, new user profiles and directories, funny file or directory names. Hackers like to use names you would think are system processes like winservice.exe or MScontrol.com.

All from a simple search... The power of simplicity. If you need assistance send us screenshots or the file name in question and The Admin will get right back to you!

All of this is CSI like evidence to help you piece together what is going on. If you find files or directories you cant access, large amounts of space are missing from your machine and still don't come across anything using this method re-install your anti-virus software and run a full scan. Still turning up nothing and still paranoid? Install a different antivirual package like Kaspirsky and scan scan scan. If you still turn up nada chances are you are clean!

_TheWhoDidWhatAdmiN_

Posted by Karl L. Gechlik at 1:05 AM  

Subscribe to: Post Comments (Atom)