tracking intruder
-
When I came back from my holidays, I found someone used my computer (Windows NT) and besides others, installed there 'something'. There were remains of InstallShield (_delis43.ini, Zdata51.dll, _ins5176._mp) in a TEMP directory. My question is how can I find out what activities were performed on my computer. Will you give me a hint where and how I should look for them. Regards, Martin
-
When I came back from my holidays, I found someone used my computer (Windows NT) and besides others, installed there 'something'. There were remains of InstallShield (_delis43.ini, Zdata51.dll, _ins5176._mp) in a TEMP directory. My question is how can I find out what activities were performed on my computer. Will you give me a hint where and how I should look for them. Regards, Martin
look at the browser's history and list all files accessed/modified on a specific date range. If you have XP/Me you can look at System Restore's snapshots too. Q261186 - Computer Randomly Plays Classical Music
-
When I came back from my holidays, I found someone used my computer (Windows NT) and besides others, installed there 'something'. There were remains of InstallShield (_delis43.ini, Zdata51.dll, _ins5176._mp) in a TEMP directory. My question is how can I find out what activities were performed on my computer. Will you give me a hint where and how I should look for them. Regards, Martin
Do a search for *.log on your system. Most installers leave an audit trail behind them. I've been playing with this myself today, and discovered quite a few attempts to hack into my system. None succeeded, and all returned 550 and 404 errors, but I'm planning to send each and every one of my admirers a personalized copy of BackOrifice as soon as I can get around to it.:-D "Another day done; all targets met; all systems fully operational; all customers satisfied; all staff keen and well motivated; all pigs fed and ready to fly." - Jennie Agard, McGuckin Hardware Systems Manager
-
When I came back from my holidays, I found someone used my computer (Windows NT) and besides others, installed there 'something'. There were remains of InstallShield (_delis43.ini, Zdata51.dll, _ins5176._mp) in a TEMP directory. My question is how can I find out what activities were performed on my computer. Will you give me a hint where and how I should look for them. Regards, Martin
Download Zonealarm from Zone Alarm[^] if you think this intrusion was via the internet. It's a brilliant software firewall, and what's more, it's free. :-D
I've always heard that there was an idea behind Win ME... I still can't figure out what that was... anyboy know??? I;ve herad the idea was that it was supposed to be n operating system but I doubt this. - Brian Delahunty
-
Download Zonealarm from Zone Alarm[^] if you think this intrusion was via the internet. It's a brilliant software firewall, and what's more, it's free. :-D
I've always heard that there was an idea behind Win ME... I still can't figure out what that was... anyboy know??? I;ve herad the idea was that it was supposed to be n operating system but I doubt this. - Brian Delahunty
Buy the Pro version, Megan - it's cheap, and so much nicer! "Another day done; all targets met; all systems fully operational; all customers satisfied; all staff keen and well motivated; all pigs fed and ready to fly." - Jennie Agard, McGuckin Hardware Systems Manager