Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Who and when turned on and used my PC?

Status
Not open for further replies.
Miriam

Miriam

Programmer
Sep 27, 2000
19
0
0
US
I am a user of Windows2000/XP. I have to find out if my computer used without my knowledge. I need to find out when, what time and who (login name) turn on my computer and what applications used. I tried to find info like this in Event Viewer in Administrative Tools, but I am not sure what the messages will tell me about turning on/off.

Thanks,
Miriam
 
Sort by date Sort by votes
If you look under docs & settings folder, that will tell you who has logged onto your computer. Might check the history folder under the user that logged in, might have something.

Might be a start!
 
Upvote 0 Downvote
Thanks, I checked it out. Unfortunately, I don't see any info that my PC was turned on at 9PM and turned off at 10PM last night. But, in Event Viewer I can see the message: "The Event log service was started." at this time. Does it say that my PC was turned on? And how I can find who was it?

Thanks,
Miriam
 
Upvote 0 Downvote
perhaps you can try looking at all files edited during that period using the search function? that may help you learn something Michael Phipps
Technical Business Analyst
Mercy Health Plans
3142148036
 
Upvote 0 Downvote
Under Administrative Tools, Services, System Event Notification. This will monitor who logs in. Unfortunatly, if you dont have certain dependencies started, you won't have a log for past events, but might be a way to catch them in the future.
 
Upvote 0 Downvote
Turn on auditing... at least logon events (failed and succesful); that is the very least you want enabled.. ---
saybibi();
//john
#include <stddiscl.h>
 
Upvote 0 Downvote
The Event Viewer will show the times the Event Log service was stopped and started. In other words when the computer was turned on and turned off.
 
Upvote 0 Downvote
Thanks to everybody.

You gave me very helpful info. Now I can catch when my PC was turned on/off.
But…still don’t know how to catch the user logins.

More details: I have on my PC (WindowsXP) few users with administrator’s rights. I use ‘miriam’ user account, which has admin privileges. I know, someone changed the password for ‘administrator’ when was connected as ‘miriam’. And now he or she uses ‘administrator’ to connect on my PC. I, probably, can change the admin password back, but this scenario can happened again in the near future.
So, now I am looking for HOW TO RESTRICT THE PASSWORD’s CHANGE FOR ANOTHER ACCOUNT, especially for ‘administrator’.
Should be something like ‘only user itself can change the password’.

Thanks in advance,
Miriam.

 
Upvote 0 Downvote
Anyone with admin rights can change the local admin password.
My question for you is, how is this person logging into your PC as &quot;miriam&quot;? Are you in an enviroment where you share passwords with others?
If so, I recommend changing your password and setting up seperate user accounts for anyone authorized to access your PC. Make sure these people keep their passwords private and don't give them admin rights unless they really need it. This will make your PC much more secure.
 
Upvote 0 Downvote
Crisc,

I am not sharing my password with another people. Its simpler story: some of the applications exist only on my PC. So, I gave to use my computer. I was just so naive about people and security.
If it is no option likes ‘only Administrator can change the admin password’ – so, I will follow your recommendations: I will change the passwords for ‘administrator’ and ‘miriam’ and create new one - restricted- for anyone else.

Thank you,
Miriam
:eek:)

 
Upvote 0 Downvote
if you wanna get fancy you could get some spyware... there's one nice one called stealth keyboard interceptor that copies every key pressed and emails it to another location... It's an old hacker tool and any good AV will find it, but it works. there are other keyboard sniffers out there, but you gotta be careful with them.

I've never used one of course....




&quot;I offer this information strictly as a possible solution. My opinion is untested and may not be recommended or legal in all areas. Please consult your network admin prior to installing any software on corporate systems.&quot; Michael Phipps
Technical Business Analyst
Mercy Health Plans
3142148036
 
Upvote 0 Downvote

Wow, it is really scary.

And I feel sure that Norton Antivirus cannot catch the hackers. Am I wrong?
I found many very, very interesting threads on this forum about security and hacking. I will check it for me.

Thank you to everybody,
Miriam

Someone was right: don’t trust the people if you are not prepare for the battle.
And one more:
“Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.&quot; Albert Einstein.
 
Upvote 0 Downvote
Antivirus? No, anti-virus looks for viruses. You'd want something like Black Ice or another firewall, if someone's connecting to your computer and doing this. Jennifer Sigman
Code-borrower extraordinaire
&quot;They call us public servants for a reason...&quot;
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
WIN 10 Pro PC &amp; Adding back to our Network
Replies
1
Views
97
pjw001
pjw001
Flinx
  • Locked
  • Question
the SAGA of trying to get a computer to sleep and wake up on a schedule
Replies
1
Views
252
Flinx
Flinx
spamjim
  • Locked
  • Question
Sanitizing illegal filenames on NTFS volumes
Replies
2
Views
87
spamjim
spamjim
hikermann
  • Locked
  • Question
WordPerfect 12 and Windows 10 Fighting
Replies
1
Views
87
Mike Lewis
Mike Lewis
jjjthird333
  • Locked
  • Question
rename a doamin computer when it is offline?
Replies
3
Views
168
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top