For us, computers are an important part of everyday life, that’s why we don’t skimp Apply ways to keep our team safe, but there is always one factor that fails, and that is ourselves, and carelessness is the cause. Once this happens, anyone can sneak into our computer and have no idea what to do; when we suspect we don’t allow this activity.
In this case, we have a tool on hand that can help us in this situation, and is that we can know what activities the PC has performed in our absenceto know if someone got into our desktop and what activities they did; that’s the basis of this article, on how to conduct an investigation, what we have at hand, let’s see how to complete this investigation.
How do I view activity history on my PC?
To carry out this investigation from the same computer without resorting to an external program, which is unnecessary, we must know that the Windows 10 operating system provides a tool for this, and we need to access the event viewer, which is integrated in the functionality of the system , this is used to check what modifications the computer has done and what processing has been done.
Among these options provided by this useful monitoring tool, is to view the log of the program in detail There are also recent elements, what modifications were made to them or what processes were performed in them, in our absence we can check chronologically by the hour.
How do you protect your computer from letting them in?
There are many ways to protect your computer, preventing them from entering it is essential Keep all our documents and information as we wish. To this end, there are methods that will become classic or universal in some way, such as account protection and generating security systems for devices.
In any case, we can create remote access using our own created technology and security scheme, allowing us to only access it and execute orders while away from our computer. how to log out remotely, So this way you can control it without being present.
Account Protection
As for the protection of the account, it’s good to know that we have several options, among them exploiting the limitations of the account, as other computers can also be accessed through the same network that is being used, we can also use the method of requesting a password to access files and modify them .
The latter is of great help at all times; because for anything the intruder has to enter a password that he does not know. We also have to check if activity history is activated.
Device Security
About the security of the device itself we can talk about enforcing administrative policy. When something doesn’t work as expected or the user is blocked for entering the wrong password just once, they send out an announcement or an alert and ask for verification; in any case, we can program the device to go through the Blocked immediately after a certain period of inactivity. We also had to know how to disable Remote Desktop in Windows as this could be a vulnerability.
What is the way to check the logs?
To access it we will continue through the run window, for this we press the «Windows + R» keys, In the box we proceed to copy «eventvwr» and Event Viewer will run. Now we go to the «Windows Logs» section, then we go to «Security», then we click on «Filter Current Logs» and we find the «ID 4624» record that references the log, which we can see in our absence.
program record
We can access the program registry by pressing the run window Copy in «regedit» box «Windows + R». After this, a window will open where we will select Registry Editor, where we will see the installed programs and their functions, where we must be careful because the slightest modification can affect the system.
from recent projects
To see which elements have been executed recently, we can use the shortcut to access «Ctrl+Alt+Delete» When doing this, screens such as the login screen will be displayed and we will proceed to select Task Manager and then we will proceed to see the programs that are running and the ones that have been opened and closed in the History tab. application»