Knowledge Base

What is a computer forensic examiner?

Best stated by InfoSec Institute –  A Computer Forensics Investigator or Forensic Analyst is a specially trained professional who works with law enforcement agencies, as well as private firms, to retrieve information from computers and other types of data storage devices. Equipment can often be damaged either externally or internally corrupted by hacking or viruses.

The Forensic Analyst is most well known for working within the law enforcement industry; however, he or she can also be tasked to test the security of a private company’s information systems. The Analyst should have an excellent working knowledge of all aspects of the computer including but not limited to hard drives, networking, and encryption.

I have a team of system administrators at my company, can’t they do the exam of my systems if I suspect foul play?

Unless the team or someone in the team is trained in computer forensics, the extraction of data and the NON-forensically sound manner in which is was obtained could cause the case to be inadmissible in court, should it go that far.  Every precaution should be taken to preserve the data.   Date and time stamps could be altered by simply allowing an untrained person to “look at what could be going on”.

Infections and Malware

How did my computer become infected?

A computer can become infected many different ways.  There are exploits in popular programs that allow a computer to become infected or hacked.  Free music websites or an improper search term are common ways to become infected.

Are there symptoms of an infection?

Unwanted pop-up windows are the most common symptom of an infection.  Degraded performance is another sign of a possible infection.

What can the Trojan really do to my computer?

It can allow another source to use your computer to distribute viruses, malicious code, steal identities of you or the people in your address book and many more other dangerous cyber crime actions.

I received an email stating an update was ready and a link to the update is that normal practice?

No, that is not normal practice.  When updates are ready, a balloon will appear in the area of your task bar near the time.  Read the screens and when in doubt – don’t do anything.

What are windows updates and why are they so important?

Windows updates prevent or repair problems as well as patch those vulnerable parts of the software we “can’t see” when we use the computer.   Windows updates can help keep your computer more secure.

We hear the statement “I don’t have anything on my computer that anyone would want, so I don’t think anyone will want to “hack into me”.

Just because you do not have anything on your computer doesn’t mean it can’t be used in a malicious manner.  An unprotected or inadequately protect computer can be used to distribute viruses, to distribute child pornography, adult pornography, aid in denial of service attacks or act as a ruse, making harder to catch those responsible.

I have an internet security/anti-virus program on my computer and I was told that my computer was infected with malware.  How did this happen?

Malware and viruses are two different types of infections.  Antivirus or Internet Security software is not enough to protect your computer system.  We add the trial version of Malware-bytes to the systems that come into our office in need of dis-infection.  The trial version is “good”, but for a small fee an annual subscription is a better means of protection.

 Cybercriminals have become clever and try to trick you into downloading rogue (fake) security software that claims to protect you against malware. This rogue security software might ask you to pay for a fake product, install malware on your computer, or steal your personal information.

Social media sites are another means to spread malware onto unsuspecting computers.  Think twice before clicking any links.  They are not always what they appear to be.

For more information on these questions and others call Sensible Solutions & Support, LLC (727) 787-2140