0

While I was away from my comp, my colleagues trolled my windows 7 computer, and now occasionally windows locks as I am typing, or a tab closes randomly. :)

I noticed a colleague typing in a powershell on these occasions, so I suspect a powershell remote script. I tried disabling all remote dekstop accesses, but the issue still happens. I don't know what else could be causing this. Any tips? I will only be able to verify answers in a few days :) )

I am thinking of installing a Charles proxy to verify that the issue is on the desktop and not from a remote connection.

I also found a Citrix Receiver, but uninstalling it did not help.

giorgio79
  • 1,111
  • 5
  • 14
  • 22
  • 1
    The most logical thing would be a 2nd keyboard attached to the computer. – LPChip Nov 05 '15 at 20:08
  • Related issue http://superuser.com/questions/717192/my-colleague-often-shuts-down-my-machine-through-the-lan-how-do-i-prevent-it – giorgio79 Nov 18 '15 at 14:23

2 Answers2

2

Powersploit is a whole framework for remotely "pranking" people.

https://github.com/PowerShellMafia/PowerSploit

Try changing your login password, unless those other users have admin rights to your computer, in which case, you can't do much.

redwards510
  • 167
  • Checked but no other admin users are on the comp :) Will try changing the password. – giorgio79 Nov 09 '15 at 09:24
  • What I meant is.. if you are on a domain and those other users are in the administrators group, which is common in tech shops, they could log on to your computer (not as you, obv) and do things like use psexec, as someone else mentioned. – redwards510 Nov 09 '15 at 19:11
1

They could also just be using psexec from SysInternals. I once used this to prank someone in my office. Basically I just sent a popup message window to the user with some sort of message.

No additional software would have needed to be installed on your PC but I'm pretty sure they would need admin rights on your PC.

https://technet.microsoft.com/en-au/sysinternals/bb897553.aspx

Other than that it is a great tool for doing some remote commands on servers and client machines...

tyelford
  • 440