I was burglarized today--they broke in while I was at work. They took lots of stuff from my living room and garage. They ransacked all of my house going through drawers and cabinets. It sucks, but it could have been worse.<p>Here is the weird thing, my office room while having been thoroughly searched still contains all of the electronics. The computer (a really good gaming machine), dual monitors (large), keyboard, mouse are all still here.<p>Also, my computer was on and I don't have a lock screen on it (I live alone and don't do any work from home on it--though I regret now that it didn't have the lock-screen activated).<p>So I'm feeling super paranoid. I'm in the process of updating all my site passwords (mostly managed by lastpass). But I'm concerned some kind of keysniffer or other invasive software could have been installed.<p>It seems unlikely--but this room remains too intact for it not to be suspicious.<p>I'm on win7, SP1. What are some good (trustworthy) tools I can scan my computer with.<p>Does anyone know of any concerns or precautions I should take, short of reformatting (which now that I think about it sounds really good).<p>Thanks in advance.
Have you done a risk analysis?<p>Some things for you to ask yourself: Do you work for a government agency? Is it possible for secret documents to be on your machine? Do you work for a high profile company? Is it possible for trade secrets to be on the machine?<p>What's the worst that could happen if the data is compromised? Will you die? Will you go to jail? Will your company lose millions of dollars?<p>> What are some good (trustworthy) tools I can scan my computer with.<p>There are none. Once you think your machine has been compromised the only safe course of action is to wipe and re-install, and then very carefully restore data from back-up.<p>Check for hardware tampering too - hardware keyboard grabbers are cheap and easy to fit.<p>Don't forget that burglars have different styles - they don't just rob everything. Some burglars will just steal jewellery and leave everything else; others will grab everything technical and leave everything else. And the burglars might have been disturbed in the process of robbing the house.
Copy all data to an external hard drive. Wipe current drive, reinstall OS, selectively copy back the files you need.<p>Any time you're infected with malware or strongly suspect you are, this is what you should do. It doesn't take that much time, plus you'll probably notice a big speed boost after you install the OS from a clean slate.<p>It'll take you way less time and effort than being paranoid and downloading all kinds of virus scanners and rootkit finders, while also being way more effective.<p>A hardware keylogger or spy device is extremely unlikely. If you don't see anything between the keyboard and the computer that shouldn't be there, odds are you're fine.
I would guess that desktop computers are just much harder to fence than, say, TVs, and that you're just a bit paranoid (I don't blame you, considering the situation). A smart thief would also be wary of LoJack-type software on the computer.
Desktop computer? They probably decided it was either too big to carry away without being caught, or that it wasn't something easy for them to sell. I would guess that cameras, cell phones, and tablets are easier to sell. They're all one piece, don't look very different "used" or "new", and you could probably re-package them with some bubble wrap and an envelope. A desktop computer with lots of parts, some of them obviously used, is going to be a lot more obvious and harder for the thief to deal with.
Can you give some examples of what was taken from the garage and house? This would help paint a picture of what the robbers were interested in.<p>That activity could always be a decoy, of course, to throw you off the scent; or it could simply be that the thieves really were interested in those items that they took and not your computers and electronics.<p>There are good reasons not to take large electronics: they are not that easy to turn into cash, and they are bulky items: poor dollar to volume/weight ratio. It's much better to steal actual cash. Or traditional valuables like gold.<p>What's better: a computer monitor you can hawk for 50 bucks at most? Or 4 grams of gold from an 18K ring, worth some 100 bucks? Or an actual $100 bill? This is why thieves went through drawers and cabinets: they want small things that are dense with value, and cash.<p>As far as electronics goes, small stuff like smartphones and tables packs more value.<p>I wouldn't get all paranoid. One thing to do, though, is to monitor your network traffic, especially outbound, to look for any suspicious activity.
If being bugged presents risk to your life or career (i.e., you're no average Joe) then you should just buy a new machine. If they bugged your hardware, bios, or other equipment, you might never know and it might not be removed after reformatting.<p>Also it could be that with a super custom and nice gaming machine, thieves didn't want it as it's too easy for you to recognize on the black market. And additionally, they might have worried you had a GPS or software which will phone home after it's been stolen.<p>And take a peak at the system logs too and your wi-fi logs.<p>Btw, a system lock won't keep any determined criminals out of your machine if they have physical access to it. Although, an encrypted drive and system locks would help, but maybe not in the case of a hardware bug.
Remove hard drive and store it as evidence. Obtain new HDD. Install your OS of choice. Restore data from off-site backups.<p>Moderate risk - mount the both the old HDD and the new HDD (with Windows already installed) under Linux. Copy the data in Linux environment from old drive to new drive. You can use <a href="http://puppylinux.org" rel="nofollow">http://puppylinux.org</a> to access Windows drives from Linux. It has a nice graphical file manager for that, so you will find it easy to do. Once done, remove the drive and store as evidence.
A potentially compromised computer can never be secured for future use.<p>If something like that happened I would likely sell all the equipment and buy fresh. Really. It's pretty suspicious, and examples of malicious code which can stay persistent in practically nearly any peripheral with accessible memory have been shown.<p>Burglarizations suck. Hope you recover from it well.