CrowdStrike Windows Sensor location/process name/install log
up vote
0
down vote
favorite
Under control panel -> programs and features, I see CrowdStrike Windows Sensor was installed recently, but I did not install it. I can't actually find the program anywhere on my computer. What can I do to see where this program came from, where it is installed, if it is running, and if it is legit?
I should add that is an old work computer. I haven't connected to the work network in some time, so I thought that meant I wouldn't be getting updates, but I guess that assumption could be flawed.
windows-7
asked Apr 3 '17 at 18:33
Learning2Code
10412
add a comment |
up vote
0
down vote
favorite
Under control panel -> programs and features, I see CrowdStrike Windows Sensor was installed recently, but I did not install it. I can't actually find the program anywhere on my computer. What can I do to see where this program came from, where it is installed, if it is running, and if it is legit?
I should add that is an old work computer. I haven't connected to the work network in some time, so I thought that meant I wouldn't be getting updates, but I guess that assumption could be flawed.
windows-7
asked Apr 3 '17 at 18:33
Learning2Code
10412
1
First time user here, can you offer anything more helpful than a downvote? Perhaps a comment explaining why this is a poor question.
– Learning2Code
Apr 3 '17 at 19:12
Check here: kb.mit.edu/confluence/display/istcontrib/… and if it's not available to uninstall from those options, reinstall the app and then check to see if the uninstall option is available from add remove programs... ist.mit.edu/crowdstrike/falcon ... Otherwise, reach out to the vendor for their cleanup tool to uninstall from Windows when the option is not available to do so but you know 100% for sure the software is installed...
– Pimp Juice IT
Apr 3 '17 at 19:49
@ModeratorImpersonator Thank you, that is helpful for uninstalling, but I really would like to determine how it got there in the first place.
– Learning2Code
Apr 4 '17 at 15:07
You know the history of the PC so asking how something happened to your PC is 100% guessing by anyone other than you or those who have had physical possession of it. Unless you're a computer forensic scientist and spending the hours getting the data from your machine, you will likely never know. I'm sure you could figure it out though if you spent the time doing so, learning, etc. sure you could, go for it!! Otherwise, chaulk it up to a one-time mystery, resolve the problem, and move on to the next chapter of your book.... the Holy Book... can I get an Amen!!
– Pimp Juice IT
Apr 4 '17 at 15:47
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
Under control panel -> programs and features, I see CrowdStrike Windows Sensor was installed recently, but I did not install it. I can't actually find the program anywhere on my computer. What can I do to see where this program came from, where it is installed, if it is running, and if it is legit?
I should add that is an old work computer. I haven't connected to the work network in some time, so I thought that meant I wouldn't be getting updates, but I guess that assumption could be flawed.
windows-7
asked Apr 3 '17 at 18:33
Learning2Code
10412
Under control panel -> programs and features, I see CrowdStrike Windows Sensor was installed recently, but I did not install it. I can't actually find the program anywhere on my computer. What can I do to see where this program came from, where it is installed, if it is running, and if it is legit?
I should add that is an old work computer. I haven't connected to the work network in some time, so I thought that meant I wouldn't be getting updates, but I guess that assumption could be flawed.
windows-7
windows-7
asked Apr 3 '17 at 18:33
Learning2Code
10412
asked Apr 3 '17 at 18:33
Learning2Code
10412
asked Apr 3 '17 at 18:33
Learning2Code
10412
asked Apr 3 '17 at 18:33
Learning2Code
10412
asked Apr 3 '17 at 18:33
Learning2Code
10412
10412
1
First time user here, can you offer anything more helpful than a downvote? Perhaps a comment explaining why this is a poor question.
– Learning2Code
Apr 3 '17 at 19:12
Check here: kb.mit.edu/confluence/display/istcontrib/… and if it's not available to uninstall from those options, reinstall the app and then check to see if the uninstall option is available from add remove programs... ist.mit.edu/crowdstrike/falcon ... Otherwise, reach out to the vendor for their cleanup tool to uninstall from Windows when the option is not available to do so but you know 100% for sure the software is installed...
– Pimp Juice IT
Apr 3 '17 at 19:49
@ModeratorImpersonator Thank you, that is helpful for uninstalling, but I really would like to determine how it got there in the first place.
– Learning2Code
Apr 4 '17 at 15:07
You know the history of the PC so asking how something happened to your PC is 100% guessing by anyone other than you or those who have had physical possession of it. Unless you're a computer forensic scientist and spending the hours getting the data from your machine, you will likely never know. I'm sure you could figure it out though if you spent the time doing so, learning, etc. sure you could, go for it!! Otherwise, chaulk it up to a one-time mystery, resolve the problem, and move on to the next chapter of your book.... the Holy Book... can I get an Amen!!
– Pimp Juice IT
Apr 4 '17 at 15:47
add a comment |
1
First time user here, can you offer anything more helpful than a downvote? Perhaps a comment explaining why this is a poor question.
– Learning2Code
Apr 3 '17 at 19:12
Check here: kb.mit.edu/confluence/display/istcontrib/… and if it's not available to uninstall from those options, reinstall the app and then check to see if the uninstall option is available from add remove programs... ist.mit.edu/crowdstrike/falcon ... Otherwise, reach out to the vendor for their cleanup tool to uninstall from Windows when the option is not available to do so but you know 100% for sure the software is installed...
– Pimp Juice IT
Apr 3 '17 at 19:49
@ModeratorImpersonator Thank you, that is helpful for uninstalling, but I really would like to determine how it got there in the first place.
– Learning2Code
Apr 4 '17 at 15:07
You know the history of the PC so asking how something happened to your PC is 100% guessing by anyone other than you or those who have had physical possession of it. Unless you're a computer forensic scientist and spending the hours getting the data from your machine, you will likely never know. I'm sure you could figure it out though if you spent the time doing so, learning, etc. sure you could, go for it!! Otherwise, chaulk it up to a one-time mystery, resolve the problem, and move on to the next chapter of your book.... the Holy Book... can I get an Amen!!
– Pimp Juice IT
Apr 4 '17 at 15:47
1
1
First time user here, can you offer anything more helpful than a downvote? Perhaps a comment explaining why this is a poor question.
– Learning2Code
Apr 3 '17 at 19:12
First time user here, can you offer anything more helpful than a downvote? Perhaps a comment explaining why this is a poor question.
– Learning2Code
Apr 3 '17 at 19:12
Check here: kb.mit.edu/confluence/display/istcontrib/… and if it's not available to uninstall from those options, reinstall the app and then check to see if the uninstall option is available from add remove programs... ist.mit.edu/crowdstrike/falcon ... Otherwise, reach out to the vendor for their cleanup tool to uninstall from Windows when the option is not available to do so but you know 100% for sure the software is installed...
– Pimp Juice IT
Apr 3 '17 at 19:49
Check here: kb.mit.edu/confluence/display/istcontrib/… and if it's not available to uninstall from those options, reinstall the app and then check to see if the uninstall option is available from add remove programs... ist.mit.edu/crowdstrike/falcon ... Otherwise, reach out to the vendor for their cleanup tool to uninstall from Windows when the option is not available to do so but you know 100% for sure the software is installed...
– Pimp Juice IT
Apr 3 '17 at 19:49
@ModeratorImpersonator Thank you, that is helpful for uninstalling, but I really would like to determine how it got there in the first place.
– Learning2Code
Apr 4 '17 at 15:07
@ModeratorImpersonator Thank you, that is helpful for uninstalling, but I really would like to determine how it got there in the first place.
– Learning2Code
Apr 4 '17 at 15:07
You know the history of the PC so asking how something happened to your PC is 100% guessing by anyone other than you or those who have had physical possession of it. Unless you're a computer forensic scientist and spending the hours getting the data from your machine, you will likely never know. I'm sure you could figure it out though if you spent the time doing so, learning, etc. sure you could, go for it!! Otherwise, chaulk it up to a one-time mystery, resolve the problem, and move on to the next chapter of your book.... the Holy Book... can I get an Amen!!
– Pimp Juice IT
Apr 4 '17 at 15:47
You know the history of the PC so asking how something happened to your PC is 100% guessing by anyone other than you or those who have had physical possession of it. Unless you're a computer forensic scientist and spending the hours getting the data from your machine, you will likely never know. I'm sure you could figure it out though if you spent the time doing so, learning, etc. sure you could, go for it!! Otherwise, chaulk it up to a one-time mystery, resolve the problem, and move on to the next chapter of your book.... the Holy Book... can I get an Amen!!
– Pimp Juice IT
Apr 4 '17 at 15:47
add a comment |
2 Answers
2
active
oldest
votes
up vote
0
down vote
CrowdStrike is an AntiVirus program. Likely your work uses it and probably it has always been on your computer, or at least since the last time you connected to your work environment. There is a setting in CrowdStrike that allows for the deployed sensors (i.e. the one on your computer) to automatically update. If the computer in question was connected to the internet, then likely it simply auto updated on it's own because a new version of the Windows Sensor was available.
answered Oct 6 '17 at 18:38
Pappy
1
add a comment |
up vote
-1
down vote
you can used WMI (Win32_Product)and grep for this patern "Crowdstrike","CrowdStrike, Inc."
or used WMI (Win32_Service) and grep for this patern csagent is running
answered Oct 22 at 10:03
andie tanadi
1
add a comment |
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
CrowdStrike is an AntiVirus program. Likely your work uses it and probably it has always been on your computer, or at least since the last time you connected to your work environment. There is a setting in CrowdStrike that allows for the deployed sensors (i.e. the one on your computer) to automatically update. If the computer in question was connected to the internet, then likely it simply auto updated on it's own because a new version of the Windows Sensor was available.
answered Oct 6 '17 at 18:38
Pappy
1
add a comment |
up vote
0
down vote
CrowdStrike is an AntiVirus program. Likely your work uses it and probably it has always been on your computer, or at least since the last time you connected to your work environment. There is a setting in CrowdStrike that allows for the deployed sensors (i.e. the one on your computer) to automatically update. If the computer in question was connected to the internet, then likely it simply auto updated on it's own because a new version of the Windows Sensor was available.
answered Oct 6 '17 at 18:38
Pappy
1
add a comment |
up vote
0
down vote
up vote
0
down vote
CrowdStrike is an AntiVirus program. Likely your work uses it and probably it has always been on your computer, or at least since the last time you connected to your work environment. There is a setting in CrowdStrike that allows for the deployed sensors (i.e. the one on your computer) to automatically update. If the computer in question was connected to the internet, then likely it simply auto updated on it's own because a new version of the Windows Sensor was available.
answered Oct 6 '17 at 18:38
Pappy
1
CrowdStrike is an AntiVirus program. Likely your work uses it and probably it has always been on your computer, or at least since the last time you connected to your work environment. There is a setting in CrowdStrike that allows for the deployed sensors (i.e. the one on your computer) to automatically update. If the computer in question was connected to the internet, then likely it simply auto updated on it's own because a new version of the Windows Sensor was available.
answered Oct 6 '17 at 18:38
Pappy
1
answered Oct 6 '17 at 18:38
Pappy
1
answered Oct 6 '17 at 18:38
Pappy
1
answered Oct 6 '17 at 18:38
Pappy
1
1
add a comment |
add a comment |
up vote
-1
down vote
you can used WMI (Win32_Product)and grep for this patern "Crowdstrike","CrowdStrike, Inc."
or used WMI (Win32_Service) and grep for this patern csagent is running
answered Oct 22 at 10:03
andie tanadi
1
add a comment |
up vote
-1
down vote
you can used WMI (Win32_Product)and grep for this patern "Crowdstrike","CrowdStrike, Inc."
or used WMI (Win32_Service) and grep for this patern csagent is running
answered Oct 22 at 10:03
andie tanadi
1
add a comment |
up vote
-1
down vote
up vote
-1
down vote
you can used WMI (Win32_Product)and grep for this patern "Crowdstrike","CrowdStrike, Inc."
or used WMI (Win32_Service) and grep for this patern csagent is running
answered Oct 22 at 10:03
andie tanadi
1
you can used WMI (Win32_Product)and grep for this patern "Crowdstrike","CrowdStrike, Inc."
or used WMI (Win32_Service) and grep for this patern csagent is running
answered Oct 22 at 10:03
andie tanadi
1
answered Oct 22 at 10:03
andie tanadi
1
answered Oct 22 at 10:03
andie tanadi
1
answered Oct 22 at 10:03
andie tanadi
1
1
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1195102%2fcrowdstrike-windows-sensor-location-process-name-install-log%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
First time user here, can you offer anything more helpful than a downvote? Perhaps a comment explaining why this is a poor question.
– Learning2Code
Apr 3 '17 at 19:12
Check here: kb.mit.edu/confluence/display/istcontrib/… and if it's not available to uninstall from those options, reinstall the app and then check to see if the uninstall option is available from add remove programs... ist.mit.edu/crowdstrike/falcon ... Otherwise, reach out to the vendor for their cleanup tool to uninstall from Windows when the option is not available to do so but you know 100% for sure the software is installed...
– Pimp Juice IT
Apr 3 '17 at 19:49
@ModeratorImpersonator Thank you, that is helpful for uninstalling, but I really would like to determine how it got there in the first place.
– Learning2Code
Apr 4 '17 at 15:07
You know the history of the PC so asking how something happened to your PC is 100% guessing by anyone other than you or those who have had physical possession of it. Unless you're a computer forensic scientist and spending the hours getting the data from your machine, you will likely never know. I'm sure you could figure it out though if you spent the time doing so, learning, etc. sure you could, go for it!! Otherwise, chaulk it up to a one-time mystery, resolve the problem, and move on to the next chapter of your book.... the Holy Book... can I get an Amen!!
– Pimp Juice IT
Apr 4 '17 at 15:47