HOWTO: Monitoring All join.me Installation to Prevent Data Breaches


Any newly installed software on your company’s workstations can be the first alert indicating a data breaches at a very early stage. Monitoring all join.me installation events and proactively blocking all unauthorized installs it is a critical procedure that shall be performed by all departments on an ongoing basis.

Join.me.exe is a type of EXE file associated with Join.Me developed by Logmein, Inc. for Windows. The latest known version of Join.me.exe is 1.9.1.204, which was produced for Windows. This EXE file has a popularity rating of 1 stars and a security rating of 'UNKNOWN'.

EXE ('executable') files, such as join.me.exe, are files that contain step-by-step instructions that a computer follows to carry out a function. When you double-click an EXE file, your computer automatically executes these instructions created by the program developer (for example, Logmein, Inc.) to launch a program (for example, Join.Me) on your computer.

Each software application on your computer uses an executable file: your web browser, word processor, spreadsheet program, etc. This makes executable files one of the most useful kinds of files in the Windows operating system. Without executable files like join.me.exe, you could not use any programs on your computer.

Below there are a ways to get a list of installed software and monitoring all join.me installation to prevent data breaches and avoid unauthorized access.



Manually:

Option 1: Via Control Panel on a Local Computer:

   1. Open Windows Explorer (Win+E)

   2. Navigate to 'Control Panel\Programs\Programs and Features' to display the following screen:

   Windows Programs and Features

   3. Click on 'Installed On' column to sort by installed date and have the most recently installed programs pop up on top.

Option 2: Via Wmic Utility on a Remote Computer:

   1. Launch PowerShell command prompt (press Win+R, type 'powershell', Enter)

   2. In the PS command prompt, Get-WmiObject -Class Win32_Product �Computer computername | Select-Object Name,InstallDate | Sort-Object InstallDate

With Action1 Endpoint Security Platform:

Step 1 - Sign-up for Free:

Step 2 - Type Your Question in Plain English:

How to monitoring all join.me installation to prevent data breaches and proactively blocking all unauthorized installs on all your Windows domain machines. - search query

Step 3 - Set Filters, If Necessary:

How to monitoring all join.me installation to prevent data breaches and proactively blocking all unauthorized installs on all your Windows domain machines. - set filters

Step 4 - See Results from All Endpoints in Seconds:

Endpoint NameInstall DateNameVendorVersion
fred.widgets.local20171204Microsoft Office 2016Microsoft19.0.8482
mac.widgets.local20171204Microsoft SQL Server 2015Microsoft11.1.5839
ray.widgets.local20171204Microsoft Office 2012Microsoft17.0.3629

Do not have time to write scripts? Check out Action1 Endpoint Security Platform. Ask questions in plain English such as "list of installed software" or "all running processes".
Get answers instantly from live systems or subscribe to real-time alerts:


A lot of cyberattacks start with installation of join.me. According to 2016 Verizon Data Breach Investigation Report (DBIR), a very common tactic used by intruders involves installation of remote control software . Quite a few registered attacks used email phishing techniques asking users to call an IT helpdesk to resolve a certain problem. When those users called a fictitious helpdesk, the cybercriminals picked up on the phone. Sounding very professionally, they asked users to install join.me as the first step. Giving them installation URLs, they walked users through installation and then effectively took control of their computers as a stepping stone to accessing corporate files stored on a corporate network.

Prevent Malicious Software Install

Action1 is a free Cloud-based Endpoint Security Platform. Among hundreds of other built-in features, it allows to automate tracking of join.me installations across the entire network of endpoints and enable proactive response to this very common threat. This article explains how to automate tracking of installed join.me using Action1 and also shows the alternate way of manual review procedure, for organizations that are not able to utilize Action1 in their environments.


Other Relevant HOWTOs: