Do you have a feeling that someone has been using your PC without your permission? Maybe you noticed some changes in your settings, files, or browser history. Or maybe you just have a gut instinct that something is not right.
If you suspect that someone has been snooping on your PC, you need to act fast and find out the truth. Unauthorized access to your PC can compromise your privacy, security, and data. You don’t want anyone to see your personal or work-related information, or worse, steal or delete it.
Fortunately, there are ways to detect and prevent unauthorized access to your PC. In this blog post, we will show you four effective methods to check if someone was snooping on your PC, and how to stop them from doing it again.
Method 1: Check Your Recent Files and Folders
One of the easiest ways to check if someone was snooping on your PC is to look at your recent files and folders. Windows 10 keeps track of what you have opened, modified, or deleted recently, and you can access this information from the File Explorer.
To do this, follow these steps:
- Open the File Explorer by clicking on the folder icon on the taskbar, or by pressing Windows key + E.
- On the left pane, click on Quick Access. You will see a list of recent files and folders under the Frequent folders and Recent files sections.
- Look for any files or folders that you don’t recognize, or that you didn’t open or modify yourself. If you find any, it could be a sign that someone else has been using your PC.
You can also check the recent files and folders for specific applications, such as Microsoft Word, Excel, PowerPoint, etc. To do this, open the application and click on the File tab. You will see a list of recent documents under the Open section. Look for any documents that you don’t recognize, or that you didn’t open or edit yourself.
However, this method is not foolproof, as someone could have deleted the recent files and folders history to cover their tracks. To prevent this, you can disable the option to clear the recent files and folders history in Windows 10. To do this, follow these steps:
- Open the Settings app by clicking on the gear icon on the Start menu, or by pressing Windows key + I.
- Click on Personalization, then click on Start on the left pane.
- Under the Show recently opened items in Jump Lists on Start or the taskbar section, turn off the toggle switch.
This will prevent anyone from clearing the recent files and folders history, and you will be able to see what has been opened or modified on your PC.
Method 2: Check Your Browser History
Another way to check if someone was snooping on your PC is to check your browser history. Your browser history shows the websites that you have visited, the searches that you have made, and the downloads that you have done. If someone has been using your PC, they might have used your browser to access the internet, and left some traces behind.
To check your browser history, follow these steps:
- Open your browser of choice, such as Google Chrome, Microsoft Edge, Mozilla Firefox, etc.
- Press Ctrl + H to open the history panel. You will see a list of websites that you have visited, organized by date and time.
- Look for any websites that you don’t recognize, or that you didn’t visit yourself. If you find any, it could be a sign that someone else has been using your PC.
You can also check the search history, download history, and cookies and cache of your browser, as they might contain more information about the online activity of the person who used your PC. To do this, follow these steps:
- Open your browser of choice, and press Ctrl + H to open the history panel.
- Click on the menu icon (three horizontal lines or dots) on the top right corner of the panel, and select the option that you want to check, such as Search history, Download history, Cookies and site data, etc.
- Look for any items that you don’t recognize, or that you didn’t create or download yourself.
However, this method is also not foolproof, as someone could have cleared the browser history to cover their tracks. To prevent this, you can disable the option to clear the browser history in your browser settings. To do this, follow these steps:
- Open your browser of choice, and click on the menu icon (three horizontal lines or dots) on the top right corner of the window.
- Select Settings, then click on Privacy and security on the left pane.
- Under the Clear browsing data section, click on the Choose what to clear every time you close the browser option.
- Uncheck the boxes for the items that you want to keep, such as Browsing history, Download history, Cookies and site data, etc.
This will prevent anyone from clearing the browser history, and you will be able to see what websites have been visited on your PC.
Method 3: Check Your Logon Events
Another way to check if someone was snooping on your PC is to check your logon events. Logon events are records of when someone logs on or off your PC, or when someone unlocks or locks your PC. By checking your logon events, you can see when your PC was used, and by whom.
To check your logon events, follow these steps:
- Press Windows key + R to open the Run dialog box.
- Type eventvwr.msc and press Enter to open the Event Viewer.
- On the left pane, expand Windows Logs, then click on Security.
- On the right pane, click on Filter Current Log.
- On the Filter tab, under the Event sources section, select Microsoft-Windows-Security-Auditing from the drop-down menu.
- Under the Event IDs section, type 4624, 4625, 4634, 4800, 4801, and press Enter. These are the event IDs for successful logon, failed logon, logoff, workstation lock, and workstation unlock, respectively.
- Click on OK to apply the filter.
- You will see a list of logon events on the middle pane, with the date and time, event ID, and user name. Look for any logon events that you don’t recognize, or that occurred when you were not using your PC. If you find any, it could be a sign that someone else has been using your PC.
You can also double-click on any logon event to see more details, such as the logon type, logon process, logon session, and source network address. These details can help you identify the method and location of the logon.
However, this method is only available for Windows 10 Pro users, as Windows 10 Home users do not have the option to enable logon auditing. To enable logon auditing on Windows 10 Pro, follow these steps:
- Press Windows key + R to open the Run dialog box.
- Type gpedit.msc and press Enter to open the Local Group Policy Editor.
- On the left pane, navigate to Computer Configuration > Windows Settings > Security Settings > Local Policies > Audit Policy.
- On the right pane, double-click on Audit logon events.
- On the Audit logon events properties window, check the boxes for Success and Failure under the Audit these attempts section.
- Click on Apply, then click on OK.
This will enable logon auditing on your PC, and you will be able to see the logon events in the Event Viewer.
Method 4: Use a Third-Party Software
Another way to check if someone was snooping on your PC is to use a third-party software that can monitor and record the activity on your PC. There are many software available that can do this, such as Prey, ActivTrak, SpyAgent, etc. These software can capture screenshots, keystrokes, web history, file changes, and more, and send them to your email or cloud account. You can use these software to see what someone has been doing on your PC, and who they are.
To use a third-party software, follow these steps:
- Research and select a reliable and reputable software that can monitor and record the activity on your PC. Look for software that offer features such as stealth mode, remote access, email alerts, and encryption.
- Download and install the software on your PC, and follow the instructions to set it up. You will need to create an account, configure the settings, and choose the items that you want to monitor and record.
- Run the software in the background, and wait for it to collect the data. You can access the data from your email or cloud account, or from another device that has the software installed.
- Look for any evidence of unauthorized access to your PC, such as screenshots, keystrokes, web history, file changes, etc.
However, this method is not recommended, as it can violate the privacy and security of other users, and may be illegal in some jurisdictions. You should only use this method if you have a valid reason and permission to do so, and if you are aware of the risks and consequences involved.
Conclusion
Unauthorized access to your PC can be a serious threat to your privacy, security, and data. You need to be vigilant and proactive in detecting and preventing it. By using the methods above, you can check if someone was snooping on your PC, and how to stop them from doing it again.
You should also take some preventive measures to protect your PC from unauthorized access, such as:
- Lock your PC with a strong password or PIN, and change it regularly.
- Use a biometric authentication method, such as fingerprint or face recognition.