Is it possible for someone to access my system from remote location and operate in the background without detection? If so, how do I shut them down or know when they are in my system? Going thru a divorce and my laptop was accessed (opened and screws glued when replaced) while I was away, by my ex. I noted a lot of activity (directories and files dated while I was away)

Hi thecowboy56,

Your laptop is compromised. You must assume that the person who had access to your laptop, now has access to all the data that was present in the laptop at the time of intrusion.

It is possible to plant all sorts of malware in a PC - key loggers, phone home apps and so on.I would recommend the following course of actions:

1. Take the physical drive out of the laptop. You may connect your drive to an external USB enclosure and use this disk in another computer.

2. Take a backup or image of your laptop disk.

3. Now that you have backup, you may wipe clean your laptop disk.

4. Install Windows and all the programs from original media.

5. Install a good antimalware software.

6. Take your laptop to a qualified service to be checked that it's hardware was not tampered with.

Hi thecowboy56,

Your laptop is compromised. You must assume that the person who had access to your laptop, now has access to all the data that was present in the laptop at the time of intrusion.

It is possible to plant all sorts of malware in a PC - key loggers, phone home apps and so on.I would recommend the following course of actions:

1. Take the physical drive out of the laptop. You may connect your drive to an external USB enclosure and use this disk in another computer.

2. Take a backup or image of your laptop disk.

3. Now that you have backup, you may wipe clean your laptop disk.

4. Install Windows and all the programs from original media.

5. Install a good antimalware software.

6. Take your laptop to a qualified service to be checked that it's hardware was not tampered with.

• Marked as answer by thecowboy56 8 hours 8 minutes ago

Hi thecowboy56,

Your laptop is compromised. You must assume that the person who had access to your laptop, now has access to all the data that was present in the laptop at the time of intrusion.

It is possible to plant all sorts of malware in a PC - key loggers, phone home apps and so on.I would recommend the following course of actions:

1. Take the physical drive out of the laptop. You may connect your drive to an external USB enclosure and use this disk in another computer.

2. Take a backup or image of your laptop disk.

3. Now that you have backup, you may wipe clean your laptop disk.

4. Install Windows and all the programs from original media.

5. Install a good antimalware software.

6. Take your laptop to a qualified service to be checked that it's hardware was not tampered with.

• Marked as answer by thecowboy56 Monday, July 27, 2015 11:14 PM

Hi thecowboy56,

If you suspect the machine has been injected, we could perform a full scan with the antivirus software in safe mode.

Usually we will get a log when a new user logon, we could to check the following for anyone using the machine when you are away.
Event Viewer\Windows Logs\Security
Check the Event ID "4624".

Best regards

This sounds like what i am looking for. Let me know what to do.

thanks again

kevin