Has someone secretly used your computer? What have they been looking at? Your laptop isn't where you left it. Your desk is a mess. This could be an issue whether you're working from home, in an office, or just leisurely browsing the web from your own house—no one wants to be spied on.

Nearly everything you do leaves some kind of trace on a computer. You just need to know where to go in order to find that evidence. Knowing where to start can drastically reduce the amount of time it takes to find the culprit. Here's how you can tell if someone has been on your computer or laptop without your permission.

1. How to See What Files Were Opened on Your Computer

check recently opened files on microsoft office

You should already know how to look at recently opened files. By checking this out, you can see if anyone else has accessed any content without your knowledge.

Windows introduced this as an easy way to go back to whatever you've been working on or looking at. It's especially handy if you're adding an attachment to an email, transferring files over services like WeTransfer, or uploading to a blog. But you can also use this feature to check if someone else has been accessing your files.

Just head to File Explorer by clicking on the relevant icon (which looks like a traditional paper file and should be located at the bottom of your screen) or by pressing Windows key + E. At the top left of the menu, click on Home (or Quick Access on PCs using an older version of Windows). You'll be able to see what's been opened under "Recent", so look for anything you haven't accessed yourself.

Macs similarly offer ways to open recently-opened files, including through the Recent Items and Recent Folders lists.

Alternatively, you can check files opened in individual apps. If you think someone's snooped on a PowerPoint presentation you made, check the Recent tab in that program.

2. How to Check Recently Modified Files

how to check when files were last modified

Anyone can wipe recent activity from your machine. From File Explorer, you can highlight anything in "Recent" and click on Remove from Recent. To entirely clear activity, you can type this into File Explorer's address bar at the top:

%APPDATA%\Microsoft\Windows\Recent Items

You'll see a long list of what's been opened; right-click anywhere and click Show more options > Clear recent items list. If your recent activity has been deleted, this is at least a sign that someone has used your PC, although it's harder to spot if only a select few selections have been removed.

But how can you tell what folders have recently been opened?

Just go to whichever Folder you want (likely Documents, Pictures, or Downloads) and click on the Date Modified option at the top. When clicked once, this will resort the folder so that the most recently accessed file is at top; click it again and that order will be reversed. There's also a down-arrow to the side of this option, which lets you toggle the range even further, i.e. to a specific date or "Yesterday", "Last week", "Last month", "Earlier this year", or even "A long time ago".

You'll see a list of files that have been accessed—as long as something was changed. Let's hope you're lucky enough that your PC automatically saved an item while the snooper was at work. Check the times listed and narrow down when you were away from your device.

If there are certain files you suspect have been modified, right-click on them via File Explorer and select Properties. A small new window will open; navigate to the General tab, in which you can read when it was Created, Modified, and Accessed.

3. Check Your Browser History to Find Out if Someone Used Your Computer

Everyone knows you can easily delete your browsing history. But if someone used your PC in a hurry, they might've forgotten this step.

Google Chrome has the biggest market share, so it's most likely that whoever went on your computer used that. Click on the vertical ellipsis in the top right corner then History and see if anything's amiss.

Don't rule out other browsers, though. If your PC has Edge, go to the ellipsis then History. Firefox users should click on the menu, followed by History > Show All History. And through the Brave browser, you can click on the three horizontal lines in the top-right corner then History.

Now check down the list of visited webpages and note down anything that's listed but which you definitely didn't go on. That's a good way of checking if someone used your computer to visit websites.

4. How to Access Windows 10 and 11 Logon Events

4624 records as a Logon

You want to know if someone else has accessed your PC, but the simple methods are yet to bear fruit. Fortunately, you can delve deeper into your computer for further evidence.

From Windows 10 Home onwards, the OS automatically audits logon events—meaning it takes a note of every time you log into your device. So, how can you check it? And once you've found the log, how can you interpret any meaning from it?

Search for "Event Viewer" and click on the app. Go to Windows Log > Security. You'll see a long list of activities, most of which won't make much sense to you unless you know Windows ID codes well.

The one you need to look out for is "4624", which records as a "Logon". "4672" means "Special Logon", which you might see in conjunction with a standard logon. This indicates an administrative login. "4634" will be listed when an account logs off your PC.

It might be difficult to spot these codes, but you can narrow it down by using the Find... feature in the Actions menu to the right.

If you know a time you were away from your computer, you can either scroll through the log or use Filters. Go to Actions > Filter Current Log then use the dropdown menu under Logged.

Click on any individual log to find out more details, including which account signed in. This is useful if you think someone has used your PC but not your system.

How to Enable Logon Auditing on Windows 10 and Windows 11 Pro

The Home version of Windows 10 and Windows 11 audits logons by default. However, the Pro versions of Windows 10 and 11 could require some tinkering.

Access the Group Policy Editor by searching for "gpedit". Next, go to Computer Configuration > Windows Settings > Security Settings > Local Policies > Audit Policy > Logon Audits.

You need to select Success and Failure in order for it to register successful and unsuccessful login attempts.

After you've done this, you can check the audits for future reference by using the aforementioned method via Event Viewer.

How to Stop Others Using Your Computer

How can you stop others accessing your PC? Firstly, you can ask. You might be questioned about why it bothers you, but if it's your own property, it's your right.

The most important thing is to create a strong password for your account. Make sure it's not predictable. Don't write it down anywhere. And whenever you leave your desk, press Windows key + L. It's one of the best ways to lock your PC, and to make certain no one can snoop on your activities.