![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi, AdamSteerment
Welcome to the Microsoft Community.
I'm sorry to hear about your experience with possible unauthorized remote access to your laptop. It's important to take steps to secure your device and data. Here are some recommendations to enhance your security and protect against future incidents:
Immediate Actions:
- Disconnect from the Internet: You've already done this, which is a good first step to prevent further unauthorized access.
- Scan for Malware: Running a full scan with your antivirus software is essential. Ensure that your antivirus definitions are up-to-date before scanning.
- Click on the Start menu and select "Settings" (gear icon) > Update & Security > Windows Security.
- Select Virus & Threat Protection > Quick Scan > Scan Options > Full Scan > Scan Now.
- Once the scan is complete, Windows Security will display the results.
- If any threats are detected, you will have the option to take actions such as removing or quarantining the threats.
- To ensure ongoing protection, consider scheduling regular full scans or enabling real-time protection in Windows Security settings.
- Check for Unauthorized Access: Review any recent login activity on your accounts to identify any suspicious logins. Change passwords for sensitive accounts immediately.
- Press Windows + I to open Settings > Accounts > Sign-in options > Scroll down to the "Account protection" section.
- Look for the option that says "Review recent activity."
- Click on "Review" to see recent login activity on your Microsoft account.
- Review the list of recent sign-ins to your Microsoft account.
- Pay attention to the date, time, location, and type of device used for each login.
- If you notice any unfamiliar or suspicious logins, take immediate action to secure your account.
- Review System Logs: Check system logs for any unusual activities or login attempts that might indicate unauthorized access.
- Press Windows key + X on your keyboard and select "Event Viewer" from the list.
- Expand the "Windows Logs" section on the left pane and click on "Security" to view security-related events.
- You can filter the logs by specific event IDs or keywords using the Filter Current Log option in the Actions pane on the right.
- Scroll through the list of security events to check for any unusual activities, failed login attempts, or other security-related events.
- Look for Event ID 4624 (Successful account logon) and Event ID 4625 (Failed account logon) to track successful and failed login attempts.
- If you find any suspicious events or activities, investigate further to determine the cause and take appropriate actions to secure your system.
Enhancing Security Measures:
- Enable Two-Factor Authentication (2FA): Implement 2FA on your important accounts to add an extra layer of security.
- Strong Passwords: Use complex and unique passwords for each account. Consider using a password manager to securely store and manage your passwords.
- Firewall and Security Settings: Configure your firewall settings and review security settings on your laptop to restrict unauthorized access.
- Data Backup: Regularly back up your significant files and data to an external drive or cloud storage to prevent data loss in case of a security breach.
- Network Security: Apart from changing your Wi-Fi password, consider enabling network encryption (WPA2/WPA3) and hiding your Wi-Fi network SSID to prevent unauthorized access.
It's crucial to take these proactive measures to safeguard your laptop and personal information. If you have concerns about the incident or need further assistance, don't hesitate to seek help from cybersecurity experts.
Best Regards
Martin | Microsoft Community Support Specialist