![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 98%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
How did you detect that someone had access? What evidence do you have that something was changed?
Typically the firewall on your router that connects to the internet blocks all access to your internal network. In order for someone on the internet to access your desktop, you would have needed to disable the router's firewall, and also the Windows firewall software on your desktop.
Or you somehow ran malicious software that installed a remote access app on your desktop.
Do you remember running something? What were you doing around the time that this event started?
There is no way for forum users to know what might have been changed or accessed. Your best bet is to run a full scan with the Windows Defender and also the Windows Malicious Software Removal tool.
Open a command prompt and run:
"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -Scan -ScanType 2
mrt /f
If those tools can identify the name of the malware, you can search the internet to see if that malware is documented somewhere. Researchers may have published what it does and how to remove it.
Some malware is very hard to detect, or may have a legitimate use. You should provide details of what you see happening on your pc. Ie: do you see some program running and using a lot of cpu/memory? What do you see?