Here's an interesting Knoppix topic for you all:

I had my PC into a repair shop a while back in order to replace a power supply that had been fried by installing graphics cards that needed too much power. They put in a stronger power supply and I was back in business. I did not give them the login for my system since this was a basic hardware issue.

My system has an internal DVD drive that used to work fine when I ran XP, but now that I run Vista, I use an external drive, since the old internal one is incompatible. As a result I haven't looked into my old internal DVD drive in some time.

Today however, I opened it up and discovered a Knoppix 5.3 CD in there (certainly not mine, and nobody else has had access to my system). I'm guessing it would run fine on the old DVD drive if this was used to boot the system. I did a little research and understand that Knoppix is frequently used for data recovery, and is able to access and copy data from the file system.

Fortunately I keep most sensitive data in an encrypted folder, but this makes me think these guys tried to access my data without permission...?!?

Is there any way to find a log or anything that would show when the system was booted using Knoppix? Any way to prove these guys tried to access my PC?

Thanks for your feedback-

PC repair shops are notorious for stealing data and worse (particularly but not limited to Best Buy). Consider anything that wasn't encrypted or that could be opened even though encrypted with the account information that you gave them to be compromised. I'm not sure why they felt they had to use knoppix if you gave them a user and password, but maybe they were just being thorough in their snooping.

On top of it all, you likely paid them a small fortune to undo 4 screws and replace the power supply, as well as snoop around on your system. You could have easily swapped the power supply yourself.

I didn't give them the login, which is why they were using knoppix I guess. I'm just wondering if there would be any traces of their activity...

Knoppix does not write to the disk.

bummer. Okay thanks.

Another reason they may have used the Knoppix CD was simply to power up your PC and make sure it was working. Some shops don't like to use the customer's login details if it's avoidable. I know, I used to own a PC manufacturing company ;)

In this case as they were not doing any work on your Windows installation and were just testing the power supply, it would have made sense to use a boot CD. It's simpler, quicker and has less chance of running into a "password not working" scenario ... or any customer accusations that his Windows is now not working properly.

When I ran the PC business, staff didn't have time to muck around sorting through the tons of rubbish on users' PCs. They did often have to login to Windows to solve virus, drivers or other problems but their incentive was to complete the job, sign off the ticket and move to the next repair on the manifest.

I wouldn't be too worried about it. Big box stores as the admin said don't have time to muck around in someone elses pc. And why would they have to, they could be charged for privacy.

Then again the store could have called you to ask for the user password to tell you they needed to check to make sure the power supply was working, or they could have easily tested it in another machine to confirm a working p/s and then waited for you to come in and check it. hmm... yes when you start thinking about it too much I see why you could be upset.

If you're really curious, instead of dwelling on the possibilities, Why don't you just phone them up and ask them why they left a knoppix cd in your drive ? See what sort of answer they give. You could even ask them why didn't they call you in to ask for a password? ...

Did you happen to sign any papers when you gave your computer to them? ... Should read the fine print if you did to see what you agreed (allowed) them to do with your system.

... in any case, maybe just pull the H.D when you send it in for something like that .. lesson learned.