Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Is it normal for IE history to log system activity/contents?

27 Aug 2015   #11
ThrashZone

Win-7-Pro64bit 7-H-Prem-64bit
 
 

In-Private browsing is very similar to deleting everything on exit with the same setting as I posted
You can also go into the Advanced settings and check the box or confirm it's checked to delete on exit too.

In issues like this it might be best to reset the modem and or router to it's defaults and change the access password too.


My System SpecsSystem Spec
.
27 Aug 2015   #12
papilio

Windows 7 x64
 
 

Quote   Quote: Originally Posted by ThrashZone View Post
In-Private browsing is very similar to deleting everything on exit with the same setting as I posted
You can also go into the Advanced settings and check the box or confirm it's checked to delete on exit too.
Thank you ThrashZone, I'd figured it was somewhat similar.


Quote   Quote: Originally Posted by ThrashZone View Post
In issues like this it might be best to reset the modem and or router to it's defaults and change the access password too.
I'm afraid those have already been done, time and again, without resolving the issue. At one point I saw that IE had visited the wireless security URL of the router, but when I attempted to log in myself to check for changes I discovered that the router's password had also been changed. Unlike the similar hack of the BIOS however, the router issue was of course easily fixed with a reset. The BIOS hack, with even Dell tech unable to reset the password, will require a new motherboard ... once this is all cleaned up.


I suspect I've done clean installs of both 7 and 8.1 more than half a dozen times over the past couple of months, but each time everything reoccurs again from the start.



Thanks again for our help!
My System SpecsSystem Spec
27 Aug 2015   #13
ThrashZone

Win-7-Pro64bit 7-H-Prem-64bit
 
 

Just curious you haven't selected a region or state flag yet on your profile :/
I'm wondering what neighborhood to stay away from
Seems a pretty cleaver fellow is near by possibly ?
My System SpecsSystem Spec
.

27 Aug 2015   #14
papilio

Windows 7 x64
 
 

Quote   Quote: Originally Posted by ThrashZone View Post
Just curious you haven't selected a region or state flag yet on your profile :/
Ha! Done (Minnesota).


Quote   Quote: Originally Posted by ThrashZone View Post
I'm wondering what neighborhood to stay away from
Seems a pretty cleaver fellow is near by possibly ?
Ah, if only it were as innocent as that.
In the words of one IT security specialist with whom I spoke, I appear to have in my system a "top-shelf hacker".

Most curious, especially as I've not experienced any of the more common hacking symptoms, financial/identity theft and so on. The only one of my online accounts which shows clear evidence of unauthorized access is my email, and nothing significant seems to have resulted.

My System SpecsSystem Spec
01 Sep 2015   #15
mdd1963

Windows 7 Home Premium 64 bit
 
 

Let's see them hack in if you're using the Linux Mint 17 Live CD!

Was this computer ever used in any remote tech support issues? (LogmeIn, Teamviewer, AMMY, etc)

1. New router, allow only one wireless user (limited to your MAC address), or , disable wireless altogether (until you get this sorted out)
2. Possible you have some sort of rootkit
- do a search for aswMBR
- and Kasperky's TDSS killer

3. Or, next time reformatting, hook your drive up to external Linux machine to examine all partitions
My System SpecsSystem Spec
05 Sep 2015   #16
papilio

Windows 7 x64
 
 

Quote   Quote: Originally Posted by mdd1963 View Post
Let's see them hack in if you're using the Linux Mint 17 Live CD!
Thank you for the reply mdd1963!

Apologies for not responding sooner ... just after I received the notice of your post my internet connection was lost again, by the time it was restored I had forgotten about the notification until I noticed it again in my inbox this afternoon.


That's definitely worth a shot, thank you for the suggestion.

One of the issues which I've experienced however has been that, even in instances where I've first unplugged my hard drives and disconnected both router and modem, when I've run a Live CD of Ubuntu (or even MiniXP) indications of intrusion were evident on the system by the time the desktop had loaded. I would immediately experience abnormal system behavior (such as an inability to obtain root privileges), and I also discovered numerous entries in the various setup/system event logs written by Ubuntu, a seeming avalanche of critical or fatal error messages toward the end of the setup process.

One more type of event which would seem possible only in the context of a BIOS exploit scenario.



Quote   Quote: Originally Posted by mdd1963 View Post
Was this computer ever used in any remote tech support issues? (LogmeIn, Teamviewer, AMMY, etc)
The laptop was purchased several years ago on eBay so I can't vouch for its history (I recall that the seller claimed to be a student, finding the laptop to be too heavy to carry between classes), but I've not seen any hints of this sort of behavior during most of my ownership. In any case it's been through a good number of drive replacements and clean reinstalls since its purchase -- primarily since my becoming aware of the security breach, but some of this before that point as well.



Quote   Quote: Originally Posted by mdd1963 View Post
1. New router, allow only one wireless user (limited to your MAC address), or , disable wireless altogether (until you get this sorted out)
Unfortunately all of these have been tried without resolving the intrusion issues. I had set up the router just as you suggest, including allowing only one device and disabling wireless. However in the case of the current router, a Linksys E2500, I happened to notice in the IE history (again, I never use IE) that the URLs of one of the browser-based router settings console panels had been visited, specifically the page on which wireless is disabled. Upon attempting to log in to the console myself to look for unauthorized changes I discovered that the access password had been changed and I was locked out. I reset and reinstalled the router, which was merely followed by a repeat of the above events.



Quote   Quote: Originally Posted by mdd1963 View Post
2. Possible you have some sort of rootkit
- do a search for aswMBR
- and Kasperky's TDSS killer
Again, both have been tried with nothing being detected, these along with other rootkit scans such as Sophos.



Quote   Quote: Originally Posted by mdd1963 View Post
3. Or, next time reformatting, hook your drive up to external Linux machine to examine all partitions
Each time I've performed a clean install (7 times in about the past two months) it's been done on a brand new SSD. A return of the intrusion has been evident in each case soon after, in some cases by the time I first get to the fresh desktop and examine the event logs. The installations have been off of OEM CDs obtained by myself directly from Dell.


I don't mean in the least to be dismissive of your intelligent suggestions, I very much appreciate the assistance! Thanks again for your reply.

My System SpecsSystem Spec
Reply

 Is it normal for IE history to log system activity/contents?




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
BSOD during normal browsing activity, BCCode: 1e, Local ID: 1033
I was working on charts (I'm a transcriber) and I was using my office's VPN and using Remote Desktop connection when I got this error after about an hour of using the program. This activity isn't very strenuous. Problem signature: Problem Event Name: BlueScreen OS...
BSOD Help and Support
BSOD randomly from normal computer activity. error 0x00000050
I've been getting the bsod randomly for past few months now and I always thought it was my gpu, untill two days ago I upgraded to new gpu and still got the bsod. Can pc guru here help me out here? thank you in advance, I followed the instruction to post dump file. I hope i did it right.
BSOD Help and Support
BSOD during normal activity on Toshiba Laptop, log uploaded
For the past couple of days, I've been receiving BSOD errors. I happened to notice this is occurring after the latest round of Windows Updates, but I don't know that it's at all related. Any help would be greatly appreciated.
BSOD Help and Support
Is this normal cpu activity?
I've noticed that my cpu activity when idol and no programs open is quite different on my laptop compared to my desktop and i wondered whether this is normal for a laptop. From the images, the desktop one shows literally nothing, it fluctuates from 0-1% when nothing is open. However my laptop...
Performance & Maintenance
Never-ending background(?) harddrive activity - Is this normal?
Greetings. Background: I'm quite new to Windows 7 and even newer (as of a few minutes ago) to sevenforums. I'm not sure if this is the correct place for this question... and it very well may be a laughably stupid question, but here goes . . . I've just finished a clean install of...
Installation & Setup
Random BSOD , from time to time , during normal daily activity!
Hello. I have been experiencing bluee screens of death in the last 9 months. Sometime , at 3-4 days it just happens , randomly. I hope you guys can help me. System specs : Intel Quad Core 2.5 GHZ 8 GB RAM ATi RADEON 5850 HD
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:51.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App