Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Is it normal for IE history to log system activity/contents?

18 Aug 2015   #1
papilio

Windows 7 x64
 
 
Is it normal for IE history to log system activity/contents?

I should begin this by stating that I know I've got security issues. For instance, My BIOS password was changed (and even Dell Tech Support couldn't reset it), the user-side password to access the browser-based settings console to my Linksys router was changed, locking me out (I've quit using the router for now), the built-in Administrator account has been logged into and a password set ... and many other events, but right now I just have a specific question.


I'm on a home PC (Dell L702X) running Windows 7 SP1 and am not knowingly connected to any network (though various monitoring apps on my system are telling me otherwise).

I use Firefox, never IE, but just on a hunch I thought I'd take a look at IE's history. It showed the browser as having visited certain security-related sites which I'd been to, it had been to the IP address of my router console (specifically the wireless security page, where I'd disabled the device's wireless capability) and has also accessed certain documents on my system, typically saved logs and other files related to my attempts at security forensics.

The day after I found this suspicious activity in the IE history, I noticed that IE had switched to private browsing.

Some people with whom I've shared this are speculating that this is probably just one way Windows natively logs certain types of activity, but given what's shown up there I find this suggestion less than tenable.

Is this likely to be the case, or not?


Thank you!


My System SpecsSystem Spec
.
18 Aug 2015   #2
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Who else shares this particular computer with you?

Who else shares your Internet connection in your home? (other computers?)
My System SpecsSystem Spec
18 Aug 2015   #3
papilio

Windows 7 x64
 
 

Quote   Quote: Originally Posted by Jacee View Post
Who else shares this particular computer with you?

Who else shares your Internet connection in your home? (other computers?)

Nobody, and nobody (legitimately, anyway). Nor does anybody have physical access to it.
My System SpecsSystem Spec
.

24 Aug 2015   #4
papilio

Windows 7 x64
 
 

Hi Jacee,

Any more you can add to my original question?

Thank you.
My System SpecsSystem Spec
26 Aug 2015   #5
ThrashZone

Win-7-Pro64bit 7-H-Prem-64bit
 
 

Hi
There have been a few windows updates that gather and send info,
http://www.sevenforums.com/general-d...ows-7-8-a.html
My System SpecsSystem Spec
26 Aug 2015   #6
papilio

Windows 7 x64
 
 

Thank you ThrashZone! Yeah, I'd imagine MS may get a lot of flack for what they've put into Windows 10.

What I've seen with IE however shows up even on fresh installations, not immediately but after I've taken the system online yet before any WUs are installed.
My System SpecsSystem Spec
27 Aug 2015   #7
UsernameIssues

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by papilio View Post
~~~
I'm on a home PC (Dell L702X) running Windows 7 SP1 and am not knowingly connected to any network (though various monitoring apps on my system are telling me otherwise).
~~~
Can you keep the computer off of the internet?

What monitoring apps?

What network(s) did the computer connect to?
My System SpecsSystem Spec
27 Aug 2015   #8
ThrashZone

Win-7-Pro64bit 7-H-Prem-64bit
 
 

Hi,
Not sure about all of the other issues you've encountered but you might review Control panel/ Internet options/ General section and browser history settings button,
There should be three sections
Temporary internet files set it to Never if you don't use ie,
History 0 days
Cache and databases Uncheck use cache.... first set it to 0mb.

Save that and go to Delete button and Check all boxes except for the very top box leave it unchecked,
Apply and okay your way out.

Firefox has it's own setting I'm sure you're aware of

With a click/ click to continue generation too silly to read terms of usage it will take time before people realize what win-10 actually does.
The new Google is where M$ want to be because Google is way more successful and people don't seem to mind all of the spying so M$'s view is join them as Android has proved people really do not care
My System SpecsSystem Spec
27 Aug 2015   #9
papilio

Windows 7 x64
 
 

Quote   Quote: Originally Posted by UsernameIssues View Post
Quote   Quote: Originally Posted by papilio View Post
~~~
I'm on a home PC (Dell L702X) running Windows 7 SP1 and am not knowingly connected to any network (though various monitoring apps on my system are telling me otherwise).
~~~
Can you keep the computer off of the internet?

What monitoring apps?

What network(s) did the computer connect to?
Hi UsernameIssues, thank you for your reply.


I'm variously shown as being connected to Local Area Connection, Local Area Connection 2 and Local Area Connection 3. The IP configurations of each of these have shown up in HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles.


I've installed WinPatrol and GlassWire. I've set WinPatrol to monitor some of the TCP keys in the registry and it's reporting the changes in network configuration which I'm seeing. GlassWire seems to be doing a good job of alerting me to the comings and goings of unknown network devices, changes in DNS settings and other elements of my IP configuration.

A family friend who is a retired programmer with Seagate has also written for me a Python program to monitor a comprehensive list of settings but it hasn't yet shown him enough to allow him to come to any conclusions. He's looking for the hacker's entry point and his feeling currently is that it seems to be a BIOS exploit.

Which brings me to the issue of keeping off of the internet -- I can disable my adapter and even unplug the Ethernet cable from the router, thereby losing my own ability for any internet activity (set up via the router as exclusively Wired and having none of my PC's Wireless adapters installed). Yet evidence of Remote Access, which I've disabled as well as I know how, continues under these conditions.

It is primarily these events which lead my Seagate friend to suspect a BIOS exploit, these along with the apparent absence of such activity before my BIOS was hacked and the password changed.


For a time I was using Windows 8.1 Pro and had locked down system access to some extent via Group Policy, but Event Logs would report changes in the Group Policy profile along with entries reporting Group Policy as having been changed to a shared resource.



I'd not seen evidence of significant tampering with system settings for about the past couple of weeks until a few nights ago when my connection was lost, the Network Troubleshooter reported that my Gateway (ordinarily my router) was unavailable and my Network Adapter had been disabled (this was not displayed in the Device Manager). The diagnostic details reported the Gateway as being located on an unknown remote host.




Quote   Quote: Originally Posted by ThrashZone View Post
Hi,
Not sure about all of the other issues you've encountered but you might review Control panel/ Internet options/ General section and browser history settings button,
There should be three sections
Temporary internet files set it to Never if you don't use ie,
History 0 days
Cache and databases Uncheck use cache.... first set it to 0mb.

Save that and go to Delete button and Check all boxes except for the very top box leave it unchecked,
Apply and okay your way out.

Firefox has it's own setting I'm sure you're aware of

With a click/ click to continue generation too silly to read terms of usage it will take time before people realize what win-10 actually does.
The new Google is where M$ want to be because Google is way more successful and people don't seem to mind all of the spying so M$'s view is join them as Android has proved people really do not care

Thank you ThrashZone, very helpful info to have. My understanding of networks, their settings and issues is still quite elementary.


What I'm hoping to learn currently is whether the activities in the IE history (and a good number of other suspicious settings, registry changes and Event Log entries) are just normal Windows behavior which I'd not yet noticed, or whether they might point to evidence of the intrusion which I'm experiencing.
My System SpecsSystem Spec
27 Aug 2015   #10
papilio

Windows 7 x64
 
 

ThrashZone,


p.s. Going into Internet Settings and making the changes which you suggest reminded me that I had initially done some of those things upon first discovering the activity in IE history. The following day I noticed that IE had been changed to Private Browsing.
My System SpecsSystem Spec
Reply

 Is it normal for IE history to log system activity/contents?




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
BSOD during normal browsing activity, BCCode: 1e, Local ID: 1033
I was working on charts (I'm a transcriber) and I was using my office's VPN and using Remote Desktop connection when I got this error after about an hour of using the program. This activity isn't very strenuous. Problem signature: Problem Event Name: BlueScreen OS...
BSOD Help and Support
BSOD randomly from normal computer activity. error 0x00000050
I've been getting the bsod randomly for past few months now and I always thought it was my gpu, untill two days ago I upgraded to new gpu and still got the bsod. Can pc guru here help me out here? thank you in advance, I followed the instruction to post dump file. I hope i did it right.
BSOD Help and Support
BSOD during normal activity on Toshiba Laptop, log uploaded
For the past couple of days, I've been receiving BSOD errors. I happened to notice this is occurring after the latest round of Windows Updates, but I don't know that it's at all related. Any help would be greatly appreciated.
BSOD Help and Support
Is this normal cpu activity?
I've noticed that my cpu activity when idol and no programs open is quite different on my laptop compared to my desktop and i wondered whether this is normal for a laptop. From the images, the desktop one shows literally nothing, it fluctuates from 0-1% when nothing is open. However my laptop...
Performance & Maintenance
Never-ending background(?) harddrive activity - Is this normal?
Greetings. Background: I'm quite new to Windows 7 and even newer (as of a few minutes ago) to sevenforums. I'm not sure if this is the correct place for this question... and it very well may be a laughably stupid question, but here goes . . . I've just finished a clean install of...
Installation & Setup
Random BSOD , from time to time , during normal daily activity!
Hello. I have been experiencing bluee screens of death in the last 9 months. Sometime , at 3-4 days it just happens , randomly. I hope you guys can help me. System specs : Intel Quad Core 2.5 GHZ 8 GB RAM ATi RADEON 5850 HD
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:15.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App