Technology in terms you understand. Sign up for my weekly newsletter, "Confident Computing", for more solutions you can use to make your life easier. Click here.

Can spyware see what you did before the spyware was installed?

//
If spyware is installed by malicious websites, or maybe even the government, is that spyware able to track internet information which had existed before the spyware was installed?

Ultimately, it really depends on exactly what you mean by “internet information”.

It’s important to realize that malware can do anything it wants to on your computer and can access anything that is stored on it.

That, in and of itself, exposes some historical information; but it might also be a foot in the door for more.

Become a Patron of Ask Leo! and go ad-free!

Echoes of the past

There’s a fair amount of historical information that’s commonly stored on your machine.

Your browser history is perhaps the most obvious example. And yes, malware can access anything on your machine, so it can access that. Other things might include, perhaps, the recent documents list in Windows or other applications which might show what you’ve been working on for some period of time in the past.

The recycle bin is another good example. In fact, the recycle folder in your email program is another potential source for information that could be accessed by spyware. More complex software could, I suppose, even look at things like your cookies or your browser cache and determine the sites that you’ve been visiting and perhaps some of what you had looked at while you were at those sites.

And yes, all of this happened before the malware was installed, it’s just reporting back the information that it finds on your machine.

Someone's Peeking!Visiting the past … online

But there’s an interesting scenario that I actually hadn’t considered until I thought about your question.

Malware can do anything – and thus it can record your keystrokes or however it is that you login to, say, your email program. (“Keyloggers” is the common term for this type of spyware, although they often now log much, much more than keystrokes.) So, the malware can capture the username and password to any account you log in to. That then, when reported back to the malware’s originator could allow them to log in to and access your email including your email history, if it happens to be stored online.

In fact, if you use a service like Google that integrates search, email, and more under one account, they might be able to access your search and other history depending on what services you used and what options have been set. If you have a Google account that you’re normally logged into, check out history.google.com/history, for an idea of the information that’s been saved.

So the short answer is yes, spyware can do whatever it wants on your machine, including looking at the files and records of your previous actions that might be stored on the machine.

As to whether or not there’s spyware that actually does such things, I’m skeptical. Hackers are more commonly after simpler stuff. But nonetheless, it’s yet another reason to keep your machine updated and your anti-malware tools and practices running and up to date.

2 comments on “Can spyware see what you did before the spyware was installed?”

  1. This is why it’s a good idea to get in the habit of regularly emptying your browser cache and cleaning out your Recycle Bin in Windows and emptying trashcans in applications (especially email applications) installed locally and on line. I do it at least once a week, more often if I feel I need to. There are other things, too, like purging most-recently used lists. You can install an app like CCleaner to give a “one-stop shop” for it all.

  2. i checked out history.google.com/history in Google and nothing was found. i mean no info at all, nothing came up. no messages matched your search.

Leave a reply:

Before commenting please:

  • Read the article. Comments indicating you've not read the article will be removed.
  • Comment on the article. New question? Start with search, at the top of the page. Off-topic comments will be removed.
  • No personal information. Email addresses, phone numbers and such will be removed.
  • Add to the discussion. Comments that do not — typically off-topic or content-free comments — will be removed.

All comments containing links will be moderated before publication. Anything that looks the least bit like spam will be removed.

I want comments to be valuable for everyone, including those who come later and take the time to read.