Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Can spyware see what you did before the spyware was installed?

Question: If spyware is installed by malicious websites, or maybe even the government, is that spyware able to track internet information which had existed before the spyware was installed?

Ultimately, it really depends on exactly what you mean by “internet information”.

It’s important to realize that malware can do anything it wants to on your computer and can access anything that is stored on it.

That, in and of itself, exposes some historical information; but it might also be a foot in the door for more.

Become a Patron of Ask Leo! and go ad-free!

Echoes of the past

There’s a fair amount of historical information that’s commonly stored on your machine.

Your browser history is perhaps the most obvious example. And yes, malware can access anything on your machine, so it can access that. Other things might include, perhaps, the recent documents list in Windows or other applications which might show what you’ve been working on for some period of time in the past.

The recycle bin is another good example. In fact, the recycle folder in your email program is another potential source for information that could be accessed by spyware. More complex software could, I suppose, even look at things like your cookies or your browser cache and determine the sites that you’ve been visiting and perhaps some of what you had looked at while you were at those sites.

And yes, all of this happened before the malware was installed, it’s just reporting back the information that it finds on your machine.

Someone's Peeking!Visiting the past … online

But there’s an interesting scenario that I actually hadn’t considered until I thought about your question.

Malware can do anything – and thus it can record your keystrokes or however it is that you login to, say, your email program. (“Keyloggers” is the common term for this type of spyware, although they often now log much, much more than keystrokes.) So, the malware can capture the username and password to any account you log in to. That then, when reported back to the malware’s originator could allow them to log in to and access your email including your email history, if it happens to be stored online.

In fact, if you use a service like Google that integrates search, email, and more under one account, they might be able to access your search and other history depending on what services you used and what options have been set. If you have a Google account that you’re normally logged into, check out, for an idea of the information that’s been saved.

So the short answer is yes, spyware can do whatever it wants on your machine, including looking at the files and records of your previous actions that might be stored on the machine.

As to whether or not there’s spyware that actually does such things, I’m skeptical. Hackers are more commonly after simpler stuff. But nonetheless, it’s yet another reason to keep your machine updated and your anti-malware tools and practices running and up to date.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

2 comments on “Can spyware see what you did before the spyware was installed?”

  1. This is why it’s a good idea to get in the habit of regularly emptying your browser cache and cleaning out your Recycle Bin in Windows and emptying trashcans in applications (especially email applications) installed locally and on line. I do it at least once a week, more often if I feel I need to. There are other things, too, like purging most-recently used lists. You can install an app like CCleaner to give a “one-stop shop” for it all.

  2. i checked out in Google and nothing was found. i mean no info at all, nothing came up. no messages matched your search.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.