Avatar of wlacroix
wlacroix asked on

IE history viewer

We used to use IEhistory viewer, but with the changes to IE 10 it no longer functions.

From a network perspective does anyone have remote tools that can view a users internet history.

We have 150 machines, and they do get monitored. If my boss comes to me and asks for a history I will pull it.

In this case, I cant.....
In most cases I will put in the UNC and up it comes. \\IP ADDRESS\c$\Users\%username%\AppData\Local\Microsoft\Windows\history
Web BrowsersNetworking

Avatar of undefined
Last Comment

8/22/2022 - Mon
Michael Dyer

This history viewer says it supports IE 10:


Have you considered implementing a proxy, such as Squid?  Client-side browsing history can easily be cleared and/or manipulated.

When you say it no longer functions, I understand it used to work before you installed IE 10 so you know how to use it.  Perhaps uninstall History Viewer and reinstall?
I use HV and it works with my IE 10.
When you pull History, what do you want to see?

I have not tried this with IE10, but you might
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes

We are talking a few different applications here. IE history viewer has not been updated in a long time, I am looking at the history viewer one suggested right now. but as a network administrator it does not all me to remote view the users history.

I have access to all computers \\computer_name\c$ for example then I can drill down into the users directory and access the history file etc.

IE history viewer allowed me to specify a location. So I would navigate to the users directory and copy and paste the UNC.

the nirsoft one is the software we used to use.

it has not been updated since 2011 and 1.7 does not work with IE 10. If anyone else can test this please that would be great.

We have never tried a proxy server, but it might not be a bad idea.

With a properly configured proxy you'll be able to see *all* HTTP/HTTPS traffic on your network; including traffic from BYOD's, VM's, and InPrivate browsing sessions.  Transparently redirecting traffic will minimize client-side configuration.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.

I cant see the squid proxy being a simple thing to put up in my environment. At least as I understand it. And at least as it sits at this point in time. I run more than 50 subnets all with a single internet gateway. Why they did not have a proxy in place when I got here I will never know.

We don't monitor internet, until its requested. I dont have time to babysit a user.
We do block groups and websites like FB etc etc....

In this case, I have been asked to collect a managers browsing history, he is using IE10. Managers are part of the unblocked list, meaning they can surf the internet to any site, UN-fettered, UN-restricted and free. They are managers after all, they should know right from wrong.

Now I do have the power to go ask the user to step away from his computer and run the History viewer directly on his user, but that makes them suspicious and they start to delete files and what not because they think they are getting fired for obviously guilty actions.

In most of the cases all I have been asked for is to collect the data, I cant collect it in this case without alerting the user due to the IE 10 change.
If I already had a proxy in place it would be great...but I dont....

I poked around with history viewer more, and you cant even sort the URL history. Its a good application pulling multi browsers but it needs some refinement for sure.

Any other ideas on this one?
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck

Not specifically for remote viewing.  You can get History from the index.dat file in Temporary Internet files
The index.dat file you want to see are the four or more in the Temporary Internet Files\Content.IE5 folders .
You will need a viewer to read the index.dat files.  A couple suggestions are

So you copy these files over to a temp folder then use winspy to open them?

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question


I want to do this against other users machines on my network, they are not to know I am doing it.
SO...I either use a UNC path to access it \\computername\c$\blah blah
I copy the files local then use the program to open.

Is this correct thinking?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.

wlacroix--Either would probably work, but why not install History Viewer and then hide it?

And you probably have noticed there is also a History link on the left panel.  The weakness to it is that a user can delete History, whereas  Index.dat is very difficult to delete even if the user knows about it.

I am trying to find an answer for remote viewing of the History for users as well.. but thought I would comment that you can prevent users from deleting their IE browser History by using Group Policy.. I successfully did this in a 2008 domain..

Create a GP .. link to entire domain .. expand computer Config, Admin Templates, Windows Components, Internet Explorer, Delete Browser History ..

Then edit these three keys..

Prevent deleting websites that the user has visited (change to Enabled)
Allow Deleting browsing history on exit (Disabled)
Delete Configuring History (Enabled and set the numbers of days you want to keep)

Leave all other keys as Not Configured .. this allows the users to still delete cookies etc.. but forces History to be grayed out and they can't touch that setting..

If any one has found a way to view the history remotely please update this..