Can a system admin log into my PC and sees all my browsers open tab and access all files on my C drive?

> ...see all the tabs I have open in my browsers...
Something like CMDOW can do this. http://sourceforge.net/projects/cmdow/

> ...and have access to all my files in my C drive
Yes. Not sure but, I think EFS, if used, prevents this. http://en.wikipedia.org/wiki/Encrypting_File_System

Yes they can login to your machines as them by switching users. If they have the correct rights they can access your local files via the C drive. The only way they could login as you is to change your password (providing you're in a domain environment)

But they wont be able to wipe/check your browser history i believe...

That question can be answered many ways depending on a number of factors.

1. Does the system admin know your password?  Then yes they can log into your system and see what you have running.

2. Does your system have any remote control software running such as VNC? Then yes it is possible for them to access your system and see what you have running. It would depend on the software/settings of the remote control software.

Those would be the only two ways that I am aware of that the admin would be able to "see all the tabs I have open in my browsers"

As for "have access to all my files in my C drive" again this depends on a number of factors.

1. Both replies above apply

2. Is the computer on a domain? If yes then the domain admin can see what files are there by simply opening the computer's administrative share remotely

3. Do you have your drive shared? If so then if the security is set to permit him/her access then they can browse to that share.

Checking browser history just needs access to the drive.  It is all in a folder just like your favorites.

All can be done from remote if you are admin. So, yes, if he wanted, he could.
With default settings, even your plain text password can be read out in seconds on win7.

Okay for them to see my browsers history.  I have my personal gmail opened sometimes and my personal files on the google drive.  I was wondering if they can see that?

My C drive property:
1. shows that drive is not shared.
2. Security tab shows "System", "computername\Administrators" both have full access.
3.   "computername\users" have read\execute, List folder content and Read permission

So, looks like any one who logs into my pc can at least read all my files.  Who is "System" is that the system admin?
Thank you.

No, they don't have my password for sure.

System is the account used by the os itself. Dont change anythinf related to that.

I typed in net share in cmd and this is what I got.  Does that mean admin can remote into my pc any time and see my gmail and google drive docs unless I logged off?  Sometimes I forget to log off before I go home.  It seems like an invasion of my privacy.

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\>net share

Share name   Resource                        Remark

-------------------------------------------------------------------------------
C$           C:\                             Default share
IPC$                                         Remote IPC
ADMIN$       C:\windows                      Remote Admin
The command completed successfully.


C:\>

Let me just clarify that, are you saying no one can log into my pc, not even system admin, and access my gamil account tab even if I left it log in?  This is most important to me.  I'm not concern much about the C drive.
Thank you.

"It seems like an invasion of my privacy."

First of all you have to remember that the computer belongs to the company. The company is liable for and therefore has a right to know anything that is done on it. This extends to the internet connection as well.    It is never a good idea to access personal stuff from a device not owned by you.  

1. someone needs to have your password - a good password hack program can probably get this
2. The admin can change your password and then log in - you would know the next day when your password doesn't work.

EDIT:  Forgot I also mentioned VNC or other remote software would permit access without ever touching your system they could see what you have open.

Somebody could just reset your password then login as you and open up your browsers to check your history and any sites you've stayed logged into. If you're on a work computer, then you must know it is not your computer and you should not put or do anything personal on there.

Also, as far as the C: drive is concerned, somebody can download a bootable Linux ISO and browse all over your hard drive without having to worry about any of that pesky Windows security.

If you have files you want to keep hidden, then keep them on a flash drive and disconnect that drive whenever you leave the computer.

Even without opening your browser as the user itself its easy peasy to check the history of visited pages. just logon the pc as admin and copy the profile of the browser and import it to the admins browser, et voila all history can be seen.
Admin then also has access to all pages you are logged it via saved passwords or cookies.

If your pc has something like vnc installed admin also can see your screen from remote.
he also could temporarly reset your password to something he knows, logon as you and then put back your old password. However this requires a reboot as the sam isnt accesible from the running windows itself.

Admin also could secretly hijack your ssl encrypted connections and read all things you read on the web, even on https, if he wants.
To prevent this you need to check and compare fingerprints on the certificates every time you use ssl. Just trusting the browser is not enough the browser could trust the cert put there by the admin.

If you really have privae things nobody else should know, then its better not to open that stuff in your company, or use your mobile with your own dataplan and not the companies wifi.

All you describe above is illegal in many countries, including the EU. Having something private in locked drawer in your office does not allow anyone to break it without very good reason, and it is the same with data on the machine.

I know it is different in the US, where even installing keyloggers etc. is legal if the machines are business property.

Leaving aside legal issues, a versed admin can always apply some forensics like in-memory search, process analysis including connections, and many things more. What an admin cannot do with VNC etc. is to see your screen if it is locked, opposed to what has been said above.

"What an admin cannot do with VNC etc. is to see your screen if it is locked, opposed to what has been said above."
Oh yes. Simply logon as admin, (parking the current session), run mimikatz and you have the plain text password of the user without cracking it. Now logon as him, he'll never even know.

That is cracking. and hence illegal :p

Qlemo:  Very good points.

 In the US you would need a very good reason to "break into" a drawer that is locked however what is done on a computer is not considered the same. Since it belongs to the company the company is liable for what is done on it such as using it to conduct illegal activities. In middle to large companies an individual is required to read and acknowledge a computer use policy.  

Unfortunately I think this comes down very much to legal issues.

It is possible, within seconds, illegal or not. The asker should be aware of that.

It's important that I let all experts know that I am not conducting any illegal activity on my work PC.

I have personal files, information that I think it's wrong if they can get to them because I didn't log out of my gmail account if they can access them.  

I also have files in Google relating to HR issues at work that's why I'm concerned.  Company accessing browser history or files on my C drive is fine.  I know it's legal issue if they can or cannot see my google emails and documents and that is out of scope here.

 I'm just tying to find out if a system admin can see my google emails and docs if I didn't log off and the answer I got says yes they can by various way and methods even without my password.  It is against our company policy to have anyone's login credential for privacy reason but that doesn't say system admin cannot get into my sessions.

I don't do any person stuff on my pc except recently I have to document for my own protection relating to my job and I want to keep those private and confidential until I need to reveal them, that's all.


Thank you to all experts' input and help.  I learned so much about security and what little private security at a company PC.  All very good stuff to know.

PS. If you dont logout from google, your admin can even read your gmail if you shutdown your PC. He just needs to copy your browser profile and is then logged into your g-mail account in his browser.

So After you have dont your tasks in google you better logoff.

I wish I can give all responded experts 500 points.

Thank you Andreas for the last posting.  That is very helpful.  I would have given you credit if I saw that before I gave credit because that is a very important point.

Glad we could shed some light for you.  Basically privacy/security is ultimately a "pipe dream" that we all like to believe in but with more technology there is less of both. You really have to work at it.

I'm not careing about credit or points, its just important to find a workable solution and to learn :)

Yes, it's astounding to learn from this thread about that there is no privacy at work even if it's personal gmail.  Very good information and really every experts' great input.