Can a system admin log into my PC and sees all my browsers open tab and access all files on my C drive?

Hi,
I have Windows 7 on my PC.  I alt-ctl-del to lock my pc when I go home.  I'm just wondering if someone with system admin permission can log into my pc and see all the tabs I have open in my browsers and have access to all my files in my C drive?

Thank you.
lapuccaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

NVITCommented:
> ...see all the tabs I have open in my browsers...
Something like CMDOW can do this. http://sourceforge.net/projects/cmdow/

> ...and have access to all my files in my C drive
Yes. Not sure but, I think EFS, if used, prevents this. http://en.wikipedia.org/wiki/Encrypting_File_System
0
RizzleCommented:
Yes they can login to your machines as them by switching users. If they have the correct rights they can access your local files via the C drive. The only way they could login as you is to change your password (providing you're in a domain environment)
0
RizzleCommented:
But they wont be able to wipe/check your browser history i believe...
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Steven CarnahanNetwork ManagerCommented:
That question can be answered many ways depending on a number of factors.

1. Does the system admin know your password?  Then yes they can log into your system and see what you have running.

2. Does your system have any remote control software running such as VNC? Then yes it is possible for them to access your system and see what you have running. It would depend on the software/settings of the remote control software.

Those would be the only two ways that I am aware of that the admin would be able to "see all the tabs I have open in my browsers"

As for "have access to all my files in my C drive" again this depends on a number of factors.

1. Both replies above apply

2. Is the computer on a domain? If yes then the domain admin can see what files are there by simply opening the computer's administrative share remotely

3. Do you have your drive shared? If so then if the security is set to permit him/her access then they can browse to that share.

Checking browser history just needs access to the drive.  It is all in a folder just like your favorites.
0
McKnifeCommented:
All can be done from remote if you are admin. So, yes, if he wanted, he could.
With default settings, even your plain text password can be read out in seconds on win7.
0
lapuccaAuthor Commented:
Okay for them to see my browsers history.  I have my personal gmail opened sometimes and my personal files on the google drive.  I was wondering if they can see that?

My C drive property:
1. shows that drive is not shared.
2. Security tab shows "System", "computername\Administrators" both have full access.
3.   "computername\users" have read\execute, List folder content and Read permission

So, looks like any one who logs into my pc can at least read all my files.  Who is "System" is that the system admin?
Thank you.
0
lapuccaAuthor Commented:
No, they don't have my password for sure.
0
RizzleCommented:
System is the account used by the os itself. Dont change anythinf related to that.
0
McKnifeCommented:
I repeat: ALL can be done. No matter how it is setup. If I have your computer's administrator pw, I will reset anything you might have setup to protect yourself.
c is shared automatically, by the way. If you start a command line and type
net share
you will see "c$", that's the hidden administrative share name for c.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
lapuccaAuthor Commented:
I typed in net share in cmd and this is what I got.  Does that mean admin can remote into my pc any time and see my gmail and google drive docs unless I logged off?  Sometimes I forget to log off before I go home.  It seems like an invasion of my privacy.

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\>net share

Share name   Resource                        Remark

-------------------------------------------------------------------------------
C$           C:\                             Default share
IPC$                                         Remote IPC
ADMIN$       C:\windows                      Remote Admin
The command completed successfully.


C:\>
0
Steven CarnahanNetwork ManagerCommented:
"c is shared automatically, by the way. If you start a command line and type
 net share
 you will see "c$", that's the hidden administrative share name for c. "

That is true as I mentioned previously however it should require admin privilege to access unless someone changes the permissions on it.

Yes "system" account is used for tasks the OS performs.  For example a defrag in the middle of the night.
0
RizzleCommented:
Like i said previously for that stuff they would literally need to login as you. An admin can access the c drive and therefore can access your files If they wanted to.

The net share command only shows the admin and normal shares hosted on that machine. The dollar sign after the c is denoting the admin share.
0
lapuccaAuthor Commented:
Let me just clarify that, are you saying no one can log into my pc, not even system admin, and access my gamil account tab even if I left it log in?  This is most important to me.  I'm not concern much about the C drive.
Thank you.
0
Steven CarnahanNetwork ManagerCommented:
"It seems like an invasion of my privacy."

First of all you have to remember that the computer belongs to the company. The company is liable for and therefore has a right to know anything that is done on it. This extends to the internet connection as well.    It is never a good idea to access personal stuff from a device not owned by you.  

1. someone needs to have your password - a good password hack program can probably get this
2. The admin can change your password and then log in - you would know the next day when your password doesn't work.

EDIT:  Forgot I also mentioned VNC or other remote software would permit access without ever touching your system they could see what you have open.
0
William FulksSystems Analyst & WebmasterCommented:
Somebody could just reset your password then login as you and open up your browsers to check your history and any sites you've stayed logged into. If you're on a work computer, then you must know it is not your computer and you should not put or do anything personal on there.

Also, as far as the C: drive is concerned, somebody can download a bootable Linux ISO and browse all over your hard drive without having to worry about any of that pesky Windows security.

If you have files you want to keep hidden, then keep them on a flash drive and disconnect that drive whenever you leave the computer.
0
andreasSystem AdminCommented:
Even without opening your browser as the user itself its easy peasy to check the history of visited pages. just logon the pc as admin and copy the profile of the browser and import it to the admins browser, et voila all history can be seen.
Admin then also has access to all pages you are logged it via saved passwords or cookies.

If your pc has something like vnc installed admin also can see your screen from remote.
he also could temporarly reset your password to something he knows, logon as you and then put back your old password. However this requires a reboot as the sam isnt accesible from the running windows itself.

Admin also could secretly hijack your ssl encrypted connections and read all things you read on the web, even on https, if he wants.
To prevent this you need to check and compare fingerprints on the certificates every time you use ssl. Just trusting the browser is not enough the browser could trust the cert put there by the admin.

If you really have privae things nobody else should know, then its better not to open that stuff in your company, or use your mobile with your own dataplan and not the companies wifi.
0
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
All you describe above is illegal in many countries, including the EU. Having something private in locked drawer in your office does not allow anyone to break it without very good reason, and it is the same with data on the machine.

I know it is different in the US, where even installing keyloggers etc. is legal if the machines are business property.

Leaving aside legal issues, a versed admin can always apply some forensics like in-memory search, process analysis including connections, and many things more. What an admin cannot do with VNC etc. is to see your screen if it is locked, opposed to what has been said above.
0
McKnifeCommented:
"What an admin cannot do with VNC etc. is to see your screen if it is locked, opposed to what has been said above."
Oh yes. Simply logon as admin, (parking the current session), run mimikatz and you have the plain text password of the user without cracking it. Now logon as him, he'll never even know.
0
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
That is cracking. and hence illegal :p
0
Steven CarnahanNetwork ManagerCommented:
Qlemo:  Very good points.

 In the US you would need a very good reason to "break into" a drawer that is locked however what is done on a computer is not considered the same. Since it belongs to the company the company is liable for what is done on it such as using it to conduct illegal activities. In middle to large companies an individual is required to read and acknowledge a computer use policy.  

Unfortunately I think this comes down very much to legal issues.
0
McKnifeCommented:
It is possible, within seconds, illegal or not. The asker should be aware of that.
0
lapuccaAuthor Commented:
It's important that I let all experts know that I am not conducting any illegal activity on my work PC.

I have personal files, information that I think it's wrong if they can get to them because I didn't log out of my gmail account if they can access them.  

I also have files in Google relating to HR issues at work that's why I'm concerned.  Company accessing browser history or files on my C drive is fine.  I know it's legal issue if they can or cannot see my google emails and documents and that is out of scope here.

 I'm just tying to find out if a system admin can see my google emails and docs if I didn't log off and the answer I got says yes they can by various way and methods even without my password.  It is against our company policy to have anyone's login credential for privacy reason but that doesn't say system admin cannot get into my sessions.

I don't do any person stuff on my pc except recently I have to document for my own protection relating to my job and I want to keep those private and confidential until I need to reveal them, that's all.


Thank you to all experts' input and help.  I learned so much about security and what little private security at a company PC.  All very good stuff to know.
0
andreasSystem AdminCommented:
PS. If you dont logout from google, your admin can even read your gmail if you shutdown your PC. He just needs to copy your browser profile and is then logged into your g-mail account in his browser.

So After you have dont your tasks in google you better logoff.
0
lapuccaAuthor Commented:
I wish I can give all responded experts 500 points.
0
lapuccaAuthor Commented:
Thank you Andreas for the last posting.  That is very helpful.  I would have given you credit if I saw that before I gave credit because that is a very important point.
0
Steven CarnahanNetwork ManagerCommented:
Glad we could shed some light for you.  Basically privacy/security is ultimately a "pipe dream" that we all like to believe in but with more technology there is less of both. You really have to work at it.
0
andreasSystem AdminCommented:
I'm not careing about credit or points, its just important to find a workable solution and to learn :)
0
lapuccaAuthor Commented:
Yes, it's astounding to learn from this thread about that there is no privacy at work even if it's personal gmail.  Very good information and really every experts' great input.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 7

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.