iamevilhomer

We have an employee who's computer shows no history for last friday. We have had him in for a meeting and he has denied manually deleting the history saying it must have happened some other way.No one else had access to the computer that day.

Is there anyway i can see when or how the history was deleted?

Ant

If you wanna know what sites he's been on can you not look at his cookies

phil_wrx

iTrader: (2)

why is it an issue? has he been naughty?

iamevilhomer

Cookies are showing nothing, which makes me think he deleted those too.

Hes only with us 2 months and its and issue of trust, he should not feel the need to delete the history and then lie directly to us, simple as that.

EddScott

If its a question of trust why look in the first place?

What would be a sackable offence anyway? **** obviously but what about scoobynet?

suba

can you not undelete it? (using 3rd party software)

Kieran_Burns

iTrader: (1)

more to the point - why don't you have Web Monitoring software in place?

hodgy0_2

have you just looked in his browser or have you looked in his user profile

C:\Documents and Settings\%username%\Local Settings\Temporary Internet Files

or C:\Documents and Settings\%username%\Local Settings\Temporary Internet Files\Content.IE5

the "History" directory is marked "invisible" by default, so it's likely that you won't find it by default. You'll need to enable viewing hidden files in Windows Explorer, or searching for Hidden Files when you perform a search. In a Command Prompt, you can simply "CD" to it, even if you don't see it.

Dracoro

Gotta love the irony of this!

Trust goes both ways.

He doesn't trust you so he deletes his history.

His mis-trust is completely justifiied in that you've been poking round his computer

Anyway, it could be as simple as he likes to check his personal e-mail or jump on scoobynet every now and again but isn't sure what you will think of this (is it ok or not?) so to "play safe" he's deleting his tracks.

If this is a no-no in your company (fair enough) then you need something more sophisticated to monitor users web activity.

Woosh!

Anyway iamevilhomer what are you doing on scoobynet during work hours?
Leading by example are we

NOW GET BACK TO WORK!!! (just kidding)

Dedrater

If the lad is out smarting the network administrators on there own network, then I say fair play to the lad.

judgejules

Undelete 2009 Home Edition - Instant File Recovery

Install it into another partition/drive or flash drive so you dont overwrite any of the data you want to recover. Point it at C: and let her rip. Unless he's used an app to cover his tracks and not just deleted them through the browser interface then it will find it all.

J

iamevilhomer

There are no admin staff , we are a small company. On his 3rd week he was found to be visitng sites he should not have been on at a time when he had work to do. He was also told that he should not delete the history.

In terms of irony i really cant see the point. I own the company and work from 7.20am to 10pm everyday. He is a new employee and all aspects of his peformance will be monitored.It is also my computer, not his.

I have had a real good look at the computer this morning and cant find anything untoward so far, but i will do a search for hidden docs etc tomorrow.

Tenby

iTrader: (1)

You can use a keylogger and screenshot snapper to keep exact tabs of what he is upto. it will also tell you if he is manually deleting.

Tenby

iTrader: (1)

I'm with you. its your money and your equipement

boxst

And what are you going to do if you find something? It seems like a very large amount of work for absolutely no gain.

If you don't like him and you obviously don't trust him, then just remove him as he has only been there a few weeks.

Steve

judgejules

Just install UltraVNC: Remote Support Software, Remote Support tool, Remote Desktop Control, Remote Access Software, PC Remote Control one night, disable the tray icon and delete the menu items so he doesnt know its installed, and you can drop in on his PC desktop from anywhere you can access the office network.

P.S. I hope you have an employee handbook or induction documentation that explains what he can and cant do on his PC. This will be needed if you fire him and it goes to tribunal, as he'll just lie through his teeth and claim you never told him that he couldnt visit those sites etc.

Miniman

iTrader: (2)

I think you may be going about this the wrong way with respect to the employee and changing the way he works.

But you can change the amount of days history is retained on IE (I presume you are using IE). Just go to Tools - Internet Options and it's on the first tab at the bottom, it goes down to 0 days, so I assume that each time you start IE it removes the history. Is this turned on?

Also Firefox has "privacy" options for which can close history (and temp folders etc) after closing.

Lastly he might be using a Web Proxy, though I expect that the proxy would at least show in the History even if none of the other pages via through the proxy were in there.

GC8

If you had a proper internet use policy then this wouldnt happen surely?

scoobymad555

iTrader: (1)

small companies rely on trust .... if you don't trust him, ditch him.

alternatives are as already suggested by previous posts or, you employ a more structured approach to your overall system and introduce servers that are able to control and log your users activities. Doesn't necessarily need to be expensive but does require knowledge and maintenance

IWatkins

Considered the possibility he simply didn't go online/use the browser at all on Friday ?

scoobymad555

iTrader: (1)

^^ fair point .... that didn't cross my mind lol

jaytc2003

iTrader: (1)

if he doesnt need the internet then just block the connection via the router/network

Dedrater

Don't just stop at blocking his internet, block his mobile too

High Power Office Cellular Jammer.

Andy Tang

iTrader: (3)

If you want a cost effective web filtering solution, drop me a PM

mykp

I come across this all the time. Emplyees doing jack all work as there surfing facefook or similair.

First off get your policy updated as suggested above, if you have a router why not setup a schedule which limits certain sites to certain time of the day, say dinner time. Otherwise setup a proxy to which all the traffic on the office machines passes through, allowing you to monitor, filter, block.....

As for the employee PCs, setup some kind of policy on their login which again limits access to certain programs or services.

Theres lots of solutions out there to do these things but even as a small company you should have a user access policy which all employees have as part of their contract. I do and it does not allow the use of social networking sites at any time, the use of MSN or similair for personal use. We also block certain websites from 9am to 12noon and 1pm to 5pm.

Sonic'

Ive just issued our AUP for Internet and Email, and even though we have specifically told one member of staff continously that he must not use Facebook / MSN etc he still does, so it has now been blocked and he is on a final warning

Now he has started to come into work, read the paper on works time, go out every hour for a *** break, and takes his full hour lunch to go on facebook / msn in the unrestricted internet cafe

He is on borrowed time, and has been sacked once already

As others have said, why go to all that trouble if you are such a small company, if you cant trust each other now, you probably never will, so get shut of him and get someone else, failing that issue an IT policy, get him to sign it and then install eblaster on his PC, and then sack him

scoobynutta555

Nice bit of software

sti-04!!

Homer - would your time not be better spent working on your company rather than not trusting an employee. I see your point in terms of trust blah blah, but i own a few businesses & if my employee's want to have a gander at something while working then so be it.
Why dont you try www.iwantarobotnotahumanbeing.co.uk next time your looking for staff.

sti-04!!

Sack him Steve. He's had a warning, he hasnt taken it in. He's a tosser.