Here's a question: I did my own examination of my PC for whatever personal info may be stored there, especially stuff I don't know is there. What I found is troubling and I would like to do something, the best thing, about it. I did the inventory because I started getting SPAM (I don't respond to SPAM) not only with my name in the subject line but in some cases also my home address. I've gone to web sites and seen them tailored with things like the name of my home town. These are not web sites that I "registered" with, so this had to have been done on the fly ... very scary! I found multiple files on my PC with this stuff (name, address, zip, etc). I guess the files may have been generated by registering software and such. Can I just delete the files without affecting app's functionality, or is there a better method?

:confused:

I could drive myself crazy with the potential losses, I take concrete steps to protect the stuff.
Run at least one firewall that is hardware based.
Run at least one firewall that is software based to control outgoing packets.
Run updated AntiVirus program.
Run two anti Spyware programs to remove the crud, run alternately with a reboot between.
Don't click links on web pages on unknown sites.
Don't click links in e-mails.
Tighten IE zones to show My Computer and set active X tighter.
Keep Windows patches up to date.
Register most programs with a psedodnym, or spell your name wrong, anything to make it harder for the bad guys.
Use an alternate browser to minimize IE exploit exposures.
Remove sensitive files to a USB flash drive (keyfob).
Image the hard drive and do backups of the data.

If you are still worried get XP Pro and use encription for your stuff.

pop pop,
we would have to have a bit more detail on the files and programs in question. Maybe something you would not want to go into detail here with ;) The registration process of software can certainly generate valuable information on you that some businesses would be happy to pay for (remember my marketing speach :eek: :D ). A defining circumstance here is this- If the registration was necessary to activate the software, then you most likely need those files as they contain a code that keeps the software active. If activation was not part of it, you can probably clear them safely. I would do a bit more investigation and preparation before deleting anything though. Save any personal files from a particular program to disk or flash drive, delete the registration (or other questionable) files, test the program for functionality. If all is well, restore personal files. If not, reregister the program and go from there.
You could also make a note to yourself in these files to NOT DELETE.

Good luck
Frank

Your suggests are appreciated. Most of them I have been doing for a long time, some I have only done recently, and one I have not done yet but will once I learn the best way.

Run at least one firewall that is hardware based. DONE ... as of two weeks ago.
Run at least one firewall that is software based to control outgoing packets. DONE ... since day one.
Run updated AntiVirus program. DONE ... since day one.
Run two anti Spyware programs to remove the crud, run alternately with a reboot between. DONE ... SPYBOT, Ad-Aware, and SPYWARE Blaster, since June of this year.
Keep Windows patches up to date. Always.
Use an alternate browser to minimize IE exploit exposures. since end of June this year.
Don't click links in e-mails. Rarely do I do this and when I do it's only in email from people I know and trust.

The rest of your suggestions sound good and I will start working on implementing them. Encryption sound especially good. I use W2KPro. Looks like a simple matter of encrypting the file in Windoze Explorer and thereafter it will be transparent to me but return access denied to anyone else.

Go to:
"IE->Tools->Internet Options->Advanced->Security->Do not save encrypted pages to disk" and tick this so that no credit card info [etc] is stored in the "Temporary Internet Files" folder.

Done. Didn't know that was there (like so many other things).

Thanks

I forgot to say that you'd need to delete the Temporary Internet Files to eliminate any such information already stored there.

No new Temporary Internet Files saved will include the encryped information that's produced by a visit to a "secure" site that uses encrypted communication.

If such info had been saved and someone gained access to your PC they'd need to decrypt the data to obtain the info, but I suppose there may be those who have such capability.

Just don't let it drive you crazy, your computer is just a tool. Enjoy life.

Some of the software registrations, notably M$ app packages, did ineed require the information to activate the software. They (M$) are paranoid about piracy and in such instances I can understand the paranoia. Everyone deserves to profit from the fruits of their labor, even Microsoft.

128 bit encryption while difficult to crack, is not impossible. The number of mathematical possibilities is simply 2 to the 128th power, whatever that is (a large number:D ). It might take a powerful computer working full time, or several parallel processors. But if someone wanted my name and address that bad there are much easire ways to get it.

I scanned every single file on my PC for really sensitive stuff like CC numbers and came up clean so I'm not crazy ... yet ... just ask my other personalities

:D

Well, you have your wits in gear and are aware of the possibilities.
So you're much less likely to get "taken".

An 85 year old in Eugene, Oregon told me that [she didn't have firewall, or inti-virus software etc] her bank account had been cleaned out and she assumes someone had gained access to her PC.

So I used "Netmeeting" to install all the protective software on her PC.
It was a great exercise!
I was quite astonished to find what could be done on another remote PC using Netmeeting when they "Grant Control". :)

Originally posted by PrntRhd

Run at least one firewall that is hardware based.
Run at least one firewall that is software based to control outgoing packets.


PrntRhd: which are they, for instance, by name?

Originally posted by pop pop


I scanned every single file on my PC for really sensitive stuff like CC numbers and came up clean so I'm not crazy ... yet ... just ask my other personalities

:D

Aw shucks Pop Pop read this:

http://www.pcguide.com/vb/showthread.php?s=&threadid=30047&highlight=The+Riddler

and scare yourselves real good....



Ps: great surf guitar music saturday night 10 pm to midnight at:

www.kfjc.org

Donn:
Zone Alarm Free is the software firewall,
Netopia Cayman Breakwater is the hardware firewall in the router. (Yes it is NAT enabled).

Webroot's Spysweeper says it takes out the stuff you posted about, Donn.
Also Spider is said to remove it too, but sometimes it causes other unexpected issues as it takes out too much.

:)

Hey pop pop and others, just thought I would share something with you I just learned. Although I knew cookies could gather personal information, I had no idea it could go this far. Maybe a reason way we get spam from a company we never heard of or have never gone to their site.
HERE (http://pestpatrol.com/pestinfo/D/DoubleClick.asp) is a link to a page generated by Zone Alarm’s new PestScan service.

Enjoy
Frank ;)

I saw DoubleClick, I saw PestPatrol, where is the ZA linkage, or is it part of the Security Suite stuff?

OK Donn and Bassman,

Way to make me even crazier and more paranoid than I am. I've been a lone wolf almost all of my fifty year life and the idea that someone or something is deceiving me and spying on me absolutely drives me nuts. That's part of the reason I've become, as my wife says, obsessed with this stuff. Bassman, while you and I might just about agree that marketing and market research are legal and useful things, even if annoying at times, we are on the verge of what I would think is illegal and unconstitutional practices here. I have a constitutional right to an expectation of privacy. That right covers person and property, assuming that I have done nothing illegal to invalidate that right. No one has a right to violate my person or property or any way infringe on my privacy without my consent.

Planting whatever on my computer be it web bugs, cookies, .dlls, registry entries, .exe's or anything is no less invasive than bugging my phone or planting hidden cameras somewhere on my property. In either case, I have been violated.

EXTREME ANALOGIES:

Tracking cookies, data miners, SPYWARE...

I bug your phone at home, your car, your phone at work, hell I put bugs in your underwear. Hey ... just doing a little marketing reseach. Nothing illegal here. Just trying to make life a better experience for you and all of humanity ... and maybe make a few bucks while I'm at it.

Windoze

Thanks to my product being almost the only game in town you will use it and I will lie to you (ommission or commission) about what it does or does not do. I will make it able to keep track of everywhere you've gone, everything you've looked at, everything you've searched for and I will make it nearly impossible for you to find that data yourself, I will make it difficult to impossible for you to eliminate it, and I will make it absolutely impossible for you to uninstall my Master SPY-APP (IE).

Hijacks ...

I'll come out and reprogram your car so that everytime you started it up it will only go where I have programmed it to go, usually somewhere that will have something to sell and I'll make a couple of dimes because I sent you there against your will ... hey, you really wanted to go there, you just didn't know it. I KNOW WHAT YOU WANT BETTER THAN YOU DO.

You get the picture. The analogies may be a bit extreme but the point is valid, I think.

On the other hand, As Budfred's signature says, Caveat Emptor, buyer beware. You pays you money and you takes your chances. Don't surf the net, don't buy the computer, don't expose yourself to the problem. If you choose not to do that, be prepared to fight the war, in the trenches here and possibly in the courts.

PrntRhd, the ZA part of this is the e-mail I got from ZA letting me know they partnered with PestPatrol for additional computer security (might be considered spam :rolleyes: ) and it was free to try out.
pop pop, sorry for increasing your frustration, it was not meant to go like that :eek: As PrntRhd said, “Just don't let it drive you crazy, your computer is just a tool. Enjoy life.”.
I agree completely with the invasion of privacy aspect of this and so does the article in my link. A woman in California won a suite against DoubleClick because of their tactics. As discussed in another thread though, not all of this invasion is illegal. Immoral yes, but not illegal.
With the proper security in place (firewall, anti virus, anti spyware) and a regular routine of deleting or blocking cookies, you should be able to go where you want to go on the internet and enjoy yourself without sweating bullets that someone is checking to see what you had for lunch. Another suggestion is to not keep anything on your computer that you would not want someone else seeing.

Good luck and learn to enjoy ;)
Frank

Bassman,
I think PestPatrol is better at marketing and making deals with adware firms than removing the stuff. IMHO

I prefer to use applications for removal that are less susceptable to conflicts of interest, either free or paid so long as they start with the premise of security for the user as the first priority:
AdAware
Spybot
Webroot Spysweeper (paid)