Cannot Remove AutoComplete Informations

[lylefairfield]

I have installed IE 7. It works well.

To confirm old passwords I used a freeware program called Nucleus
Kernel Internet Explorer Password Recovery (NKIEPR). I was surprised
when it showed me some passwords which were several years old.
I decided to start again. In IE7 I followed Tools->Internet
Options->General->Delete and deleted Form Data and Passwords.

I checked NKIEPR again. It still showed the old passwords. I examined
my registry and did several file searches to see if I could find
something similar or suspicious. I could not. I examined the NKIEPR
passwords again. They seemed to be those I used with the MSN browser
several years ago. I read the MSN browser's instructions about how to
remove logins and passwords. It instructed me to do so through IE,
using the procedure I had already followed. I repeated the delete again
just to be sure. NKIEPR still showed the paswords.

I uninstalled the MSN browser. I did three Registry cleanups (Easy
Clean, CCleaner, Registry Mechanic). I used Privacy Garden to remove
everything I could fromWindows an IE, inclusing saved from information
and passwords. I read extensively on the internet and tried various
solutions for similar but not identical problems. I have of course,
restarted the computer several times.

These passwords might also be associated with My Network Places, but
there does not seem to be as direct a correspondence with nethood
folders as with MSN.

NKIEPR still shows passwords which I want to be private. I would like
to remove those passwords. Instead, I could log-in to all the sites
with a not-IE based browser and change the password, or I could do a
low-level format of my hard disk. I would prefer to have another
solution. If you have any suggested solution, please tell me.

I have been a computer professional since the early 1980's. It's likely
that I can follow directions.

 

[Rob ^_^]

Hi Lyle,
I think NKIEPR (I don't use it myself), makes its own copies of the
Autocomplete entries for passwords in the Windows Registry. It has the word
Kernel in its product name which seems to suggest that it uses this windows
component to intercept auto-complete entries and make its own copy. So the
whole purpose is to allow a user to recover their passwords even though they
may accidentially delete their registry copies or if they change their
computer.
Nothing to worry about, though I would hope that it is password protected
itself to stop unauthorised access to your password history.

So I think all you have to do is to choose those passwords and form data
that you wish to recover and install on your new IE7 installation.

Regards.

 

[GLA]

Hello!
I think it because IE 7 stores autocomplete form information (including
passwords) in different then IE 6 place.

 

[Robert Aldwinckle]

I have installed IE 7. It works well.

To confirm old passwords I used a freeware program called Nucleus
Kernel Internet Explorer Password Recovery (NKIEPR). I was surprised
when it showed me some passwords which were several years old.
I decided to start again. In IE7 I followed Tools->Internet
Options->General->Delete and deleted Form Data and Passwords.

I checked NKIEPR again. It still showed the old passwords. I examined
my registry and did several file searches to see if I could find
something similar or suspicious. I could not.

What tool are you using to do that? E.g. RegEdit can't find binary strings
which is how strings are often represented, e.g. in order to save doublebyte
characters such as Unicode. More significantly, in the case of passwords,
however, is that they are usually encrypted anyway, so even if you could
search for strings reliably, you would be unlikely to find passwords in clear
text.

One thing that might give you a clue about where the program is finding
them, at least it works to some extent with another AutoComplete data
saver called PSPV (by NirSoft), would be to run RegMon (from SysInternals)
while the password saver was running. That can expose otherwise hidden
keys and values.

BTW there is an update to PSPV for IE7 as apparently some of the
implementation for storing and retrieving password data has changed:

http://www.nirsoft.net/utils/internet_explorer_password.html


HTH

Robert Aldwinckle
---

 

[Lyle]

One thing that might give you a clue about where the program is finding
them, at least it works to some extent with another AutoComplete data
saver called PSPV (by NirSoft), would be to run RegMon (from SysInternals)
while the password saver was running. That can expose otherwise hidden
keys and values.

BTW there is an update to PSPV for IE7 as apparently some of the
implementation for storing and retrieving password data has changed:

http://www.nirsoft.net/utils/internet_explorer_password.html

HTH

Robert Aldwinckle

Thank you for the very useful information. Using several of the Nirsoft
utilities I was able to find the location of the troubling
"non-deletable" passwords and to remove them.

I was stunned to find that all passwords I had ever entered in IE or My
Network Places, or Outlook, or Outlook Express were still stored on my
hard drive and available. It seems that someone, given the correct
knowledge [this would descibe me now that I have looked into this
matter] and access to the internet could sit down at anyone's machine
for five minutes, say during a user's bathroom break, and find and copy
every logon and password that the user had ever used. Well, MS-SQL
Server logons were not exposed.

Perhaps this isn't as bad as I think now (initially). Perhaps it is.
Words such as Linux and Macintosh pop into my mind. Would they have the
same vulnerability? Probably not. Would they have some other
vulnerability? Probably!