| » » » » "Termination" Procedures or Code|
mcmxli Jul-27-02 08:43 PM
OS:Windows XP Home Edition
Situation: I had a free membership to a live video chat service. You download and install the software then you create your profile which consists of making up a user name of your choice, a password of your choice, and furnishing your legitimate email address. As a result of a rule violation, my membership was cancelled without prior notification. Any attempts by me to logon to the service prove futile even when I use a different email address &\or ISP. This "logon failure" only occurs on the specific computer I was using to access the service when the violation occurred. I am able to logon to the service using a DIFFERENT COMPUTER. From this, I have concluded that the only way the service knows that I, a terminated user, is attempting to logon to the service ON THAT ONE, SPECIFIC COMPUTER is because the service either uploaded a file to my hardrive allowing them to identify this specific computer or they added a line of code to an existing file on this specific computer. In short, when I attempt to logon using the specific computer, they know it's me, and my logon fails;but when I attemp to logon using a different computer, my logon succeeds. Obviously, there is some kind of identifying code and/or procedure used by the service that allows them to identify me when I am trying to logon with the specific computer but not with any other computer.
All efforts by me to identify any file they may have uploaded to my specific computer have failed. Nor am I able to identify any line of code they may have added to an existing file. I thought perhaps they may have been searching my registry to locate references to the email address I originally furnished them. I manually edited my registry to remove or rename any reference to my email address but still they were able to identify me when I attempted to logon to the service.
My question is this:HOW ARE THEY ABLE TO IDENTIFY ME WHEN I ATTEMPT TO LOGON TO THE SERVICE USING THE SPECIFIC COMPUTER AND HOW CAN I BYPASS THEIR DETECTION SCHEME SO THAT I CAN LOGON TO THE SERVICE?
1. RE: "Termination" Procedures or Code
DJ Net2Infinity Jul-27-02 08:49 PM
In response to message 0
Clear your cookies, your temp files, and your cache.
2. RE: "Termination" Procedures or Code
mcmxli Jul-27-02 11:33 PM
In response to message 1
You wrote "Clear your cookies, your temp files, and your cache."
I cleared cookies and temp files. How do you clear the cache?
3. RE: Termination
Twinhead Jul-28-02 10:56 AM
In response to message 0
LAST EDITED ON Jul-28-02 AT 11:00 AM (EDT)
This problem could be more sneaky then just clearing cookies temps and cache folks!
This is more likely related to special key numbers added to the registry of your machine.
It could be also a Serial number issue of the CPU from your computer.
From PIII's on there is a unique number given to the CPU.
An ISP or a program on the Internet can relay this number.
It can also be the caller identifying system, or as to say, the phone number where the caller is calling from. (Not likely in your case, exept if the two computers are on a different, unique telephone line)
See if you can disable the Calling Identify system. (Phone numbers are NOT relayed to the receiver if succesful).
Then, goto your CMOS setup and see if you can disable the CPU serial number feature.
Then, DEINSTALL the offended software COMPLETELY and restart.
ONLY if you are an experienced user of Windows, Run Regedit.
Let it search for the manufacturor / name of the offended software.
DELETE ALL keys and values attached to it. (Backup registry first!)
Then restart, defrag your disk, and reinstall the software.
If not either, see if you can get another (Different!) copy of the software.
Redo the software parts of the listing above and retry!
4. RE: Termination
mcmxli Jul-28-02 06:58 PM
In response to message 3
First of all thanks for taking the time to respond to my message for help. And you don't have to apologize for language errors. You speak better English than I do Dutch (which is zero.)
I agree with you that the problem goes deeper than just clearing cookies, temp files and cache. I do not believe it has anything to do with the phone number I'm using to dial-in to the service. I used the same phone number on both the "specific computer" and the "different computer." The specific computer was denied logon access but the different computer logged on successfully. As far as the service adding some line of code to my registry, I also suspected that might be the case. I have examined the registry as best I could, but owing to it's complexity and size, was unable to identify any suspicious code. It may well be there but I'm not able to locate it. I considered a system restore to a date two days prior to my being terminated from the service and much to my surprise, the system restore failed! I suspect the service did something to disable or corrupt my ability to restore the system to a date preceeding the date that the service uploaded special termination code to my computer. Very sneaky of them and also very througho of them.
I am hesitant to enter CMOS/BIOS as you suggested;not because I'm afraid to do so (I have done so before) but I think the solution to the problem is, perhaps, overkill. The ability to bypass their detection scheme on this one specific computer is not critical to me since I can access the service on a different computer. What stymied me was figuring out how they do it. It is obvious that their programmers know what they are doing.
I have done just about everything you suggested except going into the CMOS/BIOS setup which, despite my reluctance, I may do just out of sheer curiousity!
Again, thanks for your help.
5. RE: Termination
lbyard Jul-29-02 06:31 AM
In response to message 4
I wouldn't give them that much credit for innovation. I would uninstall the software and then check for remnants of it in Program Files, etc. and remove that. Search the registry with the program and service names and remove those entries. Use the Windows Explorer and delete everything in C:\windows\cookies (you may be surprised by how much stuff it probably there). Reinstall the software and try again. Larry
7. RE: Termination
mcmxli Jul-29-02 12:13 PM
In response to message 5
>I wouldn't give them that much credit for innovation. I
>would uninstall the software and then check for remnants of
>it in Program Files, etc. and remove that. Search the
>registry with the program and service names and remove those
>entries. Use the Windows Explorer and delete everything in
>C:\windows\cookies (you may be surprised by how much stuff
>it probably there). Reinstall the software and try again.
Larry, I have done everything you mentioned without success. My lastest effort was to compare the registry on the "specific" computer to the registry on the "different" computer and making changes as necessary to the registry of the "specific" computer. End result:failure to logon to the service using the "specific" computer but able to logon to the service using the "different" computer. This one beats the ##### out of me. Maybe the service is identifying the "specific" computer by reading the Pentium 4 serial number as was suggested in an earlier post. Guess, I'll take a break from researching the problem (been at it for 6 days!) and get on with my life (ha ha).
9. RE: Termination
Twinhead Jul-30-02 06:17 AM
In response to message 7
If your computers have identical mainboards and CPU's, try swapping CPU's to test this.
The message where i am excusing for my language is an aoutomatic generated footnote.
Also the allocation information is.
10. RE: Termination
mcmxli Jul-31-02 10:28 PM
In response to message 9
No can do. Specific computer is a tower, different computer is a laptop. This much I have noticed. When I attempt to logon to the service, I first enter my user name and password. The service then verifies them as ok and logs me in. If either the user name and/or password is incorrect, an error message is returned. What I am deducing from this is that for a brief second I am allowed to log on to the service before I am disconnected by the service. In other words, it's only AFTER I am logged on to the service, that the service then identifies MY SPECIFIC COMPUTER and instantly disconnects me from the service. Right back to square one. How are they able to identify my specific computer? At some point in time did they upload a secret code or file to my computer allowing them to identify it? Are they running multiple identification checks such as:examining my files to see if they can locate references to my email address which they already have on file? checking for the possible secret code they uploaded to my computer?checking the serial number (or other identifying characteristics) of my Pentium 4 cpu? Believe me, I have exhausted every avenue I could think of in an effort to figure out gow they do it - all efforts failed and I still cannot logon successfully. They always know "it's me".
Now there has got to be somebody out there who knows the secret of how they do it. Maybe I should contact Eyeball Chat (or their programmers) and ask them straight out - "Say, would you mind telling me what you did to my computer that allows you to identify it as a "terminated" computer thus preventing me from logging on to your service?" Perhaps if I am nice and polite they will tell me their little secret. (Yeah, right, sure, DUH!)
11. RE: Termination
lbyard Aug-01-02 00:37 AM
In response to message 10
I still think it's a cookie. It behaves like it is. Previously I suggested to delete everything in c:\windows\cookies as with the Windows Explorer, forgetting that you are using XP? I would search for it in XP and delete everything in that directory/folder. IE 6 might tell you something about the site in the privacy report. Larry
13. RE: Termination
lbyard Aug-01-02 00:55 AM
In response to message 11
It might also have something to do with the fact that eyeball uses a secure connection/encryption. I'm out of guesses. Larry
12. RE: Termination
lbyard Aug-01-02 00:52 AM
In response to message 10
I don't think the chat service is run by eyeball. They probably just use eyeball's (http://www.eyeball.com/) software. Larry
14. RE: Termination
lbyard Aug-01-02 01:04 AM
In response to message 12
OK, one more guess... You are using static IP addresses and they are blocking it. That would be too easy. Larry
6. RE: Termination
Twinhead Jul-29-02 07:32 AM
In response to message 4
Guides | How to |
Online Store |
Forums | Forum
| Links |
News | Newsletter |
About Dux |
Advertising | Contact Info |