Well today I was doing as I usually, going through my email, trashing the stuff I was done with, filing the spam for later tracking down, etc...and I decided to look at a couple of them.

Here is what I found:

<BR>ProcessInfInstall:File:C:\WINDOWS\OPTIONS\OEMA UDIT.INF: Section=3D:One=
Time:
<BR>ProcessInfInstall:Failed to open:C:\WINDOWS\OPTIONS\OEMAUDIT.INF: reRe=
t=3D105
<BR>VcpClose:About to close
<BR>VcpClose:About to End
<BR>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXX

Haven't quite figured out exactly what it is supposed to do but.......anytime a script calls up an install routine it is a bad thing!

And now for the other....

<!-- the following image is included for message detection -->
<img src="http://p01.com/1x1.dyn?0ckGpSqDgLdP60WJpjWS" width=1 height=1 border="0" width="1" height="1" alt="">

This one I openned...it was the monthly HP newsletter, I am running Mozilla and have it ask about cookies, well, this wanted to put a cookie on my system, which, of course, I said NO to...

So, it just goes to show you...be careful with your email, even something you think is safe may have turned into a tracker's haven...

And some of you may say, "So what, all that is for is so that HP knows you recieved your mail"

To that I say....there is such a thing as receipt confirmation, it requires user intervention, not sneaking around and alerting some other machine behind my back!!!!


------------------
mjc
Links list:Computer Links (http://www.dreamwater.org/tech/mjc/index.htm)

Celts are the men that heaven made mad, For all their battles are merry and their songs are all sad.





[This message has been edited by mjc (edited 04-17-2002).]

Between you, sea, ghost, iisbob, rick and a few others - if I knew half of what you'd forgotten about computers I'd be a smart man indeed. In other words, I have almost no idea what this means, mjc. http://www.PCGuide.com/ubb/frown.gif

Basically, are you saying just delete anything from unknown sources, or something more than that?

------------------
Some mistakes are too much fun to make only once.

Yeah, basically that is it...and be careful about known sources, if you are receiving commercial email news letters they may actually be turning into spyware/tracking instruments.....


Besides, the way that "webbug" is coded is really poor programming...
------------------
mjc
Links list:Computer Links (http://www.dreamwater.org/tech/mjc/index.htm)

Celts are the men that heaven made mad, For all their battles are merry and their songs are all sad.


[This message has been edited by mjc (edited 04-17-2002).]

Any 1x1 image file is suspicious or just darn sneaky!! http://www.PCGuide.com/ubb/wink.gif


------------------
Take nice care of yourselves - Paul
"For a Pandora's box upgrade to IE6 (IEsicks that is)"

mjc- I had heard about these small image embedding, and I would bet almost all of us have been targeted who are online a lot.

sneaky and malicious, the other day I was getting MANY scans form places that shouldn't even be able to scan me!

they didn't get in but were using new and unique approaches that I didn't know were possible.. hehe- you being a linux guy probably know much more about this than me.

http://www.PCGuide.com/ubb/wink.gif

pentachris- thanks for including me but I'm not in the same category the others you were so nice to list me with, I'm still learning EVERYDAY!

http://www.PCGuide.com/ubb/wink.gif




------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/index.html)

BTW for anyone using IE4.x or 5.x there is a utility (about 130KB) that can be downloaded from M$ called Web Accessories for Internet Explorer. (http://www.microsoft.com/windows/ie/previous/webaccess/ie5wa.asp) It has a few useful functions, the Links List and Images List being just two of them. By using the latter and R-clicking on a webpage one gets a list of all the images on the page, their file size and their pixel size.

Since one would never "see" a 1x1 image, this can be used to detect them; funny how many of them appear on M$'s own pages!!! http://www.PCGuide.com/ubb/wink.gif

------------------
Take nice care of yourselves - Paul
"For a Pandora's box upgrade to IE6 (IEsicks that is)"

also Sam Spade Tools (http://www.samspade.org/t/) will do this (and a LOT more) free without downloading anything at all.

http://www.PCGuide.com/ubb/tongue.gif

for instance, this page looks like:

SamSpade Safe Browser



--------------------------------------------------------------------------------

GET /cgi-bin/postings.cgi?action=reply HTTP/1.1
Host: www.pcguide.com (http://www.pcguide.com)
Connection: close

Read 3172 bytes from host www.pcguide.com, (http://www.pcguide.com,) path /cgi-bin/postings.cgi?action=reply
HTTP/1.1 200 OK
Date: Sun, 21 Apr 2002 21:48:44 GMT
Server: Apache/1.3.14
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html

bc1
<HTML>
<HEAD>
<TITLE>The PC Guide Discussion Forums</TITLE>

</HEAD>
<BODY bgcolor="#FFFFFF" background="http://www.PCGuide.com/ubb/bg.gif" text="#000000" link="#000080" alink="#800000" vlink="#2f2f4f" marginheight=0 marginwidth=0 topmargin=0 leftmargin=0 rightmargin=0>
<FONT FACE="Verdana, Arial" size=2>
<IFRAME align="center" WIDTH=800 HEIGHT=110 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0
FRAMEBORDER=0 SCROLLING=NO SRC="http://www.pcguide.com/adserv.html?1611863">
<ilayer src="http://www.PCGuide.com/adserv.html?1611863"></ilayer></iframe>
<blockquote><A HREF="http://www.PCGuide.com/cgi-bin/Ultimate.cgi?action=intro&BypassCookie=true"><IMG SRC="http://www.PCGuide.com/ubb/pcgubb.gif" BORDER=0></a>
<P><BR>
<B><p>NOTICE! This request and your user data were logged as a hack attempt. Authorities will be alerted if you persist.</p><p>If you believe this to be an error please contact ixl@pair.com to say there may be corrupt data files in Forum .</p></B>
<P>
<FORM ACTION="http://www.PCGuide.com/cgi-bin/forumdisplay.cgi" METHOD="GET">
<INPUT TYPE="HIDDEN" NAME="action" VALUE="topics">
<B>Hop to: </B><SELECT NAME="number">
</blockquote>
<OPTION value="">Select a Forum or Archive
<OPTION value="">
<OPTION value="">List of Forums:
<OPTION value="">
<OPTION value="">
<OPTION value="">Category: Administrivia
<OPTION VALUE="">--------------------
<OPTION value="7">Announcements
<OPTION value="4">Suggestion Box
<OPTION value="">
<OPTION value="">Category: General Hardware
<OPTION VALUE="">--------------------
<OPTION value="1">The PC World
<OPTION value="8">How Does This Work...
<OPTION value="9">How Do I...
<OPTION value="3">Buying and Upgrading Advice
<OPTION value="5">Certification
<OPTION value="">
<OPTION value="">Category: Troubleshooting
<OPTION VALUE="">--------------------
<OPTION value="2">System Troubleshooting
<OPTION value="11">Storage Troubleshooting
<OPTION value="12">Audio and Video Troubleshooting
<OPTION value="13">Peripheral Troubleshooting
<OPTION value="14">Notebook Troubleshooting
<OPTION value="15">Operating System Troubleshooting
<OPTION value="16">Software Troubleshooting
<OPTION value="">
<OPTION value="">Category: Miscellaneous
<OPTION VALUE="">--------------------
<OPTION value="10">After Hours Club
<OPTION value="6">FAQ Archive
<OPTION value="17">Testing Forum
<OPTION value="">
<OPTION value="">List of Archives:
<OPTION value="">
</SELECT>  <INPUT TYPE="SUBMIT" NAME="SUBMIT" VALUE="Go">
</FORM>
</blockquote><center>
<B><FONT SIZE="2" FACE="Verdana, Arial">
<A HREF="http://www.PCGuide.com/dfcontact.htm">Contact Us</A> | <A HREF="http://www.PCGuide.com" target=_top>The PC Guide</A>
</B></FONT>
<P>
<FONT COLOR="#dedfdf" size="1" FACE="Verdana, Arial">© Copyright 1997-2001 Charles M. Kozierok. All Rights Reserved.
<P>
Powered by Infopop <a href="http://infopop.com"> <font color="#dedfdf">www.infopop.com</font></a> © 2000<br>
Ultimate Bulletin Board Version 5.46
<br><br>
</FONT>
</CENTER></font>
</p>
</body></html>

0



http://www.PCGuide.com/ubb/wink.gif

This is a cool addon for IE which detects and displays webbugs.
You can set it up so that it only shows the webbug without the "alert" sound and other information windows.
http://www.bugnosis.org/

Hey mjc, I'm curious as to how those cookie spams work with online-based e-mail? I use hotmail myself and use no less than 2 computers per week to access my e-mail. Does that mean that each one is succeptible? Or am I able to by-pass the one-pixel images because hotmail allows me to delete e-mails without reading/loading them? And did I spell "succeptible" correctly?

------------------
Windows 95: A 32-bit extension of a 16-bit overlay for an 8-bit OS that was originally designed for a 4-bit processor by a 2-bit company that can't produce 1 bit of good software!

Dictionary (http://www.infoplease.lycos.com/search.php3?in=dictionary&query=succeptible)