CCS C Software and Maintenance Offers
FAQFAQ   FAQForum Help   FAQOfficial CCS Support   SearchSearch  RegisterRegister 

ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

CCS does not monitor this forum on a regular basis.

Please do not post bug reports on this forum. Send them to CCS Technical Support

Who and why is ICD-U40 and MachX trying to connect to ????

 
Post new topic   Reply to topic    CCS Forum Index -> CCS ICD / Mach X / Load-n-Go
View previous topic :: View next topic  
Author Message
dennisb



Joined: 13 Jun 2005
Posts: 3
Location: Hillsboro, Oregon

View user's profile Send private message

Who and why is ICD-U40 and MachX trying to connect to ????
PostPosted: Mon Jun 13, 2005 4:48 pm     Reply with quote

Howdy,

My Icd's and my MachX have developed a common problem.

Whenever I try to access them, either via icon or from within the IDE, they fail to load, I see them in the task list, but the app's just hang.

I then deleted all CCSI programs and FTD drivers and reloaded the latest versions of everything. Same problem, neither Icd or MachX will come up.

But, I did notice that whenever I tried to start either device, my network gets accessed.

So, I disable my local network connection and both programs come right up. Enable the network and it hangs, re-disable it and everything works.

Who and Why are my Icd's and MachX's trying to call and why won't they come up if there is no response (snagged by the Firewall).

Lately these tools have wasted alot of my time and now I find them calling home.... Sad

Anybodyelse observe this ????

Thanks.... DennisB
Darren Rook



Joined: 06 Sep 2003
Posts: 287
Location: Milwaukee, WI

View user's profile Send private message Send e-mail

PostPosted: Mon Jun 13, 2005 7:23 pm     Reply with quote

E.T., phone home!

Terminator, Rise of the Machines!

Anyone else got something?

PS - sounds like your computer is infected with spyware.
Guest








PostPosted: Mon Jun 13, 2005 11:40 pm     Reply with quote

Howdy,

I tried Adware, latest signatures for spyware and TrendMicro for latest virus signatures and both say no....

I'll run EtherPeek tomorrow and see where we are trying to talk to...

Was hoping there was an easy answer, like the ICD looking to verify the latest release....

Thanks for the inputs though.....

DennisB
Darren Rook



Joined: 06 Sep 2003
Posts: 287
Location: Milwaukee, WI

View user's profile Send private message Send e-mail

PostPosted: Tue Jun 14, 2005 6:30 am     Reply with quote

ICD and Mach-X don't communicate over the network, so there's no hidden feature you have to worry about. Yes, run a packet sniffer - I would like to know where the communication is going.
dennisb



Joined: 13 Jun 2005
Posts: 3
Location: Hillsboro, Oregon

View user's profile Send private message

PostPosted: Tue Jun 14, 2005 3:43 pm     Reply with quote

Howdy,

As I mentioned before, TrendMicro says the system is clean for viruses, and Adware reported a few cookies, but that was it.

I've re-run both programs with the same results.

I installed Tiny FireWall and my normal programs ran as usual.

But, when I try to run ICD.EXE from the desk top, Tiny Firewall fires off these messages.....


Count:1
Action:Prevented
Application:Icd.exe
Access:Using dangerous system privileges
Object:AdjustTokenPrivileges(SeSecurityPrivilege,SeBackupPrivilege,SeTakeOwnershipPrivilege,SeDebugPrivilege,SeIncreaseQuotaPrivilege)
Interface:
Time:6/14/2005 2:22:22 PM

Count:1
Action:Prevented
Application:Icd.exe
Access:Injecting code into other processes
Object:VirtualProtect(kernel32.dll) from C:\Program Files\Webroot\Spy Sweeper\sis.dll
Interface:
Time:6/14/2005 2:22:22 PM

Count:1
Action:Prevented
Application:Icd.exe
Access:Injecting code into other processes
Object:VirtualProtect(advapi32.dll) from C:\Program Files\Webroot\Spy Sweeper\sis.dll
Interface:
Time:6/14/2005 2:22:23 PM


And when I try to run MachX from the desk top, I get these messages......

Count:1
Action:Prevented
Application:machx.exe
Access:Using dangerous system privileges
Object:AdjustTokenPrivileges(SeSecurityPrivilege,SeBackupPrivilege,SeTakeOwnershipPrivilege,SeDebugPrivilege,SeIncreaseQuotaPrivilege)
Interface:
Time:6/14/2005 2:29:38 PM

Count:1
Action:Prevented
Application:machx.exe
Access:Injecting code into other processes
Object:VirtualProtect(kernel32.dll) from C:\Program Files\Webroot\Spy Sweeper\sis.dll
Interface:
Time:6/14/2005 2:29:39 PM

Count:1
Action:Prevented
Application:machx.exe
Access:Injecting code into other processes
Object:VirtualProtect(advapi32.dll) from C:\Program Files\Webroot\Spy Sweeper\sis.dll
Interface:
Time:6/14/2005 2:29:40 PM

Count:1
Action:Prevented
Application:machx.exe
Access:Injecting code into other processes
Object:VirtualProtect(machx.exe) from C:\Program Files\PICC\machx.exe
Interface:
Time:6/14/2005 2:29:40 PM

Count:1
Action:Monitored
Application:machx.exe
Access:Delete registry key
Object:HKLM\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW
Interface:
Time:6/14/2005 2:29:39 PM

Count:1
Action:Monitored
Application:machx.exe
Access:Delete registry value
Object:HKLM\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\\DWFileTreeRoot
Interface:
Time:6/14/2005 2:29:39 PM

So I have something wrong with my CCSI products, but I'm not sure what.....
Guess I'll re-nuke both devices ( ICD and MACHX ) and start over.....

Thanks.......

DennisB Sad
Display posts from previous:   
Post new topic   Reply to topic    CCS Forum Index -> CCS ICD / Mach X / Load-n-Go All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group