Killing ccProxy.exe

Well as the say in the Caribbean, “Enough is Enough!”

I already posted about Level 3 penetrating my machine in a Vulcan Mind Probe by use of the ccproxy.exe process and also commented about running netstat as soon as you turn on the machine, so yesterday I turned on the machine allegedly protected by Norton to find that IP 66.228.208.169 was already there. I found out that this IP was controlled by adtaq.com, an internet hosting company, somewheres in Seattle, Issaquah or Albuquerque and not much else on the firm. Once again, there was no reason for them to be connected on start-up.

I checked on ccProxy.exe and knew it was a Norton file but couldn’t find much else until I visited auditmypc.com

From that site, it appears that this proxy server is used in the parental control module and can be turned off if not in uses. Since many of the crap sites I visit are not on approved lists, parental control is never in use and I decided to turn ccProxy.exe off. I first tried turning it off from the Task Manager, but when I did Foxfire stopped working. I restarted the computer in safe mode (F8) and located it from the “netstat -bv” information. I renamed the file ccproxycrap.exe and restarted the machine in normal mode.

It was comforting to find that my friends at the FBI simply changed operations and connected to my computer through the firefox.exe process instead of ccproxy.exe but the non-military strength crap was gone. All other operations are normal and ccproxy.exe was never missed.

It might be my imagination, but the machine might be processing a little faster.

Advertisements

2 Responses to “Killing ccProxy.exe”

  1. Acorn Says:

    Just found your blog – I was looking for some details on nestat and wasn’t too sure which one of the post would be the most appropriate to comment on, because I found them all useful and interesting.

    It all started out when I noticed some unexpected access to the net whenever I seemed to be printing from OpenOffice.

    I haven’t sorted it out yet, but there is something strange going on. I have left a query on the OOForum and am waiting to see what information I get back. Meanwhile, I’m looking to sort this out, in case nothing useful comes from the forum.

    In any case, your post helped find a useful tool for the search.

    Thanks

  2. fatsavage Says:

    Be sure to run netstat /g and try all the interesting extensions. I have sort of settled on “netstat -ano” which is very fast and if I’m visiting a new site and trying to capture any probe of my machine I use “netstat -ano 5” which automatically refreshes after 5 seconds so you can continuously monitor activity. You can use task manager with the PID set to on to find out what service is connecting to the outside and then try to turn it off.

    I also use “netstat -bv” because it identifies many of the IP’s saving you the time of a DNS lookup and and also identifies the man process and subprocesses involved with the unwanted connection. Unfortunately, this is very slow so you miss a lot of short connections. When running this continuously, I use a refresh rate of 10.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: