Main Area and Open Discussion > General Software Discussion

Freemake Software: Help With A Service

<< < (3/4) > >>

Shades:
Wireshark is a (free/open source) tool to see content of anything that travels through your LAN. Find out to which IP number the service is sending the data and filter the output of Wireshark to only show the traffic to that particular IP number.

Working with Wireshark is not that easy but there is a helpful manual included, so it is not too hard either.

Finding out to which IP number data is sent, is not that hard either. I believe that Process Explorer (Sysinternals/Microsoft) or Process Hacker (open source) show you this when selecting the service.

If you don't like the data that is sent but still want to use the software after you found out, it should be easy enough to identify the files that are used by the service by using either Process Explorer, Process Hacker or Dependency Walker. After identifying create path rules for each file with 'Start > Run... > secpol.msc > Software Restriction Policies > Additional Rules > New Path Rule'. That should make the service unable to start even after you updated the software (if they don't change file names / or structure).

Seems others were already faster with typing...

y0himba:
Finding the files was easy enough. I already use Process Hacker as my task manager of choice. I think I can use Wireshark to actually see inside the packets, or reconstruct them to see what is being sent, I don't really know.  I am reading about it now and reading the manual.

I already had WinPcap installed from using some program I picked up somewhere:  URLSnooper2.  You may have heard of it. ;)

y0himba:
From Facebook:
Hi everybody,

as promised yersterday we released an update with the fix of all found issues related to FreemakeUtilsService.

1. Now FreemakeUtilService which aroused so much concern is installed only upon user's permission who wants to help improve Freemake. The bug with the running service was fixed.
2. The service is uninstalled if software is uninstalled, no files are left. This was fixed too.
3. If the service was installed with the previous software version, a user can opt out in the new version. In this case the service will be automatically removed from PC.

Here to avoid confusion brought by some people we'd like to stress once again that the service didn't send before and doesn't send now any data if a user opted out.

The only function of the aforementioned service is to collect our software usage stats which will allow us to improve Freemake further, to your benefit. In case of a crash report a user is asked an additional permission to send a report through dedicated message window.

If permitted, the service runs when a user is online to synchronyze with our server for best time to send crash reports and usage stats. This is done to avoid our server time overload.

A user is given full information about the service via a link to a webpage during software installation.-Facebook
--- End quote ---


My reply:

A "bug" for how many versions? Why wasn't this "bug" addressed when it was first reported around a month ago?

Good to see you admitting it was collecting statistics other than crash and bug data.

To be clear, the service DID send data even after opting out. It even sent data if the software was never run, and after the software was uninstalled.

You cannot say you fixed a "bug" and then say there was no issue.

Honesty folks, honesty.

Stoic Joker:
So how would I go about debugging the service to see what it is doing/transmitting and where?  If I am wrong, I will eat crow and apologize up and down.  However, their actions are suspicious and I want proof.-y0himba (July 24, 2011, 12:45 PM)
--- End quote ---

Quick-N-Dirty:

1. Open a command prompt and keep it handy.

2. Stop and then restart the service (this assumes it will try some type of connection on start up).

3. At command prompt run:
    netstat -bnep TCP
and if it doesn't showup there (it should), try
    netstat -bnep UDP

You should get a listing showing the name of the binary (service you're looking for), its target IP, and port.

Then use that info to filter what WireShark captures to better track what the little bugger is doing.

y0himba:
Thank you!  That is helpful...seriously appreciated.

Navigation

[0] Message Index

[#] Next page

[*] Previous page