1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

gameux.dll trying to access secure MS IP address

Discussion in 'General Software' started by NdMk2o1o, Jun 14, 2011.

  1. NdMk2o1o

    NdMk2o1o

    Joined:
    Apr 21, 2010
    Messages:
    3,444 (2.21/day)
    Thanks Received:
    922
    Location:
    Redditch, Worcestershire, England
    I have a shed lot of logs in comodo firewall that gameux.dll is trying to access IP 65.55.162.27 << looked up as an MS IP address , over port 443 (https) this is being blocked by comodo though in the firewall logs gameux.dll is trying port after port, seems to be in order aswell, basically this dll is trying to get to that secure MS IP address for some reason and is port scanning to get out.........

    I can't find much info on this dll though it appears to be an MS one and the behaviour of it is worrying, why is it scanning all available ports to access that IP? if this was anyone but MS this would be considered virus/spyware behaviour. It's possibly harmless but still.

    Anyone came across this?

    Seems this dll corresponds to MS Games Explorer that was intro'd in Vista, doesn't explain why it is trying to send information to a secure MS IP address
  2. Thatguy New Member

    Joined:
    Nov 24, 2010
    Messages:
    666 (0.50/day)
    Thanks Received:
    69
    Why does the disk indexing service send out notifications to the microsoft server in redmond ?

    news flash, microsoft knows all about what you do with your computer unless you defeat these spyware features.
  3. Kreij

    Kreij Senior Monkey Moderator Staff Member

    Joined:
    Feb 6, 2007
    Messages:
    13,881 (5.09/day)
    Thanks Received:
    5,615
    Location:
    Cheeseland (Wisconsin, USA)
    My guess would be that it's trying to connect to information that the game explorer wants.
    What that information is could be ratings or other info to display to you in the GE.
    It probably was written to try different port in the event that a specific port was busy or became unavailable.
    Since you are blocking it, it is probably trying all the ports it has in it's list of valid ports.
  4. Thatguy New Member

    Joined:
    Nov 24, 2010
    Messages:
    666 (0.50/day)
    Thanks Received:
    69
    Umm, no.
  5. cheesy999

    Joined:
    Jul 2, 2010
    Messages:
    3,897 (2.62/day)
    Thanks Received:
    575
    Location:
    UK
    yes

    game explorer connects to the internet for age ratings/ system requirements

    you can turn it off by clicking the 'options' button above the game explorer
    ron732 says thanks.
  6. Thatguy New Member

    Joined:
    Nov 24, 2010
    Messages:
    666 (0.50/day)
    Thanks Received:
    69
    when someone can explain why disk indexer sends volume reports and registry info to microsoft. I will be all ears.
  7. KieranD

    KieranD

    Joined:
    Aug 16, 2007
    Messages:
    8,003 (3.15/day)
    Thanks Received:
    813
    Location:
    Glasgow, Scotland
    Microsoft updates, sometimes they add in information in the Game Explorer folder for the individual games; for example some of my games have little age ratings and some have no information. Its a long shot but either that or its hidden secret spyware.

    EDIT: Okay lol seems like everyone else managed to post while i was typing, its like fastest to the finger in this forum.
  8. ron732

    ron732

    Joined:
    Jun 25, 2010
    Messages:
    232 (0.16/day)
    Thanks Received:
    89
    Location:
    Jersey Shore
    cheesy999 you are correct. I was searching on MS Technet and found this:

    "I recently encontered this problem again, and have since gathered more data about the problem, and solution.

    The problem indeed lies with the game explorer. It will start when you first start a game that is not in the game explorer, and has not been installed into it by the game's installer (which most games do now). The game explorer detects it and adds the game to the list. It then attempts to gather more information about the game (rating, box art, etc). However, if it is unable to, the DLL will block in an endless loop of retries to the server to gather this information each time a game from the list is being started. This results in the game seemingly not loading. This being unable to can be due to a firewall blocking the connection on your computer.

    To solve this problem, I disabled my firewall. I immediately saw the boxart for all the games pop up, and the games in question subsequently loaded again."

    You can read the thread here:

    Starting Games

    It seems that disabling the Games Explorer stops this behavior.

    Personally I wouldn't disable my firewall.
    Last edited: Jun 14, 2011
  9. cheesy999

    Joined:
    Jul 2, 2010
    Messages:
    3,897 (2.62/day)
    Thanks Received:
    575
    Location:
    UK
    cause Microsoft want to know what files poeple have on their computer, besides, its not as if they can do anything by knowing what you named your word document
  10. KieranD

    KieranD

    Joined:
    Aug 16, 2007
    Messages:
    8,003 (3.15/day)
    Thanks Received:
    813
    Location:
    Glasgow, Scotland
    Legally if Microsoft found anything it wouldn't be able to act on it. If they where using spyware for non updating purposes its technically spying. I mean i doubt Microsoft would like me looking at there computer files.
  11. Thatguy New Member

    Joined:
    Nov 24, 2010
    Messages:
    666 (0.50/day)
    Thanks Received:
    69
    Its a privacy issue period.
  12. Jizzler

    Jizzler

    Joined:
    Aug 10, 2007
    Messages:
    3,395 (1.33/day)
    Thanks Received:
    634
    Location:
    Geneva, FL, USA
    Perhaps more people would be conviced if you could explain how Disk Indexing and Games Explorer are related?
  13. Kreij

    Kreij Senior Monkey Moderator Staff Member

    Joined:
    Feb 6, 2007
    Messages:
    13,881 (5.09/day)
    Thanks Received:
    5,615
    Location:
    Cheeseland (Wisconsin, USA)
    A link to this information or a packet dump of the data sent, please.
    cheesy999 says thanks.
  14. cheesy999

    Joined:
    Jul 2, 2010
    Messages:
    3,897 (2.62/day)
    Thanks Received:
    575
    Location:
    UK
    +1 to krejj, as a vista user where can i find this info

    btw i think the comp needs a bump
  15. FordGT90Concept

    FordGT90Concept "I go fast!1!11!1!"

    Joined:
    Oct 13, 2008
    Messages:
    13,340 (6.31/day)
    Thanks Received:
    3,360
    Location:
    IA, USA
    This. GameUX is Game Explorer (aka game browser in Vista/7).

    I would verify though that gameux.dll is, in fact, made by Microsoft though and not some illicit spoof. The genuine file should be C:\Windows\System32 and C:\Windows\SysWOW64 on 64-bit machines. It is between 2.4 and 2.7 MiB, the versin number should be similar to the OS number (6.#.OS Build number), the copyright field should be Microsoft Corporation but doesn't have a year, and the product name should be Microsoft Windows Operating System.
    Crunching for Team TPU
  16. NdMk2o1o

    NdMk2o1o

    Joined:
    Apr 21, 2010
    Messages:
    3,444 (2.21/day)
    Thanks Received:
    922
    Location:
    Redditch, Worcestershire, England
    I know what it is, i said that in my post, what I don't know is what data its collecting and the constant port scanning is behaviour of spyware, it could just be collecting data for updates etc. We shall see as I have now turned off all updates and asked it not to collect any data/art etc from the web about my games. So it has no reason now to want to gain access to that IP.
  17. Kreij

    Kreij Senior Monkey Moderator Staff Member

    Joined:
    Feb 6, 2007
    Messages:
    13,881 (5.09/day)
    Thanks Received:
    5,615
    Location:
    Cheeseland (Wisconsin, USA)
    I agree, NdM, let us know if it keeps trying to connect even though you have it shut off.

    I can't find any information that gameux or the indexer is doing anythin insidious.
  18. Thatguy New Member

    Joined:
    Nov 24, 2010
    Messages:
    666 (0.50/day)
    Thanks Received:
    69
    Who said anything about insidious. Its just collecting registry and file system info and broadcasting it over the network. Who know what they do with it. I personally don't my personal information to be exsposed over the network. I also have no idea of what exactly is being broadcast becuase I don't have the ability to understand the output from the service.
  19. ShiBDiB

    ShiBDiB

    Joined:
    Jul 21, 2008
    Messages:
    4,066 (1.85/day)
    Thanks Received:
    755
    Location:
    Clifton Park, NY
    Were still waiting for your proof... right now ur just being annoying
  20. Ubuntusario

    Joined:
    Nov 12, 2011
    Messages:
    208 (0.21/day)
    Thanks Received:
    5
    Location:
    UT,US
    @NdMk2o1o I also use comodo, even a packet dump won't reveal its content since is encrypted. I also had comodo alert me this file wanted to send data to that ip I only have this problem with Winning Eleven 8
  21. W1zzard

    W1zzard Administrator Staff Member

    Joined:
    May 14, 2004
    Messages:
    14,645 (3.93/day)
    Thanks Received:
    11,382
    I've seen several games that send your gaming progress to the manufacturer's servers (using HTTPS port 443, too)
  22. FordGT90Concept

    FordGT90Concept "I go fast!1!11!1!"

    Joined:
    Oct 13, 2008
    Messages:
    13,340 (6.31/day)
    Thanks Received:
    3,360
    Location:
    IA, USA
    I'd say it's harmless.
    Crunching for Team TPU
  23. OneMoar

    OneMoar

    Joined:
    Apr 9, 2010
    Messages:
    2,889 (1.84/day)
    Thanks Received:
    621
    Location:
    Rochester area
    Nice threadnecro

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page