I figured this was part of their new "Spy Ware". Anyone up for a class action law suit against Micro s--- for invasion of privacy? among a few other things? As far as the recommendation above. Only one that will work is using a firewall to let it connect but not act like a server (IE not allowing it to send any info ) Using this will allow everything to connect , NOT just IE. Like ICQ , AIM , VONs , etc. Im going to be researching how the Generic Host COntroller works to see if it can be rewritten etc. IF so I will post it here. Anyone else who has any ideas etc , be sure to email me. Also I've figured out the "copy protection" they implemented on XP. You will laugh here. It's only a javascript that auto connects and confirms or denies. All I had to do was copy CD to hard drive exctract. rewrite , and replace this file. P Tao

0

If you disallow it to be a server and then scan the port it opens ( 5000 ) you'll find it is still open.Very tricky that. Now do this, scan every port on ya computer all 65535 of em and you'll be suprised how many are open even if you block all server access to the net. I'd like to know whats going on here

0

Look on Website www.windowsxp.nu There is a XPAntiSpy.exe for download.. Also tweaks and optimizingtools... Maybe that can solve the problem, cuz I have it too and I don't like it. But I want to use XP without letting a company know bout my whereabouts. I'm looking, reading articles and I've noticed that through the security-site www.grc.com there is allways a port open (also protected with Zone-alarm).. that sucks fellows.. Don't know how to fix it, but it all has to do with this Win32 services for host processes.. Email your comments ! Greetz, dirty04

0

I found a way to completely block Generic Host Process for Win32 Services in ZoneAlarm (both incoming and outgoing), without affecting the ability of other apps to access the internet. It has to do with stopping DNS Client. Go to Control Panel->Administrative Tools->Services, and right-click on DNS Client, choose Properties, and in the General tab, choose Disabled from the Startup Type combo box. Reboot. I'm not the person who figured this out, and I'm not sure what the significance or possible adverse effects may be. Use at your discretion. But I can say I did this two days, many uptime hours, and many boots ago, and everything seems peachy. Now if someone can enlighten us on why it works.... Dave

0

I have the same problem, found this solution: Go to Control Panel >Administrative Tools>Services. Here you can find a list of services that are running, most of these (the ones you don't need)can be turned off by right-clicking on them and then selecting properties... Many of these services run on svchost.exe which is causing the problem. Example: Automatic Updates => turn that sh!t off!!! (be sure to check for dependencies)

0

Read all the foregoing messages and decided to experiment. It appears that the automatic updates is the culprit. Go to Control Panel > Admin Tools > Services and right click on Automatic Updates and click on Stop. It solved the problem for me.

0

Hi, PAty! Her explain not solve this problem. Please how's have solution?

0

USE SYGATE PERSONAL FIREWALL TO BLOCK IT YOU WILL STILL BE ABLE TO SURF ETC.....:) http://www.sygate.com/products/shield_ov.htm

0

>>It appears that the automatic updates is the culprit. Go to Control Panel > Admin Tools > Services and right click on Automatic Updates and click on Stop<< THIS DOES NOT STOP IT, AS I HAVE THIS DISABLED SINCE DAY ONE OF XP INSTALLATION, YET THE BUGGER IS BLOCKED BY SYGATE PERSONAL FIREWALL.

0

The same thing occurs in win2k. Anyone out there with a packet sniffer able to find out what info is being sent out?

0

The response by Daveo (No, 10) is the only one that works.You can set then Zonealarm to block Generic Host and you can still check Email, newsgroups, and surf. Ialso would like to know what is going on here! Tom

0

You cannot disable DNS without experiencing a lot of problems. Use Xp Antispy (a free download, find it using Google) to close most ports. Close some more by disabling Universal Plug and Play: regsvr32 -u upnp.dll Then install Tiny Personal Firewall (find it with Google). Tiny is freeware, works on the same principle as Zone Alarm (no access, unless explicitly granted), but has no problems under XP. ZA does have problems, no matter what it's manufacturer claims. You will still have some ports open, but only about five of them. And they are guarded by Tiny. Good luck, Piet.

0

Like #10, I've found a way to have ZA block incoming and out going traffic on Generic Host without affecting IE or other apps., but without disabling DNS. Go to start, control panel, system, advanced, error reporting, and disable error report option. If you don't want auto updates you can disable that too in system. Then block out Host Processes altogether, reboot and you should be good to go. Adam

0

Using the search engine at http://www.google.com/ I entered "Generic Host Process for Win32 Services" (Quotation marks included) and Google found about 130 possible links. Among them was the link http://www.burningissues.net/cgi-bin/ikonboard/topic.cgi?forum=27&topic=8 If you would like to be really worried, then have a look at the page, http://www.burningissues.net/cgi-bin/ikonboard/ikonboard.cgi?s=3c73c092485affff;act=ST;f=13;t=31, If this link will work for you then you will need to go to http://www.google.com and enter "Generic Host Process for Win32 Services" (Quotation marks included) in the search panel, find and use the link. Then click on Security Issues under Off topic,and click on the icon to the far left of:- I believe MS is capable of this. Among the various statements on this page are "As a former employee of Microsoft in the know," "Microsoft has been compiling a massive database of names, registration codes, product keys, and linking them with data pulled from e-mail addresses stored in Outlook, Outlook Express, etc. as well as the serial numbers that can now be easily obtained from any Pentium-III CPU." "Needless to say, anyone who hasn't disabled RPCSS.exe as mentioned above, has already been added to the database," The question now is:- Is RPCSS.exe related to Generic Host Process for Win32 Services trying to contact Microsoft?

0

Hey All, This may not answer anyone's questions, but I've managed to find out how to get the list of what services SVCHOST.exe is running and I think ( once someone tells me what all the services are for ) that we may be a step closer to figuring out what is sniffing and what really smells. Firstly, type "cmd" into the run dialog box, or open command promt from the start menu. Then type "tasklist -svc" into the command promt ( obviously without the quotation marks ), then you should see a list of services. On my clean installed XP machine I get 4 instances of SVCHOST.exe running, with a total of 29 services running under them. Heres the List: SVCHOST.EXE Contestant #1 : ( PID : 824 ) Running : RpcSs SVCHOST.EXE Contestant #2 : ( PID : 984 ) Running : AudioSrv, Browser, CryptSvc, Dhcp, dmsrver, ERSvc, EventSystem, FastUserSwitchingCompatibility, helpsvc, lanmanserver, lanmanworkstation, Messenger, Netman, Nla, Schedule, seclogon, SENS, ShellHWDetection, TermService, Themes, TrkWks, uploadmgr, W32Time, winmgmt, WmdmPmSp, wuauserv, WZCSVC. SVCHOST.EXE Contestant #3 : ( PID : 1200 ) Running : dnscache. SVCHOST.EXE Contestant #4 : ( PID : 1212 ) Running : LmHosts, RemoteRegistry, SSDPSRV, WebClient. Now, I can see what some of the services are, but I don't know what all of them are, but i guess research will tell, and I noticed that RpcSs ( Which Is Mentioned In The Above Follow Up ) is running on its own SVCHOST. I also have no idea what PID values are, but im trying to find out that too. Anyway, there are some Follow ups on : http://computing.net/windowsxp/wwwboard/forum/8400.html I also posted what I found there, to see if anyone can help us all Gr33tz l337_n00b

0