this is ticking me off i still get these blocked SVCHOST.exe [RESOLVED]

OK now i’m starting to get ticked off i even went back and set comodo to trust my whole network even the other PC on it to try and stop this blocked SVCHOST.exe and still no go why am i getting this and how do i stop it. and dose it pose any security risk to have comodo setup to trust my other PC all i did was check mark the trust my other pc on network for file sharing. trying everything i can to get this to stop i saw my lan ip in the block svchost figured maybe this stop it. But if it poses me a security risk i go back and uncheck it. here is a picture of this stupid block my other pc gets it as well.

[attachment deleted by admin]

ok by security risk i mean if my other pc gets a virus can i get it beings i’m trusting it. i should note i do have file printer sharing off if this makes a difference this is a bothersome log problem. That if can be fixed would be great there has to be a whey to fix this is.

well i have removed the trusting my whole network thing for sharing as i don’t share still would like a resolution to this blocked svchost.exe. I just deleted my netwok and got the pop up asking me to define a trusted network this time i did not select the sharing thing so that is gone as it did not work for this problem. if anyone has a resolution to this problem get back to me.

I just note’s something it did work for my kids PC the sharing thing as because her events were empty when i just checked. after removal of the sharing thing the svchost.exe block came back on her PC. so now i’m not wondering if i should repute this policy back on for that reason. but how do i fix this on my PC that it did not work on?. please advice me if i should allow my PC to communicate again for this reason but i don’t want a potential risk for viruses if i do this. also please advise me how to fix this on my pc lol.

i hope someone has a resolution to this agravating problem that like to take up my logs. (:AGY) and tick me off in the process

:THNK um ok so many views to (:NRD)

The dayjob still has me running in circles :smiley: so I’ve had only a real quick look at your firewall log.

What that looks like, is UPnP traffic from your router. But, it’s TCP packets and addresses to your PC. That means that your router is not doing the usual UPnP broadcast traffic, but is answering a question from your PC.

The real quick solution to that, is to turn off UPnP on your router.

The not so quick solution is to remove the UPnP discovery service/capability/feature/whatever from your PC. I don’t recall the details on that exactly, but there’s something called ‘residential gateway discovery’ that does that UPnP work. I don’t recall if it is a Windows service (as reported by services.msc), or an installed component (Control Panel → Add/Remove, and select Windows components) or both.

Checking the router settings is much much faster.

that would explain why it went a whey on my kids PC when i did the trust for sharing setup in comodo. what if i set that back up any harm in this? as her pc gets hit hard in her logs then mine. I went threw my router setup i found it in there but my router setup says don’t disable this feature or UPNP devices will not function. What the heck are those dose this or will this effect my pc if i turn it off.

OK so i turned off UpNp on my router and now windows live messenger wont let me do a video or voice conversation. so i did some trouble shooting and turned back on UpNp and wala i got video and voice convo back. so this is just great i turn of one to fix something and it breaks something. so is my only choice to fix this problem to allow sharing between comodo and other pc? if so it dosent fix it on mine but it dose on my kids.

ok so i did some search on the net about UPnP and windows live messenger and it seams that microsoft has windows live open up ports threw UPnP for this stuff. so i can’t turn that off and expect windows live messenger to work a ok. i’m stuck eather allowing the two PC to share which fixes it on her end but not mine. but i don’t want to open my pc up if hers get a virus is this a draw back to this sharing thing or will comodo still protect me if i let it trust the other pc.

I;m figuring this out thanks all no need answer back now :slight_smile:

I’m glad that you’ve found a working solution.

thanks grue155

well the solution that i had did not work any help appreciated again :frowning:

Given that this is UPnP traffic from your router, and that apparently Windows Messenger needs the UPnP capability turned on so that Messenger can do it’s streaming video stuff, then it looks like there will need to be a rule allowing UPnP traffic from the router.

That rule would look something like this:

allow TCP In From IP [192.168.0.1] to Ip Any where source port is any and destination port is 2869

or expressed in the rule entry format:

Action: Allow
Protocol: TCP
Direction: In
Source Address: single IP: 192.168.0.1 # your router
Destination Address: Any # inbound to ‘any’ means your machine IP address
Source Port: Any
Destination Port: 2869

This rule would be in your Global Rules, and be near, or at, the top of the list.

The rule will allow UPnP traffic from your router to come into your machine. Then Messenger can do its stuff, and CFP won’t be logging any more traffic.

ok i spoke to soon rebooted computer and it still happens :frowning: even with the rule not sure why eather here is another pic note i cleared the logs so its a fresh view.

[attachment deleted by admin]

going to see how things go without UPnP as i notest its not on in windows no reason for it to be on in router.

grue155 it works without UPnP of in my router seams my router sets up a ALG just for windows/msn messenger so now i don’t get all those stupid logs there gone :slight_smile: thank you for your kind help SIR. and i don’t use UPnP anyhow.

this case can be closed.

This has been solved

Please PM a Moderator to reopen