Care for another reason to block svchost.exe? This just happened minutes ago when the only thing I was doing online was downloading the latest updates to, oddly enough, Norton Internet Security. A remote address tried to access svchost.exe. Straight from the NIS system log:
Date: 2/16/2003 Time: 9:35:55
This one time, the user has chosen to "block" communications. Details:
Inbound UDP packet
Local address,service is (0.0.0.0,epmap(135))
Remote address,service is (126.96.36.199,3954)
Process name is "C:\WINNT\system32\svchost.exe"
That IP resolved to CPE-203-45-172-193.qld.bigpond.net.au which I seriously doubt had anything to do with NIS liveupdate. Now, you may be asking, why does he need to do a one time block if he has svchost.exe permanently blocked? Because I reformated and reloaded my system..haven't completely configured NIS yet
Btw, 100% spyware free. I religiously scan with ad-aware and all it picked up with its first scan after all my MS updates were done was "Alexa"..that reg key MS throws in. (makes sense, I -had- just formatted).
On the flip side, blocking svchost.exe may be why I have so much trouble getting my auto-dial to function reliably. Considering that description from the link Profman gave, it may be interfering with the services I have to set to automatic for auto-dial.
UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.2) Gecko/20021120 Netscape/7.01 (CK-SillyDog)