Norton Internet Security question

  • Thread starter Thread starter enigma
  • Start date Start date
  • Tags Tags
    Internet Security
Click For Summary

Discussion Overview

The discussion revolves around alerts from Norton Internet Security regarding attempts by a remote system to access the Microsoft Generic Host Process for Win32 Services on users' computers. Participants are seeking clarity on the nature of these alerts, their implications for security, and potential solutions to the disruptions caused by these notifications.

Discussion Character

  • Debate/contested
  • Technical explanation
  • Exploratory

Main Points Raised

  • One participant reports frequent alerts from Norton regarding remote access attempts, expressing concern about the safety of allowing these connections.
  • A response cites that svchost.exe is a common process for running services and suggests that it is generally safe to allow, although it acknowledges the potential for malware.
  • Another participant shares a similar experience, noting that the alerts disrupt internet traffic entirely, regardless of whether they permit or block the access.
  • A suggestion is made to remove Norton’s firewall in favor of an alternative, such as Zone Alarm, and to switch from Internet Explorer to Mozilla Firebird for better protection.
  • One participant expresses concern about the origin of the access attempts, specifically noting that they appear to be from China, questioning the intent behind these attempts.

Areas of Agreement / Disagreement

Participants do not reach a consensus on the safety of the alerts or the appropriate response. While some suggest that the alerts can be safely ignored, others express significant concern and seek alternative solutions.

Contextual Notes

Participants mention various experiences with Norton Internet Security and the svchost.exe process, but there is no agreement on the implications of the alerts or the best course of action. Concerns about potential malware and the origin of access attempts remain unresolved.

enigma
Staff Emeritus
Science Advisor
Gold Member
Messages
1,739
Reaction score
20
I've been getting a whole bunch of these alerts, and I'm not sure what they're actually reporting:

A remote system is attempting to access Microsoft Generic Host Process for Win32 Services on your computer

Norton is telling me it's low risk, and the default (recommended) action is to permit it. I'm wondering what this is actually reporting, and whether it's safe to check the "always do this" box to let it go.

Every time one of these pops up it dumps me out of whatever program I'm currently running, and sometimes it messes the program up and it needs to be rebooted, so I do need to find some sort of solution.

Any insight, Internet Security Gurus?
 
Computer science news on Phys.org
From microsoft.public.windowsxp.general

Q: "My Norton Internet Security has been giving me alerts
several times per day that "a remote system is attempting
to access Microsoft Generic Host Process for Win32
Services on (my) computer""

A: "Svchost.exe is a generic host process name for services
that run from dynamic-link libraries, known as DLLs.
This is used for a lot of programs and if you look in your
task manager and see the processes you will notive a few
svchost.exe running. You should allow this although it
could be a virus using it to connect to your computer,
but as long as you have anit-virus software i wouldn'yt
worry."

So basically don't worry about it.
 
Thx, dduardo
 
i have same problem as enigma and trust me dduardo i can't simply "not worry about it"
My internet traffic stops completely and the pop-up in Norton Internet Security 2003 continues to pop-up..concerning the svchost.exe process

Quote:
A remote system is attempting to access Microsoft Generic Host Process for Win32 Services on your computer

No e-mail, no browsing, no nothing...whether I permit or block doesn't make a difference...only way is to right click on NIS icon in taskbar and click disable...then internet traffic resumes...any ideas
 
I get the same messages. When I check the location of the sites that are attempting to contact my computer, they always end up being in China. This concerns me. Why would some site/server/whatever in China be trying to access my PC? For what end?
 

Similar threads

Is Trend Micro Internet Security Really Protecting My Computer?
  • · Replies 3 ·
Replies
3
Views
3K
Countdown to Doom Release: Revisit the Original and Celebrate with Easter Eggs
  • · Replies 14 ·
Replies
14
Views
6K
STOP: 0x0000008E (0xC000005, 0XBF04DF7B, 0xED924B18 0X000000000)
  • · Replies 23 ·
Replies
23
Views
7K
Graduate BRS: PKI Cryptosystems for SA/Ms: A Tutorial
  • · Replies 13 ·
Replies
13
Views
4K
Did You Receive a Fake eBay Email? How to Protect Your Account Today
  • · Replies 12 ·
Replies
12
Views
7K
Kerbal Space Program - Rocket Design Basics
  • · Replies 2 ·
Replies
2
Views
11K
Do Movies Teach Us Realistic Life Skills?
  • · Replies 1 ·
Replies
1
Views
11K