Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win 32 Services


  • Please log in to reply
35 replies to this topic

#1 honu1

honu1

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:06:19 AM

Posted 28 May 2007 - 12:38 PM

I installed a new firewall last evening.
I have ZoneAlarm 6.1.744.001
The constant message I receive is the following:
Generic host process for Win32 services was blocked from accepting a connection from the internet.


i went to your glossary of terms here + still don't understand what this means.
I just keep clicking on okay to make it go away, but this is a constant message every 5 minutes.
Help please?
Thank you
honu1
Life isn't about how to survive the storm, but how to dance in the rain.

BC AdBot (Login to Remove)

 


#2 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,577 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:19 AM

Posted 28 May 2007 - 01:38 PM

Please allow Generic Host Services (svchost) TRUSTED server rights. NOT internet server rights. It needs 3 checks from the left in Program control. Svchost needs to have Access to trusted and internet zones, plus the Server rights in the Trusted zone. NO other program should get any server rights.

If you get an alert, you can click allow and remember always.

Edit: To get you started, Help in the right corner might be of some help.
We've already covered svchost.
Internet explorer and Windows explorer need 2 green checks from the left.
Your antivirus products will need 2 green checks.

Edited by tos226, 28 May 2007 - 01:46 PM.


#3 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:06:19 AM

Posted 28 May 2007 - 03:46 PM

I am so very lost with this new firewall.
I don't even understand what the help section is trying to tell me.
I don't see where I'm supposed to make those 3 check marks either.
I still don't understand what it's trying to tell me with this constant "blocked" message.
I'm really going to need some tutoring,please?
Thank you for any help you can give to sort this out.
honu1
Life isn't about how to survive the storm, but how to dance in the rain.

#4 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,577 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:19 AM

Posted 28 May 2007 - 04:39 PM

On the bottom line is Zone Alarm, correct?
Click on it to maximize the ZA window. Or right click the ZA icon on the right bottom and select Restore...
Then on the left side you have several options: overview, firewall, Program control, AV monitoring, Email protection, Alerts and Logs.
Click Program Control. Then Programs tab. Then a list comes up with four columns. These are programs ZA detected already running (there will be more later as you use them). Of the first 3 columns, give Generic Host thing 3 checkmarks by right click (I think) in the column under that name. It'll say Allow or Deny.

Under Program Control, Main tab, set Program control at Medium, and set Smart defense at Auto, so it'll set up most things for you. Setting is done by moving the sliders up and down and watching what ZA says the effect will be.

Helps aren't initially very comprehensible. But you'll get used to it. Probably. The alerts will be coming up as new programs, new for ZA, are being used. Normally, if you trust a program, allow. Otherwise deny.

BTW what do you use for internet access? DSL? Dial up? Do you have a router?

Meaning of blocked message is just that. The purpose of a firewall is to block things from leaving your computer or from accepting connections when you didn't ask for it. The side effect is, that sometimes you'll block things that should not be blocked, as is the case here. No big deal really, just change the settings.

#5 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,577 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:19 AM

Posted 28 May 2007 - 04:51 PM

Ok, some stuff in plain English, not computer mumbo-jumbo, for you

You can't do worse than read this recent explanation and a general idea about settings:
http://forums.zonealarm.com/zonelabs/board...essage.id=30675
Never mind that it's for version 7, it applies to all.

And while you're there, you might as well save this link for solution to some connection problems
http://forums.zonealarm.com/zonelabs/board...essage.id=30671

#6 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:06:19 AM

Posted 28 May 2007 - 04:55 PM

I have no smart defense listed on my program control section.
I only have 2 columns one for access+one for server.
In access both the trusted+internet have green checks.
In the server trusted has a green check+internet has a red x.

I have cable access+also have a Linksys router hooked up to my router+cpu for my mom's laptop.

I still don't know how to change the settings,sorry. But with practice+help from members such as yourself I'm sure I'll master this.

Thanks for your patience everyone!
Life isn't about how to survive the storm, but how to dance in the rain.

#7 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:06:19 AM

Posted 28 May 2007 - 05:51 PM

It appears I have many programs listed with blue question marks in both columns.
I'm not sure what this is all about.
I leave my computer on all the time.
This new firewall sure is going to take a lot of research on my part.
I need all the help+patience I can get at this forum.
Thank you very much.
Life isn't about how to survive the storm, but how to dance in the rain.

#8 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,577 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:19 AM

Posted 28 May 2007 - 06:40 PM

Blue question marks simply mean for ZA to ask you what to do. Options are always allow, always deny, ask. For unknowns I have it set as Ask, that way I can decide at the time it wants to run.

Every firewall will require some figuring out :thumbsup: this one is no exception.

Is generic Host process still being blocked? With the settings you mentioned, 3 checks from the left, it should not.
Added: You have two columns, Access and Server. But each is diveded into 2 columns, trusted zone, Internet=untrusted zone, so that makes 4, does it not?

With Linksys router you're protected half way and simplest to deal with in a public forum.
You might be having connection problems.
Please, do this
Click Start, select Run and type in "cmd" without quotes.
Now in the window, type "ipconfig /all" without quotes and with space between g and /
Copy and paste what it says here. don't worry about revealing your private IP address, just do delete the MAC address (physical address entry consisting of numbers/letters xx-xx-xx about 4 times or 5).

The reason for all this, is I want to make sure your ZA will be setup correctly, that the router, loopback, DHCP and DNS server(s) are in the Trusted zone in ZA.

SmartDefense (or dumb defense it you will) is when the alerts tell you to check this or that as well as when they set permissions for programs. I doubt you don't have it.

Edited by tos226, 28 May 2007 - 06:46 PM.


#9 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:06:19 AM

Posted 28 May 2007 - 07:07 PM

Yes,generic host processes is still being blocked.
What is this about a MAC address? Did you say it's listed 4 or 5 times?
I don't want to do that copy/paste thing 'til I fully understand what you're telling me.

I guess I do have SmartDefense after all. I was just asked if it was allowed to update my AVG.
Thank you for being so patient with me. I'm trying to understand all this.
Please don't give up the ship!
Life isn't about how to survive the storm, but how to dance in the rain.

#10 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,577 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:19 AM

Posted 28 May 2007 - 07:28 PM

Microsoft Windows XP [Version 5.1.2600]
Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\my name>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : my computer name is here - I DELETED
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Atheros AR5004G Wireless Network Adapter #2
Physical Address. . . . . . . . . : <--- MAC ADDRESS I DELETED

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
Physical Address. . . . . . . . . : <--- ANOTHER MAC ADDRESS I DELETED
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.65
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
Lease Obtained. . . . . . . . . . : Monday, May 28, 2007 7:19:21 PM
Lease Expires . . . . . . . . . . : Tuesday, May 29, 2007 7:19:21 PM

Your values will be different, just try to paste something along these lines in, watching what I DELETED. This is safe. Nobody can hack me. The 192xxxxx addresses are private, on MY side of the firewall.

BTW I use Linksys router. And it's a DHCP and DNS server. You might see two DNS servers. Just post the text, we'll go from there.

Edited by tos226, 28 May 2007 - 07:30 PM.


#11 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,577 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:19 AM

Posted 28 May 2007 - 07:34 PM

Svchost being still blocked baffles me a bit. We may need help here.
Did you reboot your computer after installing ZA? I would.

#12 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:06:19 AM

Posted 28 May 2007 - 08:02 PM

I'm almost certain I was prompted to reboot abfter the install, but, I will do so again now, then post the information you requested here.
Life isn't about how to survive the storm, but how to dance in the rain.

#13 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:06:19 AM

Posted 28 May 2007 - 08:20 PM

I have a bit of a problem here. I did the reboot + still getting that error message.
I am unable to copy the info you requested to a post here. I get a black box all right with some info, but, there is an error message in that also!

unrecognized or incomplete command line is the opener. How else can I copy this info as it doesn't highlight in the way I'm accustomed to seeing?
Life isn't about how to survive the storm, but how to dance in the rain.

#14 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,577 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:19 AM

Posted 28 May 2007 - 08:23 PM

I'm still listening, though won't be for long, perhaps another hour or two at most today.
Did we determine what really is being blocked? When SmartDefense issues an alert could you write here the IP address they indicate? Is it something known to you (google, yahoo) or might it be your cable company or antivirus updates?

Did you install ZA when antivirus was running? Perhaps it's flawed installation, but please do NOTHING if that's the case. Reinstallation is simple and I'll give you instructions if they're needed now or later. Do not try to kill ZA at this point. Did you ever have Norton installed on the computer?

#15 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,577 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:19 AM

Posted 28 May 2007 - 08:32 PM

After doing ipconfig /all right click on the top bar, the windows title. Select Edit, then mark, then select all text, it'll turn white, back to Edit, select copy, and paste here. Nasty little procedure.

If you prefer, let ipconfig write a notepad file for you. Do ipconfig /all > C:\ipconfig.txt
then find your file at the root of C drive and copy and paste from the saved file. If you save to MyDocuments that's ok too, so long as you know where you're writing the file.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users