Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Is it possible to block network access by PID instead of process name?

14 Apr 2011   #1
joe7dust

Windows 7 Ultimate 64-bit
 
 
Is it possible to block network access by PID instead of process name?

I'm using Comodo and whenever I select scvhost.exe [812] and block it, the scvhost.exe [1004] gets blocked as well.

Extremely annoying because, the PID 1004 is required for my DNS to function... websites won't work right without it unless I type the IP address. [812] looks like some sort of Microsuck phone-home BS... whois has it registered to them. I have updates disabled so they need to get off my stuff!


My System SpecsSystem Spec
.
14 Apr 2011   #2
joe7dust

Windows 7 Ultimate 64-bit
 
 

Still interested in the answer for prosperity's sake, but for now I fixed the 'issue' by simply banning traffic between my computer and several million M$ucks IP addresses.
My System SpecsSystem Spec
14 Apr 2011   #3
WebMattR

W7 Professional x64
 
 

Quote   Quote: Originally Posted by joe7dust View Post
I'm using Comodo and whenever I select scvhost.exe [812] and block it, the scvhost.exe [1004] gets blocked as well.

Extremely annoying because, the PID 1004 is required for my DNS to function... websites won't work right without it unless I type the IP address. [812] looks like some sort of Microsuck phone-home BS... whois has it registered to them. I have updates disabled so they need to get off my stuff!
Out of curiosity, why are you killing SVChost?
My System SpecsSystem Spec
.

14 Apr 2011   #4
joe7dust

Windows 7 Ultimate 64-bit
 
 

Call me paranoid, but if I don't have updates turned on I should not have any active connections to MS servers.

I recently had a suspicion of being hacked, so I am plugging ALL holes except stuff that really needs to run.
My System SpecsSystem Spec
14 Apr 2011   #5
WebMattR

W7 Professional x64
 
 

Do you have antivirus installed, and a firewall running? If so, you should be solid against any kind of intrusion.

Why aren't you running updates? And how're you sure that it's connections to Microsoft servers, and not simply network traffic (pings and such), are you running network diagnostics?

Sorry for the boatload of questions. I just really want to understand what's going on. it makes it easier to give you a solution that'll make you happy.
My System SpecsSystem Spec
14 Apr 2011   #6
joe7dust

Windows 7 Ultimate 64-bit
 
 

I did a whois on the ipaddress and its part of a range that belongs to MS. After blocking traffic to that entire range, it proceeded to change its destination to a range in York, UK... really annoying. I don't like unsolicited connections between my computer and unnecessary servers. I manually update as needed, automatic updates cause surprises sometimes and can tax the system at moments you don't want that like in the middle of a game.
My System SpecsSystem Spec
14 Apr 2011   #7
WebMattR

W7 Professional x64
 
 

Actually, if you keep up to date on updates, you'll only be updating on or after Patch Tuesday. I would pick up a piece of software (and I'm afraid I don't know of any) that monitors network traffic, and tells you what it is that's sending out the information. Are you sure it isn't like MSN messenger running in the background?

Are you running AV and a firewall? Also, what're your system specs? I'm curious what you could be running that might cause updating and similar things to be a viable concern.
My System SpecsSystem Spec
14 Apr 2011   #8
joe7dust

Windows 7 Ultimate 64-bit
 
 

After filtering both ranges of IPs, and rebooting it seems scvhost.exe finally shut up (for now anyway).

The main stuff I'm curious about now is why services.exe, lsass.exe, & 'system' are all listening on 3 different ports. I'll probably find it on google. Last time I did that it turned out to be something related to wireless network video streaming so I just turned off the related service and it went away.

I like to have full control over my system, automatic things bug me. I'm old school. Like MS-DOS 4.0 and Windows 3.0 old school. Tandy 1000, TRS-80 III, etc. Yes I have AV and of course a firewall (its what alerted me to the unwanted network traffic, duh!)

edit: added my system specs in profile.
edit2: I haven't let the messenger service run on my system for about 6 years now
My System SpecsSystem Spec
15 Apr 2011   #9
WebMattR

W7 Professional x64
 
 

Not a bad machine. Well, personally, I'd say ease up on the iron grip. With your specs the way they are, none of the services named are going to be enough of a background process to cause any kind of technical difficulty (lag, etc.), and forcibly killing them just makes your system unstable. I would say just let W7 run and manage itself, and trust it to know what it's doing. It's a strange idea (and one I'm still coming to terms with), but this OS seems to do a good job of managing itself if you let it.
My System SpecsSystem Spec
15 Apr 2011   #10
joe7dust

Windows 7 Ultimate 64-bit
 
 

I never said I wanted to kill it I know how to do this already and am aware of the system instability that can happen if I did this. Reread post title.
My System SpecsSystem Spec
Reply

 Is it possible to block network access by PID instead of process name?




Thread Tools




Similar help and support threads
Thread Forum
can i block a program to write access to a specific folder ?
Hi can i block a program to write access to a specific folder ? the folder is c:\Users\User\AppData\Local\Adobe\Lightroom\Caches\Video\ i use lightoom i import only photos but lightoom find every video in my pc and fill this folde of video cache! i don't have video in my catalog
Software
How do i block access to usb and ethernet port completely?
Basically all i want is to protect my content from getting copied to a USB FLASH Drive or through a ethernet cable to some other computer so all i want is to stop access to these places I tried some of the things already - 1. Password protecting (does not work) 2. Disabling USB Flash Drive...
Hardware & Devices
Block Modem access ???????
My son always keep looking youtube videos though my wireless modem. So is there any way to block modem for other devices. So that only I can access.:cool:
Network & Sharing
Block Applcation Access to a Folder
Is it possible to block an individual application's access to a specific folder? Let's say I have a folder called "Water" and and application called "Fire" Can I prevent "Fire" from reading "Water"? Meanwhile, any non-"Fire" application can continue reading "Water" without issue. As per the...
General Discussion
I want to block all access from a computer in the LAN
I want to block all access from, as in completely locking out, a computer in the LAN behind the Internet router that we all share. I don't want that machine to have any access to my Win 7 computer at all, since the user of that machine might going to try hacking into the LAN network. I want to know...
System Security
Block Freeware to access the Internet
There are a lot of Freeware for years not change to Shareware! For strict security measures against this kind of software, I suggest to block it to access the Web. For updates, you get them manually. Simple idea that I practice long ago. It's your choice.
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:36.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App