This is unlikely malware as i am on a fresh install and its probably me being paranoid but i use Windows 7 firewall advanced with my own rules and i have IPv6 disabled and over 20 services. I have added the reg file to disable UPnP and its disabled in my router settings but my firewall log is packed with UPnP attempts from another pc/tablet/phone connected to the router. I am on a wireless connection so i don't know if this is normal? Its blocking 7/8 every second.
UPnP normal behavior?
- Thread starter Jaffa_Whacka
- Start date
Normally i download torrents yea but at the moment im on a fresh Windows install so i aint even installed a torrent client yet. Everyone else connected to the router are either on ipads, iphone. I have a static IP setup and have no P2P software on the system and UPnP is disabled on the router settings and my pc.
Upvote
0
- Feb 7, 2014
- 1,540
Do you have xbmc installed,also what windows are you using?
Display name:UPnP Device Host
Service name:upnphost
Type:share
Path:%WinDir%\system32\svchost.exe -k LocalServiceAndNoImpersonation
File:%WinDir%\System32\upnphost.dll
Error control:normal
Object:NT AUTHORITY\LocalService
Privileges:
- SeChangeNotifyPrivilege
- SeCreateGlobalPrivilege
Last edited:
Upvote
0
- Feb 7, 2014
- 1,540
The UPnP Device Host service runs as NT AUTHORITY\LocalService in a shared process of svchost.exe. Other services might run in the same process. If UPnP Device Host fails to start, the error is logged. Windows 8 startup proceeds, but a message box is displayed informing you that the upnphost service has failed to start.
Upvote
0
Ah, Just confused why i am still receiving UPnP requests. UPnP Device Host is one of the services i have disabled. Everything seems fine for now looking at log my firewall is blocking the attempts so i guess that is a good thing. Looks like the registry key and the disabled service is working just got a little confused as the UPnP has always been set to disabled on the router yet if i allow inbound traffic my logs gets full of dropped attempts.
2014-06-07 16:44:10 DROP UDP 192.168.0.7 239.255.255.250 64946 1900 439 - - - - - - - RECEIVE
2014-06-07 16:44:10 DROP UDP 192.168.0.7 239.255.255.250 64946 1900 439 - - - - - - - RECEIVE
Upvote
0
Littlebits
Retired Staff
- May 3, 2011
- 3,893
It is never recommended to use reg files to disable Windows features or components, it will just give you major problems sooner or later.
UPnP is now a part of the Network and Sharing Center on modern Windows, just use those settings to configure sharing between UPnP devices. No need to do anything extra, UPnP is required for many programs and other Windows features therefore manually using reg files to disabled will just cause errors and will not stop features or programs from making UPnP connection requests.
Enjoy!!
Upvote
0
I dont normaly touch the registry but was just a matter of making a reg file . Just had a look at the IPS and its the 2 wireless sky HD+ boxes which are used for the tv. So looks like nothing major just the HD+ boxes trying to connect i think.
. Just had a look at the IPS and its the 2 wireless sky HD+ boxes which are used for the tv. So looks like nothing major just the HD+ boxes trying to connect i think.
Upvote
0
- Status
Similar threads
