This process is currently using 23 thousand k. It is in C/programs/windows media player connect.
1. What exactly does it do?
2. Should the process be so large for it?
Windows Media Connect (WMC) allows Universal Plug and Play devices to be used by Windows Media Player. As Universal Plug and Player is considered a security risk, disable this unless you need to use it.
http://www.bleepingcomputer.com/startups/m...s.exe-7344.html
In addition, here's some more information from this excellent Task List Programs Database:
Microsoft?s Windows Media Connect Service. Windows Media Connect is a Microsoft technology which enables Digital Media Receivers to play music, video, or photos that are stored on a Windows XP PC. At the time of writing, 1-Oct-2005, most Digital Media Receivers (DMR) take the form of a piece of Hi-Fi equipment which can connect wirelessly to your PC or PC network, and play music (or music playlists) stored on your PC or network. For example, you would have your Digital Media Receiver in the living room connect wirelessly to your PC in your study or one of the spare rooms, and play music files or music playlists stored on the PC. MSWMCCDS, the Windows Media Connect Service, is the process which enables this process by streaming the music to the Digital Media Receiver (which has no storage capacity of its own).
Recommendation :
Unless you are a Windows Media Connect user, the default Startup Mode of this service will normally be Manual, which is fine. In fact, at the time of writing, 1-Oct-2005, given some of the bugs we have seen with the Windows Media Connect Service, we feel it would be prudent not to have Windows Media Connect automatically start when Windows starts as some of the recent problems have included Windows taking up to 20 minutes to start because of a problem with the Windows Media Connect Service. If you use Windows Media Connect, simply start this service through the Windows Media Connect icon in the Control Panel ? this service starts as soon as you open the Control Panel?s Windows Media Connect icon (the Windows Media Connect Configuration program) and you can stop it on the SETTINGS tab.
As for the UnpnP Internet Server vulnerabity, it was first reported in 2001 and MS subsequenly issued a couple of patches to fix (most of) it.
Still, it IS recommended to disable the 'feature' until (possibly) needed. You can use Steve Gibson's handy little "UnpLug 'n Pray" application to toggle it off/on should it be needed:
Thank you for the replies.
It wasn't there when I turned on my comp today.
I had a look at it in the control panel, file sharing was not selected so I actived to see what would happen. It told me it would not work as I didn't have the devices to use ( no wireless devices etc ) so I stopped it by selecting stop filesharing. However it is now using 23thousand k in processes.
There is also mswnc.exe using 18 thousand k.
How exactly do I stop them running please?
From what I understand from the above writeup, you need to disable that service and the files will probably no longer run:
Start > Run > Services.msc . Drill down to the Windows Media Connect service, stop it, and set its startup properties to 'disabled'.
And I found you a MS article with some more informatiom:
https://www.microsoft.com/windows/windowsme...onnect/faq.aspx
Thank you Tony, it is now stopped.
Another lesson learned !!
You're very welcome, Hazelnut.
UPnP is used for a LOT of applications (uTorrent, MSN/WLM, DC++ and MANY more). Disabling it is not only wrong, it's foolish. Steve Gibson of GRC's an idiot. :\
Note, this will not disable Plug and Play features in WinXP for a device you connect to your computer.
The "Plug and Play" Service is responsible for that and it is a different animal from the Universal Plug and Play Host service.
You just suggested a program to disable UPnP. Why? Both SSDP and UPnP should be left to Manual. Not Disabled.
http://www.junegillespie.plus.com/UPnPTest.exe
It dates back to the time the vulnerability was first spotted being used by various exploits, and it was certainly advisable to disable those services then.
I still have both services set to disabled, and I will admit that as I never had anything conking out on me because of it I never really bothered to investigate further.
The excellent BlackViper Service guide (site now unfortunately under construction) says:
Universal Plug and Play Device Host
Used in conjunction with SSDP Discovery Service, it detects and configures UPnP devices on your home network. For security reasons and for the fact that I doubt that you have any of these devices, disable this service. If any EXTERNAL device does not function because of this service being disabled, place it back in to automatic. MSN Messenger uses this service in conjunction with supported UPnP devices, to provide support for networks behind a NAT firewall or router. Also, if you are experiencing difficulty connecting to multiplayer games that use DirectX(7,8,9), place this service to automatic and ensure you download all security updates. Furthermore, if you use Windows Firewall/Internet Connection Sharing * and wish to make use of the "allow others to modify this connection" feature, enable UPnP. Take note: UPnP is NOT PnP. UPnP is for connectivity on networks via TCP/IP to devices, such as scanners or printers. Your sound card is PnP. Do NOT disable Plug and Play service.
The Win XP default is 'Manual' and I guess it's fine to leave it that as well, as the Service is reportedly required by some chat programs and other apps.
Yeah, MSN, and anything else that wants to do NAT traversal. UPnP is pretty good at making you connectable from behind a router. That's all UPnP really does (NAT traversal). The vulnerabilities are old and patched, and nothing new has come out in a long time about it - it's pretty safe to leave them on.
Thanks!
Yep, but they've also patched a lot of the key issues that were presented.
I believe even BlackViper's site is now too outdated to reference and make use of. It seems UPnP is becoming more and more commonly used.