Tom's Hardware > Forum > Windows XP > Windows XP General Discussion > XP Generic Host

XP Generic Host

Forum Windows XP : Windows XP General Discussion - XP Generic Host

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Causeican   09-01-2003 at 05:15:16 AM

Hey Guys
I just recently upgraded to to xp pro. I spend alot of time on Dark age of Camelot (much more than is healthy..hehe) And i found with XP i was getting a major lag hit.
After reinstalling Zonealarm, which i hadnt done yet after the upgrade cause i wanted to play, I discovered these 2 Generic host Processes accessing the net(1 is just listening to a port150 i think), i believ they are in task manager as svchost.
So i set zonealarm loock and allowed the DAoC progs to pass the lock, and boom, no lag, no probs. Yet windows IE will not run if i do not allow these access.
Neither of these were in 98, so
1. Can they be disabled?
2. Are they really required in XP, Why?
3. What the hell are they REALY doing?

Hope someone here has some answers, cause no 1 else seems to know anything.

Tx guys


i LIKED windows 3.xx (cause i didnt HAVE to use it)

Add a reply
Sponsored Links
Register or log in to remove.
kinetic_tw   09-01-2003 at 05:48:57 PM
- 0 +

Yes, they are required system processes. This article from the MSKB might shed some more light on it for you.

<A HREF="http://support.microsoft.com/?kbid=250320" target="_new">http://support.microsoft.com/?kbid=250320</A>

Reply to kinetic_tw
goblinking   09-01-2003 at 06:30:10 PM
- 0 +

1. Nope
2. Yep
3. Everything

Okay, here comes the more detailed explanation... Generic Host Process, or svchost.exe, does pretty much everything related to networking as well as a bunch more on XP. Try end-tasking it; you can usually get rid of some of the threads without immediate issue, but some of them force Windows to shut down or crash, similar to what the Blaster worm did.

However, just because they have to be running doesn't mean they have to access the Internet, and I block mine from everything that isn't necessary for web browsing.

When I get home I'll post my firewall settings on here.

Reply to goblinking
goblinking   09-01-2003 at 07:25:48 PM
- 0 +

Right, I'm using Kerio Personal Firewall (www.kerio.com) and the rules I have set up for svchost.exe are as follows:

(1) Protocol: UDP. Local port: any. Remote endpoint: Address range xxx.xxx.xxx.3 to xxx.xxx.xxx.4, port 53. Permit incoming and outgoing.

Address xxx.xxx.xxx.3/4 is my DNS server, if I block this I can't connect to anything unless I know the IP. If your computer is set to automatically find a DNS, you may find you have to permit a similar rule to *any* address. Your ISP might be able to give you more information.


(2) Protocol: UDP. Local port: any. Remote endpoint: Address 192.168.0.1, port: any. Permit incoming and outgoing.

This is required for any network activity at all; 192.168.0.1 is the address of my router. You probably won't need this rule if you're on a standalone Internet connection.


(3) Protocol: TCP/UDP. Local port: any. Remote endpoint: any, port: any. Deny incoming and outgoing.

Everything else. This rule is placed after 1 and 2, so anything permitted by 1 and 2 isn't denied by 3. If you're not my DNS or my router, there's no need for you to be talking to svchost.exe, is there? Since this process is running on all Internet-connected WinXP PCs, it's a prime target for hackers; plus, God knows what information Microsoft are trying to send down the line.

Hope that's been useful to ya!

gk

Reply to goblinking
Causeican   09-02-2003 at 02:52:17 AM
- 0 +

Tx guys..very helpful. much apreciated

Reply to Causeican
Ask the community Add a reply
Tom's Hardware > Forum > Windows XP > Windows XP General Discussion > XP Generic Host
Go to:

There are 505 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.300 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
They won a badge
Join us in greeting them