Re: port 1025 open by svchost.exe, how 2 disable?

From: Don Kelloway (
Date: 08/04/04

Date: Wed, 04 Aug 2004 04:58:49 GMT

"Tony Martin" <> wrote in message
> Hi,
> I use dialup to connect to the Internet.
> It appear port 1025 is open and listening on my
> XP Home computer. It appears to be associated
> with a win os utility called svchost.exe
> The problem is I notice various chinese and korean
> sites connecting to that port (reasons unknown?)
> I notice at least 7 versions of svchost.exe in
> the "services" window. Can anyone tell me
> which of these services is unnecessary or
> the one causing port 1025 to be open and
> listening so I can disable it? Or the number
> of a MS security update patch that will stop
> this? Please reply here.
> Thanks for any assistance!
> Tony

The 'svchost.exe' is the executable name associated with 'Service Host
Process' which is responsible within the Windows O/S for running various
internal processes. It is perfectly normal to have multiple occurrences
of 'svchost.exe' running and this is because each instance is
responsible for running one or more other processes.

Instead I recommend that you leave the 'svchost.exe' files alone and not
continue any efforts to look for ways to disable it. Otherwise you may
find yourself with an unstable system or more probable, a new doorstep
to hold your bedroom door open. Of course the latter is a bit of an
exaggeration, but if I were you I'd focus on ensuring that the system is
secured with a decent firewall, is virus and spyware free.

SPECIAL NOTE: If you're running Windows XP Pro you can open a DOS
window, type TASKLIST /SVC and press Enter. The result is that you'll
receive a listing of all running processes, including the instances of
'svchost.exe' as well as what each is running. Additionally if you want
to know what specific process is responsible for which TCP/IP ports,
type NETSTAT -ANO and press Enter. The result is that you'll receive a
listing of ports and PIDs. With the PIDs compare it to the list of PIDs
from running the TASKLIST command and voila!

Best regards, from Don Kelloway of Commodon Communications
Visit to learn about the "Threats to Your
Security on the Internet".

Relevant Pages

  • Re: Linux als Router
    ... # Enter all trusted network interfaces here. ... # which should be available to the internet and set FW_ROUTE to yes. ... space separated list of ports, ... # Packets to silently reject without log message. ...
  • Re: SharePoint 3.0: problems with external access
    ... "Go to 'Alternate Access Mappings' and in the 'Internet Zone' for your ... Port 443 won't work because it is already used by the Default Web Site. ... What you need to do is create a wildcard certificate and use it in ISA. ... The steps to publish WSS 3.0 applications behind ISA 2004 are the same ...
  • Re: [opensuse] Re: Interactive Firewall Needed
    ... --> one person(Not an expert in Linux security) installed linux in his laptop for his personal use ... I can't imagine a reason why a player would need to open a listening port to internet. ... Not even if you have to download the music at that instant, like from an online radio, would any action be needed to open a port on the firewall, that's automatic. ...
  • Re: companyweb from RWW
    ... "Could not open connection to the host, on port 23: ... internet should tell the tale, ... Les Connor [SBS Community Member - SBS MVP] ... This site is the default web site. ...
  • Re: "Offenes" SMTP-Relay mal anders
    ... Port 25/tcp jedes am Internet angeschlossenen Hosts fuer SMTP reserviert ... marmelade von genau diesem brot eine unerwuenschte handlung sei. ...