QUESTION :
how do I get port 3389 for RDP to not be listened to by vchost.exe on win7-64 bit? I used a port checker and it says that that port is locked by another program. so I did “cmdnetstat -ano” and the PID matches vchost.exe. I have a linksys E1200 router and I thought I had forwarded the port properly. I’m just trying to set up my computer so it can be accessed remotely and ran into this issue. any help is appreciated.
ANSWER :
According to ThreatExpert.com, vchost.exe could be a threat. I’d scan your system with whatever AV tools you have installed to confirm.
Symantec also makes a reference to a trojan that will create a Vchost directory.
Here’s another reference to it as a threat.
This is not to be confused with vshost.exe or svchost.exe.
Note that the real Windows RDP server actually shows up as svchost.exe.