port 3389 for RDP is listened to by vchost.exe

Posted on


how do I get port 3389 for RDP to not be listened to by vchost.exe on win7-64 bit? I used a port checker and it says that that port is locked by another program. so I did “cmdnetstat -ano” and the PID matches vchost.exe. I have a linksys E1200 router and I thought I had forwarded the port properly. I’m just trying to set up my computer so it can be accessed remotely and ran into this issue. any help is appreciated.


According to ThreatExpert.com, vchost.exe could be a threat. I’d scan your system with whatever AV tools you have installed to confirm.

Symantec also makes a reference to a trojan that will create a Vchost directory.

Here’s another reference to it as a threat.

This is not to be confused with vshost.exe or svchost.exe.

Note that the real Windows RDP server actually shows up as svchost.exe.