Hi, need advice on how to close Port 1025 and how to locate the process that is running from it, if any? As always, thanks for advice.

http://www.google.com.au/search?hl=en&q=close+Port+1025&btnG=Search&meta= http://keir.net/portlist.html http://www.emsisoft.com/en/kb/portlist/ http://www.iana.org/assignments/port-numbers Use a firewall to block, I use this one, turn off XP's firewall. SensiveGuard http://www.snapfiles.com/get/SensiveGuard.html http://www.sensiveguard.com/download.html SensiveGuard combines an application firewall and real-time file-guard into a network security tool, that allows you to control which programs are accessing the Internet, and/or delete files on your computer. Whenever network activity occurs that is not allowed by any existing rule, the program prompts you for approval before allowing the activity. It offers inbound and outbound network filtering via TCP,UDP/IP, as well as customizable options to protect files from being written, deleted, or copied. The program can distinguish between user initiated action (from the keyboard) or other actions, that could be triggered by malicious applications. Additional features include digital fingerprinting of programs, self protection, detailed logging and more. Or, you can use something like this. Active Ports http://www.protect-me.com/freeware.html Easy to use tool for Windows NT/2000/XP that enables you to monitor all open TCP/IP and UDP ports on the local computer. Active Ports maps ports to the owning application so you can watch which process has opened which port. It also displays a local and remote IP address for each connection and allows you to close any port. Active Ports can help you to detect trojans and other malicious programs.

And a few more. Emsa Port Blocker http://www.e-systems.ro/port_blocker.htm Emsa Port Blocker is a TCP blocking utility. It blocks unwanted tcp access from/to your computer. It is not a firewall, but up to some extent it could be regarded as a similar tool. Its purpose is to prohibit TCP access on certain ports and IP addresses. It can also be used as a TCP monitor because it shows TCP connections currently active on the machine. It can be configured to block access to certain local ports, but it can also prohibit access to specified remote ports as well. =================================== CurrPorts http://www.nirsoft.net/utils/cports.html CurrPorts displays the list of all currently opened TCP/IP and UDP ports on your local computer. For each port in the list, information about the process that opened the port is also displayed, including the process name, full path of the process, version information of the process (product name, file description, and so on), the time that the process was created, and the user that created it. In addition, CurrPorts allows you to close unwanted TCP connections, kill the process that opened the ports, and save the TCP/UDP ports information to HTML file , XML file, or to tab-delimited text file. CurrPorts also automatically mark with pink color suspicious TCP/UDP ports owned by unidentified applications (Applications without version information and icons) System Requirements This utility works perfectly under Windows 2000 and Windows XP. You can also use this utility on previous versions of Windows (Windows 98/ME), but in these versions of Windows, the process information for each port won't be displayed. ================================= MyBlockeR http://www.softplatz.com/Soft/Network-Internet/Other/MyBlockeR.html http://members.fortunecity.com/myeraser/_preview.htm Simple TCP Port blocker-log file will be generated for all hack attempt. Load at Windows start-up and Auto Start functions included. Doesn't require installation and will never add new registry key entries to your Windows registry database. Win 3.1x, Win95, Win98, WinME, WinNT 3.x, WinNT 4.x, WinXP, Windows2000, Windows CE

Strange things happening today here. I posted another message which was listed OK in the forum Windows XP and then a few minutes later it disappeared absolutely - what is the reason for this!? Has it been purposefully deleted or something? As always, thanks for advice.

Well this is the message that I wanted advice on. HiJackThis scan has revealed *1 Bad* and 1 Good entry in Port 1025. The *Bad* entry in the Process Path 1292 TCP/UDP is *NETSPY; MAVERICK'S MATRIX 7 REMOTE STORM* The Good entry in the same path is Window RPC Schedule Task. What can I do to remove the *Bad* entry without having to close Port 1025 which is needed for Window RPC Scheduled Task? As always, thanks for advice.

I guess this is the reason... Terms and Rules for posting onto Computing.Net's forums i_XpUser

Consider getting a home/soho router. The newer ones usually have a simple web based setup. The mostly are setup secured but you can check and use it's tools to block ports and much more. For the most part you would only need to have port 80 open. Might have to open some ports for other apps. Many new routers support applications that move across ports. In worse case you would open port to a single computer with a scheme call dmz. I would only use the open settings in last resorts for a very limited time. Check the router logs once in a while to see what it has blocked.