How to Check Open Listening Ports on Windows and Close Unneeded Ones

What Causes This?

Windows programs and services can open “listening” ports so they can accept network connections. That’s normal for things like remote access tools, game servers, printer software, update agents, and developer tools — but over time, unused apps, misconfigured services, or unwanted software can leave extra ports open. In some cases, malware or potentially unwanted apps also listen on ports to communicate over the network.

Common Symptoms

• Your PC shows unexpected network activity when you are not using the internet
• Firewall prompts keep appearing for apps you do not recognize
• A security scan reports open ports or suspicious network services
• Remote access, file sharing, or server tools seem to be running when you did not start them
• Your PC feels slower or less secure on public or shared networks

How to Fix It Manually

1. Open Command Prompt as Administrator

   • Click Start, type cmd
   • Right-click Command Prompt and choose Run as administrator
   • Click Yes if prompted by User Account Control

2. List all listening ports

   • In Command Prompt, run:

     netstat -abno | findstr LISTENING

   • This shows:
     • the port number
     • the PID (process ID)
     • and, when available, the app or service name
   • If -abno is too slow or returns access errors, try:

     netstat -ano | findstr LISTENING

3. Identify which app owns the port

   • Look at the last column for the PID
   • Open Task Manager with Ctrl+Shift+Esc
   • Go to Details
   • If you do not see PID, click View > Select columns and enable PID
   • Match the PID from netstat to the process in Task Manager
   • If the process name is unclear, right-click it and choose Open file location

4. Check whether the app should be running

   • Common examples of legitimate listeners include:
     • svchost.exe for Windows services
     • web servers like nginx, httpd, or node
     • remote tools like TeamViewer or AnyDesk
   • If you do not recognize the app, search the file name and install location before closing it
   • Be careful not to stop core Windows services unless you are sure they are unnecessary

5. Close the app or stop the service

   • For a normal app:
     • In Task Manager, right-click the process and choose End task
   • For a service:
     • Press Win+R, type services.msc, and press Enter
     • Find the related service, right-click it, and choose Stop
     • To prevent it from reopening the port at startup, open Properties and change Startup type to Manual or Disabled

6. Block or remove unneeded software

   • If you do not need the app, go to Settings > Apps > Installed apps
   • Select the program and click Uninstall
   • If you want to keep it but block network access, open Windows Defender Firewall with Advanced Security
   • Create an Inbound Rule to block the app or specific port

7. Verify the port is closed

   • Go back to Command Prompt and run:

     netstat -ano | findstr LISTENING

   • Confirm the port no longer appears
   • Restart your PC and check again if the port keeps coming back

Fix It Automatically with Kudu

Kudu can help you spot apps and services creating suspicious network activity, including programs that reopen listening ports after startup. It makes it easier to identify unnecessary background software and clean up the items that may be exposing your PC or wasting resources.

Download Kudu Free →