There are quite a few services that run under the svchost.exe container.
So we need to figure out which his service for which the svchost.exe is getting blocked.
Take netstat -ano output and see which is the exe that listening on port 1900 and PID
Now take a output of tasklist /svc and get the PID to specfic service that is getting blocked.
Based on that we can take a call if the event is valid or not.