I just logged off my windows 7 account and into my GF’s to get my CV from her emails, as i logged into hers comodo firewall reported that ‘SYSTEM’ was a safe application, however, it is about too receive a connection from another computer… the IP address was that of my router 192.168.0.1 , when I clicked the link to the system application it opened up the properties for the ‘system’ folder in windows… i blocked it as it said I should if i wasnt sure…
is this normal? if so what is it? I may have ALLOWED it on my account
im worried that i MAY have embedded malware somewhere in my Win7 as recently my Windows Live Mail account has been spamming my contacts and both times it happened was when I left the computer running (and Windows Live Mail open) and went out… but scans with every AV/Rootkit scanner brings up nothing…
Avast, MalwareBytes, SuperAntiSpyware, Avira, Sophos Anti-Rootkit all show as clean
What you’re seeing is quite normal and relates to the System process, which part of the windows kernel. Most likely, what you saw was a NetBIOS alert, which is used by Windows to facilitate file and printer sharing between devices on a network. NetBIOS uses TCP and UDP on ports 137 to 139.
If you require file and printer sharing on your LAN, you can use the Stealth Ports wizard (option 1) to create the necessary rules to support this, you can then create a rule to block any other traffic. If you don’t require file and printer sharing, you can disable NetBIOS on the properties page of the Network adapter.
There other reasons for seeing network traffic related to the System process, such as IGMP, VPN tunnelling etc.
[attachment deleted by admin]
thanks for the SPEEDY reply,
I have stealthed all my ports, is this OK?
I dont have anything I connect too over the network… there is another device on the network which is a router that checks your broadband connection (OFCOM/SamKnows router) for stats, but I dont connect to this device… Iam the only PC on the network.
I will follow your instructions to disable NetBIOS - should I also disable file and printer sharing in windows?
i forgot too mention in last post that I use bit-torrent
If you follow the instructions for disabling NetBIOS, you don’t need to worry about file and printer sharing settings elsewhere. The System process plays no part in p2p, that is the province of the rules for your p2p client.
thanks for your help
can I ask?
why isnt ‘stealth my ports’ on by default? - ive just found this and turned it on… P2P still works fine…