hi,
i read as much of the newcomer info as i thought applied to me. this isn’t so much a problem as i’m wondering if it is a legitimate access request or something to be concerned about.
i did a System Recovery to factory condition on a Dell laptop via the built-in Ghost image. the system runs Windows XP Home Edition SP2 (build 2600). i set up the wireless networking for Wi-Fi, then moved on to quickly downloading security programs. i forget the exact order, but i believe i installed CPF 3.0 first.
**here is the message of concern that i got from Comodo:
“System is listening on port 139.” and it referred to “nbsess”.
this happened two times, while i was setting up various antivirus programs and doing basic setup and organizing of shortcuts and such. i was also logged in as Admin. i was using Wi-Fi internet from the coffeeshop nearby.
i didn’t remove or disable anything that i recall before installing CFP, nor do i remember the exact order of installation (as i was in a terrible rush for my friend who needed this machine for schoolwork). however, i believe CFP was the first thing i installed, as i put it first on my list. i unfortunately didn’t update Windows (all 80 updates) until after the avast!, Spybot S&D, SpywareBlaster, Comodo BOClean, and Comodo were all installed. however, in between downloading programs i would disconnect from the wireless network to do installs. also, i also don’t recall removing or disabling any security apps after installing CFP. one more thing is that i didn’t establish any rules yet, as i was in a rush and just wanted some basic protection going on the machine to start. i plan on doing that part later, after i have read up on it and when i get another chance to work on the machine.
here are the programs that were probably installed at the time of the message:
avast! 4.7 Home Edition - running all 6 modules
Spybot 1.5.1 - running
SpywareBlaster 3.5.1 - had already run it probably
Firefox 2.0.0.11 - running intermittently
IE 6
Windows AutoUpdate was on
Eraser 5.7 (i think that was the version) - context menu up
CCleaner 2.04.543 - installed, not running
Belarc Advisor 7.2 - installed
HijackThis v2 - installed
Comodo BOClean 4.25 - probably running
Dell Support 3.3 - running in background
also, in case this helps, these were possibly or probably running as listed in the msconfig but i took these names down before the recovery was done (names that i looked up as belonging to each .exe name in the list):
Intel graphics card
Synaptics touchpad
Intel ZeroConfigNic
Intel Wireless
Sigmatel Media Sound card (Dell)
Sound Blaster - Audigy - Creative Labs
some AutoUpdater Macro something thing (can’t read my writing) - isuspm.exe
issch.exe (some update service scheduler - can’t decipher my writing)
Sonic Solutions Drive Letter (CD/DVD Burning)
Yahoo’s MusicMatch tray
msascui.exe?
netWaiting.exe - some telephony thing
Dell Media & Dell’s multimedia suite launcher
Digital Line Detector
MSOffice Suite (ctfmon.exe)
office startup (OSA.exe)
that was probably way too much irrelevant info but i figure too much rather than not enough.
**my question, then, is:
1 - what is “nbsess”? i’ve read that it’s NetBui, and also that it’s NetBIOS. which is it?
2 - was this a legitimate/safe request?
3 - if not a legitimate/safe request, should i revoke permission for this nbsess (if i can figure out how, as it’s not listed anymore in the active list whose title i forget in CFP), then wait for it to happen again so i can take a different action? could there be any other adverse consequences from this act of permission that may require me to do yet another reformat…? (the machine had been infested with malware so i finally determined that a reformat was the safest way to go)
thank you for any assistance.