Win7: SYSTEM IGMP connection

Hi, I just installed Win7, and now Comodo Firewall (in Custom Policy Mode) warns me
about an outgoing IGMP connection to initiated by “SYSTEM”.

No special Network configuration here, I am behind a router, the only computer on
the local network, and all Win7 network services are running unchanged (a fresh install, just
2 days old). I have run the “stealth my ports” wizard, and no trusted zones are defined in the firewall.

There are no special rules for system in the Network security policy, the “System” Item there
is empty (i.e. it says “Add rules for this application” just below the “System” entry).

Any ideas what this might be ??? What Windows component / service might initiate such
a connection ?
Any help would be greatly appreciated.


I don’t know if this applies to WIN 7 MS08-001 Vulnerability Explanation by Microsoft but I would block it untill you do further research.

Hmm, but what could cause this behavior ?

As I said, this is a fresh install … ??? ???

Maybe someone can give more information on what IGMP does,
and why windows tries to make outgoing IGMP connections ?

Thanks in advance.

EDIT: I attached a screenshot of the log entry (I blocked the outgoing connection manually)

[attachment deleted by admin]

Information on IGMP is used by remote access connection manager service in XP. I have a feeling Win 7 is doing the same

I suspect there is a way to shut down remote access connection manager in Win 7. In XP, you use system manager for that.


Just when that alert popup happened again i had a look at the service manager, and
the “remote access auto connection manager” service is NOT started (set to manual, and not started).
So i figure that is not the culprit.

On a Sidenote:

is there any problem to completely trust “SYSTEM” and thus to select it as a
“trusted application” in the popup ?
Or should it be outgiong only ?

As mentioned, at the moment the “System” entry does not contain any rules … (see screenshot)

[attachment deleted by admin]

UPnP(universal plug and play) uses
You are using one of UPnP devices.
(printer, router, scanner, wireless device etc)
ex) if you use a printer and don’t want to see that IGMP and any related packets,
turn off or uninstall ‘network and printer sharing’ in your ‘Local connection property’.
And turn off SSDP service.
Otherwise ,do not use any UPnP devices. ;D ;D ;D
(you can turn it off in your services)
It’s up to you.

1.get rid of ‘network and printer sharing’
2.turn off UPnP service.
3.turn off SSDP service.
3.turn off any related services and program.