How to close ports 135 and 445 (Windows 7)?

After a port scan to my internal IP i realized i had 3 ports open: 135, 139 and 445.
I'm behind a router but there are other people using the same wireless connection, so my computer may still be infected with a worm... I've been able to close port 139, but not the other two.

Anyone here was able to close ports 135 and 445 in windows 7

Thanks!

 

Since you're using Windows Firewall, you could change the network location to Public if you're not using file or printer sharing.

 

My network location is already Public, however those ports remains opened...

 

Go into "Network and Sharing Center", and then click "Change advanced sharing settings." For the Public network location, change the settings to the more restrictive settings.

 

Thanks Mr Brian, i'll try it as soon as i can and report back, since right now i don't have access to the computer. By the way, in this moment I'm posting from Ubuntu 11.10 that reports 0 open ports (default instalation)...

 

You're welcome . It should work because I posted my results recently in Windows 7 Open Ports.

 

Shouldn't turning off "Network Discovery" and "File and Printer Sharing" take care of this generally? I have those turned off and public folders turned off as well (only one system in the house).

 

I think so.

 

That was my understanding, thank you

 

Thanks for your replies. I've checked those settings and they were already disabled... However Advanced Port Scanner still reports open ports:

135 (loc-srv)
445 (microsoft-ds)

 

having done other things you mention you did there is no need to closing those ports for the sake of it. Does that utility specify what keeps the ports open?

 

No, but using CurrPorts i can see:

Local port
135 epmap
445 microsoft-ds
5355 llmnr

 

Hi Alex,

I installed Advanced Port Scanner on the other desktop which is connected to an ordinary hub this machine is on. I've got Win7 fw w/advanced security set to Public profile with inbound and outbound connections that do not match a rule are blocked. With the fw enabled, the scanner reports all ports as closed. With the fw disabled, only port 135 shows open. The ss of the event viewer security entry shows the scanning machine ip (192.168.1.69) ICMP (protocol=1) packet blocked to my machine (.66) blocked at port 8.

I'm not sure what's happening with your scans, but they should be blocked if your profile is Public with outbound/inbound blocked by default. Did you verify your inbound rules are not allowing anything?

 

AlexC,

Are the results you're getting the result of a scan of your own computer from that same computer, or from a different computer? I think you were testing your own computer from your own computer. If it's from the same computer, then those ports should be open. If it's from a different computer within your local network, then those ports should be closed given your settings.

 

Thanks for your answers wat0114 and MrBrian.
In fact i´m were testing my own computer from your my computer. I'll scan from another computer in the same local network and see the results. Thanks!

 

You're welcome. You will see different, more accurate, results, I'm sure Even with the fw enabled, scanning from within the computer is not representative of a real world scan originating from outside your pc's network interface, so you will see open ports, and those same ports will be closed if your fw is enabled and configured correctly to block port scans external to your network interface.

 

I've scanned from another computer in the same local network and the ports are closed... Thanks!