SystemSettings.exe connecting to remote IP.

Discussion in 'privacy technology' started by Thelps, Apr 15, 2018.

  1. Thelps

    Thelps Registered Member

    Joined:
    Apr 1, 2012
    Posts:
    46
    Just wondering why SystemSettings.exe is showing as connecting to a remote IP?

    How can I disable this functionality?

    Trying to restrict all Windows 10 Telemetry to an absolute minimum or none at all. I can manually update and enable/disable telemetric connections myself.

    Also, as a side question: Why is netbios showing connections (albeit to a '*' Remote Address) when I've disabled Netbios via Network Adapter Properties?
     
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    This is normal Win 10 behavior; at least on ver. 1709 it is. I wouldn't worry about it.

    Using TCPView for example to monitor network connection activity if NetBIOS is disabled, you will no reference to any ports displayed. Why you are seeing them might have to do with whatever you are using to monitor network connections.

    I suspect you didn't properly disable NetBIOS on the network adapter you are using to connect to the Internet. This setting is located under the "Wins" tab.
     
  3. Thelps

    Thelps Registered Member

    Joined:
    Apr 1, 2012
    Posts:
    46
    It's correctly disabled. Set to 'Disable NetBIOS over TCP/IP'.

    I guess I'm still concerned about remote access. If you check my other threads you'll see this is a running theme for me troubleshooting this PC.

    I'd still appreciate some advice on disabling this SystemSettings.exe remote connection. Just for purposes of hardening, if nothing else. Prefer to manually manage the OS's built-in network functionality.
     
  4. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    Code:
    reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "AllowOnlineTips" /t REG_DWORD /d "0" /f
    Code:
    https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips
     
  5. Thelps

    Thelps Registered Member

    Joined:
    Apr 1, 2012
    Posts:
    46
    Oh, I found the problem:

    NetBIOS was disabled on the main adapter but not a secondary adapter I had.

    That adapter was not in use but it seems Windows keeps NetBIOS available and network active under PID 4 (System) if any network adapters have the protocol enabled.
     
  6. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    To Disable NetBIOS over TCP/IP on all adapters (run in CMD as admin)
    Code:
    wmic nicconfig where TcpipNetbiosOptions=0 call SetTcpipNetbios 2
    wmic nicconfig where TcpipNetbiosOptions=1 call SetTcpipNetbios 2
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.