Comodo and svchost.exe, alg.exe, system. What do they want from me?

I unchecked “Do not show any alerts for the applications certified by Comodo” on my new XP sp2 Home install.

Does checking it increase my security risk?(I noticed the Comodo help file shows it unchecked.)

I prefer it unchecked. When unchecked I get alerts for three “applications”:

alg.exe with services.exe as parent
svchost.exe with services.exe as parent
system with system as parent

alg and svchost are in C:\WINDOWS\system32. System does not show a folder. What is its path?

As soon as I logon Comodo alerts:

application layer gateway service is trying to act as a server
application: alg.exe
remote ip:127.0.01port:listen(****) - TCP
[I [b]allowed[/b] it, but do I really need to allow this?]

generic host process for win32 services is trying to act as a server
application: svchost.exe
remote: ip:listen ports: ms-rpc(***) - TCP
[I [b]allowed[/b] it, but do I really need to allow this?]

windows system process is trying to act as a server
application: system
remote: ip:listen ports: ms-ds(***) - TCP
[I [b]allowed[/b] it, but do I really need to allow this?]


As soon as I connect to the Internet I get 2 additional alerts regarding svchost.exe(generic host process)

Generic host process for win32 services is trying to act as a server
application: svchost.exe
remote IP: ... port : nbdgram(***) - UD
Security considerations: c:\windows\explorer.exe has tried to use svchost.exe through OLE Automation, which can be used to hijack other applications. exploreer.exe might be using svchost.exe to connect to the Internet
[I [b]denied[/b] it this time. Is that ok to do?]

Generic host process for win32 services is trying to connect to the Internet
application: svchost.exe(deny)
remote IP: 255.255.255.255 port: ***() - UDP
[I [b]denied[/b] it. Is that ok to do? I am really not comfortable with svchost.exe connecting to the Internet.]

I have changed these settings a number of times and, it seems to me, that I have definitely been able to connect to the Internet fine even after denying all 3 svchost.exe requests. I believe that I have also denied the others with no obvious problems. I have “researched” what the “applications” are, but I still come away with uncertainty. The first of the two svchost.exe requests that I get after I connect to the Internet displays my own IP address(whois shows my ISP) as the remote IP; so, I assume this is some kind of “ping” or something. I have always denied these things in the past with ZA.

Which, if any, of these 3 applications do I need to be allowing through Comodo?

Svchost.exe usually needs Internet access to obtain and renew your IP-adress, and also for Windows Update to work.
And for your question about where the file ‘System’ is located, I think it’ the one without extension in C:\WINDOWS\system32\config
About alg.exe and I don’t know, but when I check my rules and click ‘Alg.exe’ it says ‘alg.exe is a part of Microsoft Windows operating system. It is a core process for Microsoft Windows Internet Connection sharing and Internet connection firewall’, which means it should have something with Internet to do. And when I go to services.msc I get:

ALG
Application Layer Gateway Service

Enables support for plugins for Internet Connection sharing and the windows firewall from other suppliers.

But if your Internet works after denying alg.exe, svchost.exe and System Internet access, I guess you don’t need to give them Internet access, tho from what I know, svchost.exe is needed for Windows Update to work.

Ragwing