So, i´ve got another newbee question.
Installed CIS 6 yesterday on my machine running Win7 x64 Home Premium.
Surely i got a few warnings about connection trying to be made by svchost.exe and spoolsv.exe. Both are trusted but trying to recieve connections from internet from mostly high ports numbers such as 58408.
So i did a bit of googling and some of those ports obviously are ports known to be used by trojans etc but also by other legit applications.
So my question know is; How do i track down what application it is that needs this connection or more specifically what program ???
Blocking or allowing without knowing what program you give access or deny seems not to be an optimal sollution!?
Screenshot:
http://s12.postimg.org/ecopseia1/Connections.jpg
Might also add that the computer is scanned with Comodo AV, SAS, MBAM etc w/o any found threats!