First I’d like to say I’m a new Comodo user and am thus far impressed with the program!
However, ahem I am no firewall expert. I dunno if this is obvious or not. Here is my concern:
When setting up Comodo, and allowing this and that program, I’d recieved a suspicious activity warning (I’d made some screenshots, but alas, that’s not gonna happen. I believe the problem is sufficiently explained without them).
The details of this warning state “C:\WINDOWS\system32\WgaTray.exe has tried to use C:\WINDOWS\system32\svchost.exe through OLE Automation, which can be used to hijack other applications” carrying a HIGH severity rating for svchost.exe
I didn’t know what wgatray.exe was, but Googled it and determined that it was a normal Windows component and I probably didn’t need to worry.
Now, on the SUMMARY overview, the “Traffic” panel displays two things: System running at 97-99%, and svchost.exe at 1%.
Also, when I check the list of connections, there are four svchost connections. Three are listening, and one is connected to an IP address with a UDP in/out, and is also the only one generating traffic.
I whois’d the IP and it came back as being the IANA. Am I just uneducated? Paranoid?
I just want to be sure, is all. Any help or insight is greatly appreciated