Something to be concerned about..?

I’ve used Comodo Firewall since September (before that I used Kaspersky Internet Security 2009’s beta version, but I switched to Comodo once the beta ended) and I’ve been quite happy with it’s protection (although the number of D+ pop-ups is annoying, especially when you start a new project with Visual Studio and compile it for the first times).

However, a few days ago the firewall started logging connection attemps from the process “System” to 88.193.47.255. It tries to connect to the IP every 4 seconds. It has never logged these entries before, it just started logging them a few days ago (it first asked me whether I wanted to allow or deny it, and as I wasn’t doing anything that would make me connect to it I followed the Security Considerations and blocked it).

I’m not using any active anti-virus applications, but I’ve scanned the PC with Comodo and Kaspersky Anti-Virus (KAV was with maximum heuristics, I couldn’t find any heuristic analyzer settings from Comodo) and both came up clean.

An example from the Firewall events log:

(Application, Action, Protocol, Source IP, Source Port, Destination IP, Destination Port, Date/Time)

System, Blocked, UDP, , 138, 88.193.47.255, 138, 24. 2. 2009 21:50:35
System, Blocked, UDP, , 138, 88.193.47.255, 138, 24. 2. 2009 21:50:31
System, Blocked, UDP, , 138, 88.193.47.255, 138, 24. 2. 2009 21:50:27
System, Blocked, UDP, , 138, 88.193.47.255, 138, 24. 2. 2009 21:50:22
System, Blocked, UDP, , 138, 88.193.47.255, 138, 24. 2. 2009 21:50:17
System, Blocked, UDP, , 138, 88.193.47.255, 138, 24. 2. 2009 21:50:13
System, Blocked, UDP, , 138, 88.193.47.255, 138, 24. 2. 2009 21:50:08

… And the list goes on…

Is this behaviour abnormal?

Have you been into the stealth ports wizard in cis?

If you have and you select stealth ports to everyone you get loads of these events logged.

(:WAV) Hi Rampastein, The Heuristic settings can be changed by going into antivirus scanner settings and you can adjust from High to Off. I would suggest you turn it off until late tomorrow, as There have been gazillions of False positives reported some from me, and Umesh from Our beloved Comodo assures me that they will be fixed tomorrow.

Regards
Dave1234.