svchost running wild ??

Hello,

After installing the Comodo-firewall, I noticed activity by the proces ‘svchost’ on the internet.
After 1 or 2 hours the firewall indicated that ‘svchost’ had received more than 1Gigabyte !!
I checked each and every application which is activated by ‘svchost’ and found nothing suspicious. I ran the virusscanner AVG-FreeSoft indepth on everything and found absolutely nothing. I went to the website of Trend-Micro and run ‘Housecall’, a very extensive indepth scanning utility which revealed absolutely no problems. I used the registry-cleaner ‘ccleaner’; no results.

I checked my telemeter from my internet-provider, and found no indication at all that such a large amount of bytes had actualy passed ! I repeated this over the next couple of days, and always the firewall believes that huges amounts of bytes are being received by ‘svchost’, and always the telemeter of my internet-provider says me nothing large comes thru !
I believe that this firewall wrongly indicates non-existing traffic by ‘svchost’, and this in huge amounts.

Has anybody reported similar problems ?

:THNK

Does your svchost.exe Network Security Policy entry have a Block and Log rule? If there is only a rule allowing IP out Any Any Any, you should Add a final rule (Last in the list of rules for svchost.exe) that reads Block (check the “Log…” box if you want to see what is not being allowed to connect) IP In/Out Any Any Any. This rule will disallow connections that are not specifically allowed by the rule(s) above it. If you have a home network, you should make sure that you have a rule that allows connections to that network. There should be a network that was detected on installation if you have one, so you can Add a rule and move it (drag) above the Block rule. The rule may be written as follows: Allow IP In/Out Source Zone:(Name of your home network) Destination Zone: (Name of your home network) details Any
The same rules should be applied to the System entry and these rules minus the “Allow IP Out” rule should be applied to Explorer and Windows Operating System