SppExtComObj.Exe  

Sheepdisease said:

I know this is an old post but in Comodo Internet Security Pro I am getting a lot of blocked HIPS activity relating to this application. It doesn't tell me anything more. Is there a way to determine what it is doing without using Malwarebytes?

Please see post #2 of this thread. There is probably a good reason this is being blocked.

Sheepdisease said:

Thanks for your reply.

I read that before my first post which is why I am concerned.

How do I check without Malwarebyte whether it is trying to connect to a non-MS server?

You can run any site address through VirusTotal to check it.
KMS is a way to continually validate Microsoft Volume Licenses. It's also used for encryption. You'll have to do some digging into your system to figure out why this is happening. Try running ADWCleaner and see what it finds.

Sheepdisease said:

Thanks for your reply. I just need to know how to do the digging.

I have already run ADWCleaner and it finds nothing.

That's good.
You could install Malwarebytes Free, which will give you a 2-week trial of their Pro version, and see if it's flagging this as well. If it is, there's a good chance it's not a False Positive. If Malwarebytes does not flag it, you could upload it to Comodo as a FP and see what they determine. Malwarebytes will tell you what IP address it's trying to connect to, and you can run that through virustotal.

I just ran a SHA-1 on the same file in my W10Pro x64 system, and it has the same hash as your image shows, so chances are good that it's a FP and you should make Comodo aware of it.

Sheepdisease said:

Thanks for your reply. Malwarebyte picks up nothing.

Running elevated CMD SFC /SCANNOW to double check file integrity but last time I did this (very recently) there was nothing reported as being wrong.

Sheepdisease said:

Windows Resource Protection did not find any integrity violations.

Good. I think you should send it off to Comodo as a FP and let them fix things.