I have been setting up very specific app rules within my firewall, and have noticed scvhost.exe occassionally trying to make a TCP connection to an IP addresss registered to MS Hotmail (Microsoft), using remote port 443. This concerned me, as I couldn't think of a legitimate reason any application would automatically try to make an SSL connection to Hotmail. So I did some digging. Looking through PG logs over numerous days, I have determined that these connections to MS Hotmail occur exactly when the process wuauclt.exe runs. Now I realize this app has something to do with managing automatic Windows updates. And since Windows and Microsoft are obviously related, now I'm thinking these attempts to "phone home" are probably not malicious. But why a Hotmail address I sure would like to understand this, or maybe at least have someone else confirm this is OK before I allow it. Very strange. Thanks.