msnmsgr.exe?

sanctuary24 · August 30, 2007, 2:56pm

I use Windows Messenger Live for online chat and it works fine but every so often an alert pops up saying allow or deny (see info below) I was a bit afraid it was something malicious as it worked fine without this being allowed but when I deny it messenger fails to work something about DNS problem when I troubleshoot it. If someone can tell me its safe or not then I can get chatting again

Date/Time :2007-08-30 15:40:59Severity :HighReporter :Application MonitorDescription: Application Access Denied (msnmsgr.exe:131.107.113.76: :http(80))Application: C:\Program Files\MSN Messenger\msnmsgr.exeParent: C:\WINDOWS\explorer.exeProtocol: TCP OutDestination: 131.107.113.76::http(80)

Date/Time :2007-08-30 15:40:59Severity :MediumReporter :Application MonitorDescription: Application Access Denied (msnmsgr.exe:212.139.132.23: :dns(53))Application: C:\Program Files\MSN Messenger\msnmsgr.exeParent: C:\WINDOWS\explorer.exeProtocol: UDP OutDestination: 212.139.132.23::dns(53)

Date/Time :2007-08-30 15:40:58Severity :HighReporter :Application MonitorDescription: Application Access Denied (msnmsgr.exe:65.54.183.203: :https(443))Application: C:\Program Files\MSN Messenger\msnmsgr.exeParent: C:\WINDOWS\explorer.exeProtocol: TCP OutDestination: 65.54.183.203::https(443)

Date/Time :2007-08-30 15:40:56Severity :HighReporter :Application MonitorDescription: Application Access Denied (msnmsgr.exe:212.139.132.23: :dns(53))Application: C:\Program Files\MSN Messenger\msnmsgr.exeParent: C:\WINDOWS\explorer.exeProtocol: UDP OutDestination: 212.139.132.23::dns(53)

ps I think windows update ■■■■■■■ something up

Little_Mac · August 30, 2007, 7:33pm

Nothing to worry about there. The 212.x.x.x IP is your ISP’s DNS server network. MSN Msgr is simply doing a DNS query (applications do it all the time; perfectly normal). By blocking it, you’re in effect blocking its ability to communicate; in this case, to Microsoft (the 65.x.x.x and 131.x.x.x are theirs) - possibly to the Msgr servers.

Hope that helps,

LM

sanctuary24 · August 30, 2007, 8:22pm

I wouldn’t worry so much if I could easily undo my actions, is the new version much more flexible in terms of undoing mistakes you make in allowing/denying things? (if you don’t know don’t worry)

Little_Mac · August 30, 2007, 8:32pm

Well, I don’t think that v2.4 is difficult to undo mistakes. You know which application it relates to, so at the most extreme end of the scale (if you’re not sure how to Edit the rule), simply remove that application rule and reboot (to make sure the memory resets); you’ll be prompted the next time it runs, and Allow w/Remember to get things going again.

The HIPS side of v3 could be pretty complex to reverse changes to the rules, because of the level of detail. The firewall side, I think, could be even easier, because of the way it groups and sorts rules. To be honest, I haven’t really thought about that aspect of it too much.

LM