Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows Messenger keeps popping up


  • Please log in to reply

#1
penguinshrink

penguinshrink

    Member

  • Member
  • PipPip
  • 35 posts
I recently uninstalled and reinstalled Norton SystemWorks 2004 for a separate problem, and since then I've been getting notifications from my Sygate Personal Firewall that Windows Messenger has been changed and keeps trying to access the internet. I've set Sygate to block Windows Messenger permanently, but it's still getting through (two different messages, copied below). I'm concerned about a possible virus infection or something. Thanks in advance for your help. :tazz:




The executable has changed since the last time you used: C:\Program Files\Messenger\msmsgs.exe
File Version : 4.7.0.3001
File Description : Windows Messenger
File Path : C:\Program Files\Messenger\msmsgs.exe
Process ID : 0x9E0 (Heximal) 2528 (Decimal)

Connection origin : local initiated
Protocol : UDP
Local Address : 68.91.55.110
Local Port : 47832
Remote Name :
Remote Address : 68.91.55.111
Remote Port : 1900 (SSDP - Simple Service Discovery Protocol)

Ethernet packet details:
Ethernet II (Packet Length: 188)
Destination: 00-0b-23-bb-f9-4b
Source: 00-07-e9-54-21-1b
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 1
Protocol: 0x11 (UDP - User Datagram Protocol)
Header checksum: 0x8ea0 (Correct)
Source: 68.91.55.110
Destination: 68.91.55.111
User Datagram Protocol
Source port: 47832
Destination port: 1900
Length: 8
Checksum: 0x51e0 (Correct)
Data (140 Bytes)

Binary dump of the packet:
0000: 00 0B 23 BB F9 4B 00 07 : E9 54 21 1B 08 00 45 00 | ..#..K...T!...E.
0010: 00 A0 21 2C 00 00 01 11 : A0 8E 44 5B 37 6E 44 5B | ..!,......D[7nD[
0020: 37 6F BA D8 07 6C 00 8C : E0 51 4D 2D 53 45 41 52 | 7o...l...QM-SEAR
0030: 43 48 20 2A 20 48 54 54 : 50 2F 31 2E 31 0D 0A 48 | CH * HTTP/1.1..H
0040: 4F 53 54 3A 20 32 33 39 : 2E 32 35 35 2E 32 35 35 | OST: 239.255.255
0050: 2E 32 35 30 3A 31 39 30 : 30 0D 0A 4D 41 4E 3A 20 | .250:1900..MAN:
0060: 22 73 73 64 70 3A 64 69 : 73 63 6F 76 65 72 22 0D | "ssdp:discover".
0070: 0A 4D 58 3A 20 32 0D 0A : 53 54 3A 20 75 72 6E 3A | .MX: 2..ST: urn:
0080: 73 63 68 65 6D 61 73 2D : 75 70 6E 70 2D 6F 72 67 | schemas-upnp-org
0090: 3A 73 65 72 76 69 63 65 : 3A 57 41 4E 49 50 43 6F | :service:WANIPCo
00A0: 6E 6E 65 63 74 69 6F 6E : 3A 31 0D 0A 0D 0A 2D 55 | nnection:1....-U
00B0: 53 3B 20 72 76 3A 31 2E : 36 29 20 47 | S; rv:1.6) G




The executable has changed since the last time you used: C:\Program Files\Messenger\msmsgs.exe

The new DLLs have been loaded:
C:\WINDOWS\SYSTEM32\dpnhupnp.dll
C:\WINDOWS\SYSTEM32\msdmo.dll
C:\WINDOWS\SYSTEM32\midimap.dll
C:\WINDOWS\SYSTEM32\AVICAP32.DLL
C:\WINDOWS\SYSTEM32\dsound.dll
C:\WINDOWS\WinSxS\X86_MI~1.3_X\dxmrtp.dll
C:\WINDOWS\WinSxS\X86_MI~1.3_E\rtcres.dll
C:\WINDOWS\WinSxS\X86_MI~2.3_X\rtcdll.dll
C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL
C:\WINDOWS\SYSTEM32\winsta.dll
C:\WINDOWS\SYSTEM32\wtsapi32.dll
C:\WINDOWS\SYSTEM32\sxs.dll
C:\WINDOWS\SYSTEM32\xpsp2res.dll
C:\WINDOWS\SYSTEM32\comres.dll
C:\WINDOWS\SYSTEM32\xpob2res.dll
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPHk2KS2.dll
C:\Program Files\Logitech\MouseWare\system\LgWndHk.dll
C:\PROGRA~1\SBCSEL~1\SMARTB~1\SBHook.dll
C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL
C:\WINDOWS\SYSTEM32\SERWVDRV.DLL
C:\WINDOWS\SYSTEM32\cryptdll.dll
C:\WINDOWS\SYSTEM32\msimg32.dll
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
C:\WINDOWS\SYSTEM32\ws2help.dll
C:\WINDOWS\SYSTEM32\ws2_32.dll
C:\WINDOWS\SYSTEM32\wsock32.dll
C:\WINDOWS\SYSTEM32\user32.dll
C:\WINDOWS\SYSTEM32\gdi32.dll
C:\WINDOWS\SYSTEM32\advapi32.dll
C:\WINDOWS\SYSTEM32\msvcrt.dll
C:\WINDOWS\SYSTEM32\kernel32.dll

To disable DLL Authentication go to the security tab under the Tools, Options menu.

File Version : 4.7.0.3001
File Description : Windows Messenger
File Path : C:\Program Files\Messenger\msmsgs.exe
Process ID : 0xB30 (Heximal) 2864 (Decimal)

Connection origin : local initiated
Protocol : UDP
Local Address : 68.91.55.110
Local Port : 44556
Remote Name :
Remote Address : 68.91.55.111
Remote Port : 1900 (SSDP - Simple Service Discovery Protocol)

Ethernet packet details:
Ethernet II (Packet Length: 188)
Destination: 00-0b-23-bb-f9-4b
Source: 00-07-e9-54-21-1b
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 1
Protocol: 0x11 (UDP - User Datagram Protocol)
Header checksum: 0x7595 (Correct)
Source: 68.91.55.110
Destination: 68.91.55.111
User Datagram Protocol
Source port: 44556
Destination port: 1900
Length: 8
Checksum: 0x1ded (Correct)
Data (140 Bytes)

Binary dump of the packet:
0000: 00 0B 23 BB F9 4B 00 07 : E9 54 21 1B 08 00 45 00 | ..#..K...T!...E.
0010: 00 A0 2C 45 00 00 01 11 : 95 75 44 5B 37 6E 44 5B | ..,E.....uD[7nD[
0020: 37 6F AE 0C 07 6C 00 8C : ED 1D 4D 2D 53 45 41 52 | 7o...l....M-SEAR
0030: 43 48 20 2A 20 48 54 54 : 50 2F 31 2E 31 0D 0A 48 | CH * HTTP/1.1..H
0040: 4F 53 54 3A 20 32 33 39 : 2E 32 35 35 2E 32 35 35 | OST: 239.255.255
0050: 2E 32 35 30 3A 31 39 30 : 30 0D 0A 4D 41 4E 3A 20 | .250:1900..MAN:
0060: 22 73 73 64 70 3A 64 69 : 73 63 6F 76 65 72 22 0D | "ssdp:discover".
0070: 0A 4D 58 3A 20 32 0D 0A : 53 54 3A 20 75 72 6E 3A | .MX: 2..ST: urn:
0080: 73 63 68 65 6D 61 73 2D : 75 70 6E 70 2D 6F 72 67 | schemas-upnp-org
0090: 3A 73 65 72 76 69 63 65 : 3A 57 41 4E 49 50 43 6F | :service:WANIPCo
00A0: 6E 6E 65 63 74 69 6F 6E : 3A 31 0D 0A 0D 0A 72 76 | nnection:1....rv
00B0: 3A 31 2E 36 29 20 47 65 : 63 6B 6F 2F | :1.6) Gecko/
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP