Why is .NET framework making connection to internet instead of my applications?

Discussion in 'other software & services' started by act8192, Jul 23, 2013.

Thread Status:
Not open for further replies.
  1. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,272
    Windows XP-SP3.
    I ran MS July updates yesterday. Strange thing is happening since those updates, of which a ton were for .Net Framework v1, 2, 3, 4. Nothing unusual so far.
    But today,
    Instead of Opera (v12) browser or Outlook 2003 making a TCP connection to the correct webservers, today it's
    c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe making the connection.
    In Opera, I denied at first and got nowhere. Had to allow. Then I got to this site or yahoo mail.
    In Outlook, a more sensitive area, I denied. Never permitted. It won't bring in mails. Outlook not working. Edit: few hours later Outlook, not .NET, is making connection. It works now, yet I changed NOTHING

    I do need .NET stuff for few applications I have (TurboTax, camera software), but I have never see them act as if they were a proxy, hijacking the application I start.
    What's going on suddenly? What can I do?

    Somehing I remember: ages ago I disabled some .NET service, I think it was v2. But this newest, just updated, v4 isn't appearing in the list of Services.
     
    Last edited: Jul 23, 2013
  2. 3inchblue

    3inchblue Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    49
    The internet address or IP involved?
    Does it resolve to a site for certificates?
     
  3. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,438
    Some legitimate Internet-facing applications require .NET to run. Thus, .NET should be allowed to access the Internet. And of course all security updates should be applied to .NET.
     
  4. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    I think its .net checking a certificate revocation list.
     
  5. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,272
    Remote IPs are those of my ISP mail servers, ports 25, and 110, and gmail port 995. Here and yahoo IPs, port 80. All as should be. But the applications were not Outlook and not Opera but .NET instead.
    Certificate revocation might be a possibility, though I'm not familiar with it at all. However, I've had couple .NET things here for years, and it never did what it pulled on me this time.
    One snippet of Outlook that yesterday went through .NET: pink=denied, and then, later, normal Outlook connections when I turned firewall logging on for Outlook with no changes in rules at all.
    NetFramework-OutlookFixedItself.jpg
    So am I to understand that this is normal when .NET hijacks an application?
     
Loading...
Thread Status:
Not open for further replies.