LabVIEW

What is this Trellix software? What does it? How is it used?

nimdnsNSP is part of the National Instruments Zeroconf Namespace Service Provider, the NI variant of similar services like Bonjour or Universal Plug and Play. How it could try to attach itself to other software would seem hard to understand, unless that software is itself installing network service providers such as Winsock extensions or similar.

Rolf Kalbermatter
My Blog

Hi and thanks for the fast reply. Sorry, I assumed that Trellix would be a familiar name. They are McAfee, re-branded. So the software is essentially the Endpoint Security suite, encompassing firewall, EDR etc. I agree it is hard to understand why - hence my post.

Hmmm McAfee. That explains a lot. 😀

That's actually a bloatware/scareware/virus in its own! 😁

Rolf Kalbermatter
My Blog

The other day I came across  a post about firefox offering to block third party injections. Those dlls are listed in about:third-party. I was kinda surprised that besides the graphics driver, nimdnsResponder.dll and nimdnsNSP.dll were injected. I guess NI injects the library anywhere that might handle mDNS requests?

That's interesting. I will look at what else Firefox shows as NI is certainly not the only offender. I dont know anything about mDNS apart from having seen plentiful references to it in various guises in the firewall logs, so I guess it is time for me to read up on that. I have no idea if we actually need it, if it is an integral part of NI or there is NI config to turn it off somewhere if it isn't. If anybody has deeper knowledge and can help, I would appreciate it.

And yes.....McAfee\Trellix.......you understand now why I am having to post here rather than them being helpful.