Hi all, We were getting the following message every 30 minutes or so : "You have reached the maximum number of permitted Internet sessions. Please close one or more applications to allow furthur Internet access. Contact your system administrator for further information." Restarting the router resolved the issue for a short while, but always returned. Couldnt see anything causing it on the firewall and it wasnt set to have a maximum amount. I then ran Sophos scan on the server which found nothing, so installed MWB and ran a scan, again nothing found. However the issue has now stopped but MWB is blocking dns.exe from contacting the outside world on a regular basis which to me suggests that it is blocking what was causing the message to appear. The protection logs shows : 10:31:28 Administrator IP-BLOCK 194.85.61.20 (Type: outgoing, Port: 54850, Process: dns.exe) 10:53:28 Administrator IP-BLOCK 77.221.130.250 (Type: outgoing, Port: 54289, Process: dns.exe) 11:02:16 Administrator IP-BLOCK 82.146.43.2 (Type: outgoing, Port: 54217, Process: dns.exe) 11:02:24 Administrator IP-BLOCK 82.146.55.155 (Type: outgoing, Port: 53412, Process: dns.exe) 11:02:24 Administrator IP-BLOCK 82.146.43.2 (Type: outgoing, Port: 53412, Process: dns.exe) 11:02:24 Administrator IP-BLOCK 82.146.55.155 (Type: outgoing, Port: 53412, Process: dns.exe) 11:29:11 Administrator IP-BLOCK 77.221.130.250 (Type: outgoing, Port: 53103, Process: dns.exe) Any ideas what it is blocking and whether this looks like a DNS hijack ? As I say, since MWB has been running the issue hasnt affected users, and I assume if I disable the MWB protection it will. However MWB isnt actually detecting anything when it scans ?