Affordable Computer Services - Certified Pros
We do the best, not like the rest!

Why Did My Computer Permit This?

February 8, 2010 in Computer services Tags: , ,

During a virus scan I was notified I had Backdoor.Haxdoor so it was removed. I then went thru an looked at some features on log viewer. Under Firewall alerts this message what does it mean I did a search for this address and it does not exist..
“A rule has been created to “permit” communications. Outbound TCP connection. Remote address service is (72.5.124.92,http(80)). Process name is “C:\ WINDOWS\system32\msiexec.exe”.” what does it mean. I just rescanned my computer and used ad aware. help!


RSS 2.0 Comments Feed | Leave a Response | Trackback

« I Have Some Error In My Computer When I Opened It.”an Invalid Parameter Was Passed To A Service Or Function”
Anybody Want To Hire Me? »

4 Responses to “Why Did My Computer Permit This?”

  1. Free Smartphone Software Says:
    February 8th, 2010 at 2:33 pm

    so eveybody can see this thats why

  2. Free WP Autoposter Plugins Says:
    February 8th, 2010 at 2:33 pm

    odds are ya installed something that altered your permissions. been there afew times gotta really watch what you d/l and aprove.

  3. Jeffrey C Says:
    February 8th, 2010 at 2:33 pm

    msiexec.exe is the Window Installer application that installs software and updates for your computer. Your OS allowed the connection to be established to receive updates from Microsoft or similar software vendor. In this case the IP# you have listed belongs to SUN MICROSYSTEMS, which is the distributor of JAVA technology which Windows uses to function properly. So the outbound TCP connection you are curious about is a legitimate, needed communication. Don’t worry about this one… it’s okay! :-) It’s good that you keep your eye on things like this though. I hope I helped ya!
    Sun Microsystems owns the IP# range 72.5.124.0 - 72.5.125.255. Here’s the URL to see that it’s legit:http://ws.arin.net/cgi-bin/whois.pl?quer…

  4. the_dadd Says:
    February 8th, 2010 at 2:33 pm

    “MSIExec.exe” is “Microsoft Installer”s executable. HTTP(80) means port 80, A.K.A. HTTP, A.K.A. web server. This means that MSI has access to some sort of web server. I say it’s harmless — just a Microsoft product. Okay, “harmless — Microsoft product” is an oxymoron, but you know what I mean. ;)
    “Outbound TCP connection” simply means that the process (MSI) is allowed to send data to “72.5.124.92″ on the standard TCP/IP protocol, using HTTP port 80, which, again, is the standard web server port.
    I hope I explained it well enough. =)
    ::EDIT::
    The only time I would really be concerned is when it says “Incoming TCP connection” and the port number is quite a large number. Backdoor viruses (A.K.A. trojan horses) use port numbers like 23747 (Sub7 Trojan Horse) and similar port numbers. =)

Trackbacks



Leave a Reply



Affordable Computer Services - Certified Pros is proudly powered by WordPress and Techy People Theme by Code & Stuff.
Entries (RSS) and Comments (RSS). | Valid XHTML

Powered by Yahoo! Answers