PDA

View Full Version : Why would DTPROAGENT.EXE try to access a Microsoft IP?



LaoziSailor
10.09.2008, 15:54
ZoneAlarm Security Aletr informed me DAEMON Tools Pro Tray Application is trying to access the Internet -- Destination IP: 65.55.184.29


DAEMON Tools Pro Tray Application is trying to connect to the Internet or your local network
ZoneAlarm Pro is asking you whether to allow the connection. No breach in your security has occurred. Your computer is safe.

Inside the program alert

Alert property Alert property value Technical explanation
Program Name DAEMON Tools Pro Tray Application A program running on your computer, which either attempted to send an IP packet over the Internet or is waiting for an incoming packet.
Filename DTPROAGENT.EXE The filename of the program that ZoneAlarm Pro found on your computer.
Program Version 4.12.0223.0 The version of DAEMON Tools Pro Tray Application running on your computer.
Program Size 277960 The size of the program executable file in bytes.
Program MD5 71dd81abe9706bdf4d475e8bebc8bdd7 The MD5 hash, or number, that uniquely identifies the executable.
Program CRC bc3bd252 The Cyclic Redundancy Check (CRC) checksum for the executable. This is the result of an algorithm for ensuring data integrity.
Smart Checksum addc193cfe8ba78ef77576b44c7cc35b The SKIMP hash, or number, that uniquely identifies the executable.
Date Modified Apr-14-2008 07:13:46 AM The date when DTPROAGENT.EXE was most recently modified.
Connect Type Access This value can be either Access, which is an Internet connection attempt by DAEMON Tools Pro Tray Application or Server, which indicates that DAEMON Tools Pro Tray Application is waiting for connections coming in from the Internet.
Remote Port 53 The port DAEMON Tools Pro Tray Application is using on the remote computer.
Remote IP Address 65.55.184.29 The IP address of the remote computer that caused the alert.
Alert Date Sep-10-2008 07:07:02 AM PDT The time when ZoneAlarm Pro detected the alert on your computer.

ZoneAlarm Pro security enforcement at time of alert

Alert property Alert property value Technical explanation
Program Status New Program DAEMON Tools Pro Tray Application is requesting access the Internet or to the local network for the first time.
Zone Internet Zone This ZoneAlarm Pro zone contains all the computers and networks in the world that are connected to the Internet, until you explicitly define them as members of another zone.


Whois Information

OrgName: Microsoft Corp
OrgID: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US

NetRange: 65.52.0.0 - 65.55.255.255
CIDR: 65.52.0.0/14


Any ideas?, for the time being I have denied access.

Cheers!

Jito463
11.09.2008, 16:53
DTools Pro requires an internet connection to operate. You can deny it internet access for 3 or 4 weeks (think it's 4 weeks), but after that, DT Pro will switch to basic mode and will no longer operate at full capacity until you allow it online.

Blazkowicz
11.09.2008, 17:12
@Jito463
He is aware of that fact. He just asked about Microsoft IP, but i also have no clue why.

LaoziSailor
14.09.2008, 14:14
Jito463 & Blazkowicz, thanks for your replies.
I'm a very basic user so don't really understand what "DT Pro will switch to basic mode and will no longer operate at full capacity" means.

I suppose I could ask support why they choose M$ as a contact point but it is academic now, I just got another ZA block:

Address lookup
canonical name a96-6-121-51.deploy.akamaitechnologies.com.
aliases
addresses 96.6.121.51
It seems like a random access to IP ranges they have in the product?, if they need a reliable IP to ping or whatever they are trying to do, why not use the Daemon site itself.

Aah, these misteries, ...I will allow the Internet access this time and see if it repeats it again after about the same elapsed time.

Thanks a lot again to both.

Cheers!

ETA 2008.09.14.09:17

Actually it seems after the first OK, it came back for another one:

Address lookup
canonical name disc-soft.com.
aliases
addresses 78.129.207.131
...and that one I know :-) -- it's Daemon, still wondering about the first one though.

Cheers!