Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at:

Thank you for your understanding.

HxTsr.exe Ran After Blocked Port Scan


Bitdefender blocked a port scan from AbuseIPDB rated it as 100% malicious Russian IP. Cisco Talus and VirusTotal also ranked it as likely malicious.

Right afterward, HxTsr.exe contacted what appears to be Microsoft IP

I ran a full system scan on Windows Defender and Bitdefender Total Security, but they found nothing. When I tried to open the full file name (not sure if sharing it all is safe here), it said I did not have administrator permissions, even though this is a personal device with Windows 11 Pro, and I am the sole user.

While I've used Windows PCs for work for a long time, I've never owned my own device before. I'm not sure if there are additional steps I should take here to ensure my computer is not infected with anything. OS and all apps and virus tools are up to date.

Is it unexpected that I cannot open the HxTsr.exe file as an admin?

Help a noob out!

Best Answer

  • [Deleted User]
    [Deleted User] ✭✭✭✭✭
    Answer ✓


    Welcome to the Bitdefender Forums. HxTsr.exe is normally a legitimate Windows file, but it can be trojanized.

    It is a protected operating system file. Unless you modify the permissions (NOT RECOMMENDED), you cannot access or execute it.

    I have a copy of that file on my computer that is 91 KB in size. It is used for communicating with Microsoft servers, so it contacting a Microsoft IP is expected behaviour.

    If you have done a Full System Scan with Bitdefender and nothing was detected, I would not be worried unless you are seeing suspicious activity on your computer.

    If you are suspicious, you could always go to the Bleeping Computer Malware Removal Forum and ask a Malware Removal Team member to examine your FRST scan logs. Instructions can be found here.

    I hope this helps. Have a great day.





    Update: I blocked the IP on my PC. Still trying to figure out how to do it on my router