Trojan? concerned

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have noticed that my computer has automatically connected to the following
site

v5stats.windowsupdate.microsoft.com(207.46.253.221)

is this a genuine microsoft site or have I been "redirected by a trojan" or
similar?

I have noticed that
v5.windowsupdate.microsoft.com
seem to be genuine


I have also be automatically connected to:

go.microsoft.com(207.46.250.101),

I am using IE 6.0 SP" and XPProf v5.1 Sp2
 
From: "halvan2" <[email protected]>

| I have noticed that my computer has automatically connected to the following
| site
|
| v5stats.windowsupdate.microsoft.com(207.46.253.221)
|
| is this a genuine microsoft site or have I been "redirected by a trojan" or
| similar?
|
| I have noticed that
| v5.windowsupdate.microsoft.com
| seem to be genuine
|
| I have also be automatically connected to:
|
| go.microsoft.com(207.46.250.101),
|
| I am using IE 6.0 SP" and XPProf v5.1 Sp2
|

WHOIS results for 207.46.253.221

OrgName: Microsoft Corp
OrgID: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US

NetRange: 207.46.0.0 - 207.46.255.255
CIDR: 207.46.0.0/16
NetName: MICROSOFT-GLOBAL-NET
NetHandle: NET-207-46-0-0-1
Parent: NET-207-0-0-0-0
NetType: Direct Assignment
NameServer: NS1.MSFT.NET
NameServer: NS5.MSFT.NET
NameServer: NS2.MSFT.NET
NameServer: NS3.MSFT.NET
NameServer: NS4.MSFT.NET
Comment:
RegDate: 1997-03-31
Updated: 2004-12-09

TechHandle: ZM39-ARIN
TechName: Microsoft
TechPhone: +1-425-882-8080
TechEmail: ***@microsoft.com

OrgAbuseHandle: HOTMA-ARIN
OrgAbuseName: Hotmail Abuse
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: *****@hotmail.com

OrgAbuseHandle: MSNAB-ARIN
OrgAbuseName: MSN ABUSE
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: *****@msn.com

OrgAbuseHandle: ABUSE231-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: *****@microsoft.com

OrgNOCHandle: ZM23-ARIN
OrgNOCName: Microsoft Corporation
OrgNOCPhone: +1-425-882-8080
OrgNOCEmail: ***@microsoft.com

OrgTechHandle: MSFTP-ARIN
OrgTechName: MSFT-POC
OrgTechPhone: +1-425-882-8080
OrgTechEmail: ******@microsoft.com
 
it has also come to my attention that Windows XP computers on a network I
administer are connecting to Microsoft servers and sending data to them (with
an HTTP POST). This is not related to the Windows Update mechanism because I
turned it off. I believe it would be prudent for Microsoft to tell me exactly
what data is being sent, as this 'feature' or unsolicited connection does not
appear to be documented.
 
Back
Top