is this normal?

Discussion in 'malware problems & news' started by subzerox, Aug 4, 2005.

Thread Status:
Not open for further replies.
  1. subzerox

    subzerox Registered Member

    Joined:
    May 5, 2005
    Posts:
    35
    When i looked at ewido's analyzer functions i noticed a connection was being made to the following, i have traced down the ip to the following information.
    I would very much like to know if it is normal for my computer to connect to this even though i never use this web mail service.

    OrgName: MS Hotmail
    OrgID: MSHOTM
    Address: One Microsoft Way
    City: Redmond
    StateProv: WA
    PostalCode: 98052
    Country: US

    NetRange: 64.4.0.0 - 64.4.63.255
    CIDR: 64.4.0.0/18
    NetName: HOTMAIL
    NetHandle: NET-64-4-0-0-1
    Parent: NET-64-0-0-0-0
    NetType: Direct Assignment
    NameServer: NS1.HOTMAIL.COM
    NameServer: NS3.HOTMAIL.COM
    NameServer: NS2.HOTMAIL.COM
    NameServer: NS4.HOTMAIL.COM
    Comment:
    RegDate: 1999-11-24
    Updated: 2003-06-27

    TechHandle: MSFTP-ARIN
    TechName: MSFT-POC
    TechPhone: +1-425-882-8080
    TechEmail: iprrms@microsoft.com

    OrgAbuseHandle: ABUSE231-ARIN
    OrgAbuseName: Abuse
    OrgAbusePhone: +1-425-882-8080
    OrgAbuseEmail: abuse@microsoft.com

    OrgTechHandle: MSFTP-ARIN
    OrgTechName: MSFT-POC
    OrgTechPhone: +1-425-882-8080
    OrgTechEmail: iprrms@microsoft.com

    As you can see it states hotmail but i never and have used hotmail, is this a connection neccesary for windows xp to do?
    And how does it connect when transferring information to hotmail? does it uses my internal mail capacities such as outlook? this i never use and registered with.

    How can i remove outlook completely from my computer? since i don't use it it's more a liability then of use.
    I have scanned my computer with housecall, the cleaner, trojanhunter and ewido security suite and nothing reports as a trojan, well ewido did but removed it.....it was a trojan dropper. And this was done before i noticed today the connection to the information above.
    Could these programs missed any additional ones?

    Thanks in advance guys :)
     
Thread Status:
Not open for further replies.