Microsoft mpa.one

Discussion in 'Windows 7' started by biceman, Sep 1, 2009.

  1. biceman

    biceman MDL Novice

    Jul 29, 2009
    21
    0
    0
    #1 biceman, Sep 1, 2009
    Last edited: Sep 1, 2009
    It looks like every time we go surfing, we are connected with m$...even from firefox! So it's a good choice to insert mpa.one.microsoft.com in your hosts file. Win7 it's activated with BIOS mod
     

    Attached Files:

    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. ifeife2

    ifeife2 MDL Member

    Apr 25, 2008
    135
    3
    10
    #2 ifeife2, Sep 1, 2009
    Last edited: Sep 1, 2009
    Wow, strange. Very unexpected unless you are unactivated.

    You can choose from some of these to block too:

    genuine.microsoft.com
    mpa.one.microsoft.com
    sa.windows.com
    se.windows.com
    ie.search.msn.com
    wustat.windows.com
    wutrack.windows.com
    catalog.microsoft.com
    sls.microsoft.com
     
  3. Hackeur

    Hackeur MDL Senior Member

    Jun 14, 2009
    293
    366
    10
    sniffing the ether with Wireshark reveals quite a lot of M$ "handshaking" and "give me 5" going on ........
     
  4. NiHiLisT

    NiHiLisT MDL Member

    Jul 29, 2009
    214
    14
    10
    What are these connections to M$?

    Can anyone explain this to me, thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. nene

    nene MDL Novice

    Aug 23, 2009
    10
    0
    0
  6. jrrkid9

    jrrkid9 MDL Novice

    Jul 28, 2009
    29
    0
    0
    Which program did you use to check that in your screenshots.
     
  7. kukubau

    kukubau MDL Addicted

    Dec 15, 2008
    690
    45
    30

    How can you see those details? TCp and UDP connections? Is there an app for that? Can you share?
     
  8. kukubau

    kukubau MDL Addicted

    Dec 15, 2008
    690
    45
    30

    That is normal if you already have this line "127.0.0.1 mpa.one.microsoft.com" in your HOSTS file. Practically you are connected with your machine 127.0.0.1. 127.0.0.1 mpa.one.microsoft.com is a remapping of that address to your localhost. :)
     
  9. tuxshazer

    tuxshazer MDL Novice

    Dec 12, 2008
    17
    30
    0
    #9 tuxshazer, Sep 1, 2009
    Last edited by a moderator: Apr 20, 2017
    These connections are WGA servers. They have been around since Windows XP. I searched on Google and found information on how to block these domains. Simply adding entries to your host file should resolve the issue:

    Code:
    1. Click Start>All Programs>Accessories and right-click "Command Prompt".
    
    2. Select "Run as administrator"
    
    3. In the console window type:
    
    notepad c:\windows\system32\drivers\etc\hosts
    
    4. Notepad should open with the hosts file.
    
    5. Enter the sites you desire to block.
    
    6. Save your work.
    
    So if I were to block mpa.one.microsoft.com I would enter the following:

    Code:
    127.0.0.1mpa.one.microsoft.com
    
    The end result should look like the attachment.
     

    Attached Files:

    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. Dolorous Edd

    Dolorous Edd MDL Expert

    Aug 31, 2009
    1,054
    191
    60
    What did you use to sniff that out?

    Thanks
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. biceman

    biceman MDL Novice

    Jul 29, 2009
    21
    0
    0
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. DKnight2066

    DKnight2066 MDL Junior Member

    Jul 19, 2009
    54
    0
    0
    My internet already has enough spyware and lag, without MS playing "Spy Tech" behind my back.

    (silly sidenote: "Spy Tech" was a series of kids toys, in late 80's/early 90s. :cool:)

    Hosts file changes added. Thanks much for the heads-up on this!

    --DKnight
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. Jopplehead

    Jopplehead MDL Junior Member

    Jul 30, 2009
    65
    0
    0
    #13 Jopplehead, Sep 2, 2009
    Last edited: Sep 2, 2009
    Like everyone else is asking.... "How did you sniff out those connection???" :confused:
     
  14. psreax

    psreax MDL Novice

    Aug 11, 2009
    42
    1
    0
    It is same old method to block the WGA Validation.
     
  15. DKnight2066

    DKnight2066 MDL Junior Member

    Jul 19, 2009
    54
    0
    0
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. Bloodbat

    Bloodbat MDL Novice

    Aug 1, 2009
    38
    0
    0
    I just checked, Firefox specifically using Process Explorer (the program he used to "sniff out" this claims) and I'm not connected to any MS server...Windows 7 x64
     
  17. psreax

    psreax MDL Novice

    Aug 11, 2009
    42
    1
    0
    Ofcourse, they have big fish to fry :)
     
  18. NiHiLisT

    NiHiLisT MDL Member

    Jul 29, 2009
    214
    14
    10
    Yeah agreed!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...