My client got a trojan?

[rockthespot]

When i open Ts2 program, before i even try and connect to any server..
Ts2 tries to connect to "kaitak.coop.4players.de".. Why?
I have a screenshot of what happens..
I am wondering since, i am a Server Admin, and our server keep getting BrutForce hacked, so we
have to get to the bottom of this..
i am only running a client from my computer.. but if this is broadcasting my password to some other place.. this might make me understand why we are getting hacked..
my client version is 2.0.32.60

thank you!

http://i2.photobucket.com/albums/y31...peakhacked.jpg

[Peter]

(194.97.1.54) kaitak.coop.4players.de
(194.97.1.54) www.goteamspeak.com

As you see, the domain name you reference is pointing to the official website. What the client is doing there is it is trying to receive the current client version, the idea being when a new client is released we put its version number into a well-defined textfile on our webspace, and the users get a pop-up dialog saying "New version x.y.z avaliable" or something like it.
http://www.teamspeak.org/currentversions.txt is where the client tries to fetch the version infos with my client (teamspeak.org was our old domain, it is forwarded to goteamspeak.com nowadays). As you will notice the file is unavaliable as there are no new TS2 releases (except BETA drop-in executables that fix some issues) we thought we could save us the bandwidth...
Also the client will fetch the abuse list once a day, from abuse.teamspeak.org (currently the IP behind that is 62.146.63.82), this is also legit behaviour and is not used to transfer any data from you to us (it is a simple http get, like with the currentversion.txt, retrieving a file).

[rockthespot]

thanx for the quick reply peter!
we have also changed our passwords to much over 30 letters and digits now.. so we'll see if someone can bruteforce it then..