Am i being hacked from 212.134.155.211

[Bad boy Warrior]

Guys

I usually go onto my websites and download a few files, but lately everytime i go i get an error message saying im already downloading (when im not). So i usually restart the computer/router to get another IP address and still says im downloading something. After tracking down the IP address i found its to do with 212.134.155.211. I searched who it is and links me to http://www.ripe.net/db/news/abuse-proposal-20050331.html - but none of it makes sense and i cant do anything about it.

Anyone know what i can or why this is happening?

thx

[Zxian]

This doesn't have anything to do with XP. Moved to Malware Prevention.

[Tarun]

http://www.dnsstuff.com/tools/whois.ch?ip=212.134.155.211

[LLXX]

http://www.dnsstuff.com/tools/ptr.ch?ip=212.134.155.211

Do you have a firewall? Is it logging any incoming connection attempts?

[Bad boy Warrior]

its not logging in any incoming connections (or at least i think anyway). I have zone alarm pro set up. Ive read those links before but should i be contacting them? and whats RIPE got to do with this and easynet????

thx

[Mercury_22]

I recommend you to use TCPView !!!! very useful prog!!

"TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and state of TCP connections. On Windows NT, 2000 and XP TCPView also reports the name of the process that owns the endpoint. TCPView provides a more informative and conveniently presented subset of the Netstat program that ships with Windows. The TCPView download includes Tcpvcon, a command-line version with the same functionality.

Also scan your comp with nod32 and use outpost (zone alarm pro )

Edited December 30, 2005 by Mercury_22

[Bad boy Warrior]

Thanks ill try that today.......

Allso scan your comp with nod32 and use outpost (zone alarm pro )

Ive never used this utility before but i guess its from http://www.nod32.com.au/nod32/home/home.htm

and i couldnt find any information on Outpost - could you provide a link please??

[Mercury_22]

Thanks ill try that today.......

Also scan your comp with nod32 and use outpost (zone alarm pro )

Ive never used this utility before but i guess its from http://www.nod32.com.au/nod32/home/home.htm

and i couldnt find any information on Outpost - could you provide a link please??

"NOD32 Antivirus System provides well balanced, state-of-the-art protection against threats endangering your PC and enterprise systems running various platforms from Microsoft Windows 95 / 98 / ME / NT / 2000 / 2003 / XP, through a number of UNIX/Linux, Novell, MS DOS operating systems to Microsoft Exchange Server, Lotus Domino and other mail servers..........." Not a NOD32 customer and infected? Get a FREE cleaner. OR Download NOD32 trial version (trial version represents a fully functional version of NOD32 for 30 day)

Outpost Firewall PRO

"New anti-spyware capabilities built into the program protect your computer against the rapidly increasing threats from spyware and ID theft. Spyware cannot enter, activate on, or transmit information out of computers protected by Outpost 3.0. The ID Block feature lets you determine which specific items of personal information, for example bank account numbers, are blocked from ever leaving the computer......." Outpost Firewall - download the free 30-day trial version

Please answer to this questions :

1. Do you use proxy ?

2. Your ISP it's "Easynet" ?

Edited December 30, 2005 by Mercury_22

[Bad boy Warrior]

1. Do you use proxy ?

2. Your ISP it's "Easynet" ?

1. No im behind a router (but i know no one else is online when i try this as there PC is off)

2. No - well Easynet is the parent company i belive for my ISP (which is UKonline)

[Mercury_22]

1. Do you use proxy ?

2. Your ISP it's "Easynet" ?

1. No im behind a router (but i know no one else is online when i try this as there PC is off)

2. No - well Easynet is the parent company i belive for my ISP (which is UKonline)

Well then my guess is that your problem it's on your connection settings,or ISP (i'm almost sure you're NOT being hacked) try TCPView you'll get more answers

PS from what websites do you try to download ?(Rapidshare.de ?)

Edited December 30, 2005 by Mercury_22

[Bad boy Warrior]

PS from what websites do you try to download ?(Rapidshare.de ?)

yes.............................. B) but same issue with our corporate FTP and download sites

Edited December 30, 2005 by Bad boy Warrior

[Mercury_22]

PS from what websites do you try to download ?(Rapidshare.de ?)

yes.............................. B) but same issue with our corporate FTP and download sites

Problem solved! you don't have a problem! Just a proxy!

Go Here or Here It's your IP 212.134.155.211?

[Bad boy Warrior]

yes your absolutely correct - i checked with my ISP and they confirmed too. Is there any way around this proxy? as it seems if someone else is downloading then i cant

[LLXX]

In the Internet applet of Control Panel, under Connections tab, click LAN Settings and look at "Use a Proxy Server" checkbox - you can disable it from there.

[Mercury_22]

In the Internet applet of Control Panel, under Connections tab, click LAN Settings and look at "Use a Proxy Server" checkbox - you can disable it from there.

I don't think that will help you because if your ISP use proxy it doesn't matter if you disable or not your proxy setings you can try to use HIDE IP but...It is another proxy!!(maybe no one it's trying to download the same file like you!