silverfox said:
I am running WindowsXP Home with all updates as of 7 Feb 2004. I have Symatec Pro virus , Zone Alarm (free),
Adaware and Spybot running. I use Outlook Express 6.
When I logon to my account, Zone Alarm blocks messenger from trying to send to the internet. I don't know what? If I don't connect to my ISP it will continue, about 500 trys in an hour. After I connect to my ISP (dial-up) It trys one more time. This time with a specific IP address 206.134.133.10. port 53. Zone Alarm indicates it was blocked, but I'm not sure.
Also if I try to open the Windows Help files, Windows Explorer, Outlook Express or do a search messenger will try to go to that same IP address. My research indicates the IP address is the primary DNS for Sprintnet. My ISP is Mindspring.
I have had this problem for at least a month, perhaps longer. I have stopped or disabled every service I can and still operate. Have run all the anti-virus and special "getters" and can find nothing.
Any advise will be appreciated.....
=================================================================================
Please do this while you are connected to the Internet:
START > RUN > cmd
Command Prompt Window comes up -
Run the following commands (pressing ENTER after each command of course):
cd\
pathping 206.134.133.10 >c:\pathping.txt
(Tell Zone Alarm to allow this - the pathping command may take up to 10 minutes to complete)
(Once it is done, the C:\> prompt will come back)
type c:\pathping.txt
(And if you have a printer connected to this computer and wish to print out the results):
print c:\pathping.txt
(Here is what I got from my computer when I ran "pathping 206.134.133.10 >c:\pathping.txt"):
Tracing route to sdn-dns.dialsprint.net [206.134.133.10]
over a maximum of 30 hops:
0 host [x.x.x.x] (I blocked out my IP Address)
1 nas1.Tucson1.Level3.net [63.215.26.152]
2 ge-7-0-2.hsa1.Phoenix1.Level3.net [63.215.25.2]
3 ge-6-1-0.mp2.Phoenix1.Level3.net [209.247.9.193]
4 so-6-2-0.bbr2.LosAngeles1.Level3.net [209.247.8.113]
5 so-9-0.core2.LosAngeles1.Level3.net [209.247.10.206]
6 sprint-level3-oc48.LosAngeles1.Level3.net [64.152.193.74]
7 sl-st20-la-3-0.sprintlink.net [144.232.8.100]
8 sl-bb20-ana-8-2.sprintlink.net [144.232.20.129]
9 sdn-bb10-ana-4-0.dialsprint.net [207.143.48.10]
10 sdn-dns.dialsprint.net [206.134.133.10]
Computing statistics for 250 seconds...
Source to Here This Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0 host [171.75.11.211]
0/ 100 = 0% |
1 125ms 0/ 100 = 0% 0/ 100 = 0% nas1.Tucson1.Level3.net [x.x.x.x] (I blocked out my IP Address)
0/ 100 = 0% |
2 124ms 0/ 100 = 0% 0/ 100 = 0% ge-7-0-2.hsa1.Phoenix1.Level3.net [63.215.25.2]
0/ 100 = 0% |
3 125ms 0/ 100 = 0% 0/ 100 = 0% ge-6-1-0.mp2.Phoenix1.Level3.net [209.247.9.193]
0/ 100 = 0% |
4 129ms 0/ 100 = 0% 0/ 100 = 0% so-6-2-0.bbr2.LosAngeles1.Level3.net [209.247.8.113]
0/ 100 = 0% |
5 129ms 0/ 100 = 0% 0/ 100 = 0% so-9-0.core2.LosAngeles1.Level3.net [209.247.10.206]
0/ 100 = 0% |
6 --- 100/ 100 =100% 100/ 100 =100% sprint-level3-oc48.LosAngeles1.Level3.net [64.152.193.74]
0/ 100 = 0% |
7 129ms 0/ 100 = 0% 0/ 100 = 0% sl-st20-la-3-0.sprintlink.net [144.232.8.100]
0/ 100 = 0% |
8 133ms 0/ 100 = 0% 0/ 100 = 0% sl-bb20-ana-8-2.sprintlink.net [144.232.20.129]
0/ 100 = 0% |
9 130ms 0/ 100 = 0% 0/ 100 = 0% sdn-bb10-ana-4-0.dialsprint.net [207.143.48.10]
0/ 100 = 0% |
10 132ms 0/ 100 = 0% 0/ 100 = 0% sdn-dns.dialsprint.net [206.134.133.10]
Trace complete.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Notice that 206.134.133.10 is the IP Address for "sdn-dns.dialsprint.net"
So I don't think this is virus / worm / spyware / hacker activity - you might want to check with your ISP about the issue.
============================================================================================
