# Is my internet connection being used as a proxy?



## brduk (Jun 17, 2005)

I'm hoping I can get some advice here about something i'm concerned about.

A few years ago when I used to run Norton A/V and ZoneAlarm for my security, I got a notification from one of them that someone was routing internet traffic through my connection. I complained to my ISP, the checked my Norton and ZoneAlarm logs and the appropriate action was taken.

Fast forward to the present, i'm using Kasperky Anti-Virus Personal and Kerio Personal firewall. I am beginning to think the same may be happening again, although I have had not any notification from my software. The reason i'm worried is that whenever I visit www.putfile.com I am shown "my images" & "my media", new items continue to appear even though I am not a registered member, nor do I load any of these files from my PC. I'm concerned that someone may be routing internet traffic through my connection or using it as a proxy.

Does anyone have any thoughts?


----------



## Resolution (Sep 17, 2005)

brduk said:


> The reason i'm worried is that whenever I visit www.putfile.com I am shown "my images" & "my media", new items continue to appear even though I am not a registered member, nor do I load any of these files from my PC.


I don't follow. What exactly are you doing that shows your images or files?


----------



## brduk (Jun 17, 2005)

Resolution said:


> I don't follow. What exactly are you doing that shows your images or files?


Hi,

Whenever I go to www.putfile.com it shows me a portfolio (made up of thumbnails) of images and video's that I have supposedly uploaded. I have never loaded any images or videos to the website, thus my concerns. Below is a screengrab of what i'm trying to explain


----------



## Resolution (Sep 17, 2005)

If you don't have those files on your computer, then what are you worried about? That's probably example files.


----------



## brduk (Jun 17, 2005)

Resolution said:


> If you don't have those files on your computer, then what are you worried about?


I'm worried that internet traffic is being routed through my internet connection, if thats the case then I think there are numerous reasons to be concerned. 



Resolution said:


> That's probably example files.


The files are'nt example files either, I can clear them by clicking on clear my history (on the webpage), if I go back to the site within a few hours there are often more files which are claimed to be mine.


----------



## Resolution (Sep 17, 2005)

Download HijackThis. Run the program, and submit the log to the HijackThis Log Help  forum. If there is something suspicious running on your system, the analysts there will find it and help you remove it.


----------



## brduk (Jun 17, 2005)

Yeah, i've already checked for malicious software, i've ran various spyware programs and a full system scan with Kaspersky Anti-virus.

My Hijack This log looks clean too, i'm an experienced PC user and know what to look out for on the logs (or at least know when something irregular appears) so i'm confident that this is not the result of a trojan or other piece of malicious software. 

My concern that this is an external problem, the last time this happened my ISP dealt with it purely by looking at my A/V and Firewall logs, nothing on my PC was changed from when the problem was identified to when it was resolved, so I presume that they must have blocked the IP, or contacted the ISP where the internet traffic was being routed from.

Just checked the www.putfile.com website after clearing the history at my last post, another 3 files have appeared.


----------



## Resolution (Sep 17, 2005)

brduk said:


> My Hijack This log looks clean too, i'm an experienced PC user and know what to look out for on the logs (or at least know when something irregular appears) so i'm confident that this is not the result of a trojan or other piece of malicious software.


You have to be willing to work with the rest of us here if you have a problem. You may be experienced, but no one here knows this for a fact. So please swallow your pride, and let the analysts take a look at your log.



brduk said:


> My concern that this is an external problem, the last time this happened my ISP dealt with it purely by looking at my A/V and Firewall logs, nothing on my PC was changed from when the problem was identified to when it was resolved, so I presume that they must have blocked the IP, or contacted the ISP where the internet traffic was being routed from.


If nothing on your PC was changed, then there was absolutely nothing wrong on your end. If you did have some type of proxy or malicious server running on your system, then your ISP would have notifyed you of this. If you are making presumptions, then you really don't know what they did.



brduk said:


> Just checked the www.putfile.com website after clearing the history at my last post, another 3 files have appeared.


I don't see what putfile.com has to do with the incident you had before with your ISP? Can any of these images be found on your computer, or are they random images that are generated by the webserver? Like I said before, please post your HijackThis log so you can get a second or third opinion.


----------



## brduk (Jun 17, 2005)

Resolution said:


> You have to be willing to work with the rest of us here if you have a problem. You may be experienced, but no one here knows this for a fact. So please swallow your pride, and let the analysts take a look at your log.


Done.



Resolution said:


> If nothing on your PC was changed, then there was absolutely nothing wrong on your end. If you did have some type of proxy or malicious server running on your system, then your ISP would have notifyed you of this. If you are making presumptions, then you really don't know what they did.


My ISP confirmed that internet traffic was either being routed through my cable connection, or that it was attemped to be routed through my connection. That part is fact. How they resolved it is speculation on my part, but I do know that they did not alter the PC in any way.



Resolution said:


> I don't see what putfile.com has to do with the incident you had before with your ISP? Can any of these images be found on your computer, or are they random images that are generated by the webserver? Like I said before, please post your HijackThis log so you can get a second or third opinion.


Ever heard the phrase "Once bitten, twice shy"? I have asked various others to visit the putfile website to see if they have the same experience that I do, none have so far. None of the images or media files are ones that I have seen before, thankfully most seem to be innocent, but you never know what could turn up. So I am concerned that somehow my cable connection may be being 
utilised by someone without my consent, as it has happened in the past this would explain my linking of the two events.


----------



## Resolution (Sep 17, 2005)

Are you behind a router? Go to Sheilds Up and run a port scan to see if you have any odd ports open. It couldn't hurt to run the Symantec Security Check while you are at it.


----------



## brduk (Jun 17, 2005)

Nope, no router, single PC setup.


----------



## Resolution (Sep 17, 2005)

Are you able to duplicate the putfile problem with Internet Explorer?


----------



## brduk (Jun 17, 2005)

Resolution said:


> Are you able to duplicate the putfile problem with Internet Explorer?


Good point, just checked, and the answer is yes. Both are now displaying the same single file.


----------



## sUBs (May 5, 2005)

The services offered by putfile.com requires you to register for a free a/c

Therefore, anyone with your password could upload into your account. 

It neednt be a password. It may even be cookie left on a PC you have used to access putfile.com.

You should ask the ppl at putfile to have your password changed.


----------



## brduk (Jun 17, 2005)

sUBs said:


> The services offered by putfile.com requires you to register for a free a/c
> 
> Therefore, anyone with your password could upload into your account.
> 
> ...


Thats the thing, I *dont* have a putfile account, I only ever occasionally visit the site to have a look at the top 50 funny videos. I have never registered or uploaded anything to their service (I only ever use photobucket or my own webspace).


----------



## Resolution (Sep 17, 2005)

I'm curious. Are you able to view this image? 

http://www.putfile.com/images/sizes.PNG


----------



## brduk (Jun 17, 2005)

Resolution said:


> I'm curious. Are you able to view this image?
> 
> http://www.putfile.com/images/sizes.PNG


Via your link, yes I can. I also see this image when I click the "Clear my History" button on the putfile.com website. At this moment in time though, I see 6 images (3 of a couple with their child and some other small .gifs) and 2 media files.

:4-dontkno


----------

