Well, I'll try and help ya out...

First thing, if your running one of the NT flavors, you can run a "netstat" from the command line.
Here is what mine looks like.

TCP rudolph:1130 63.146.109.221:http ESTABLISHED
TCP rudolph:1131 63.236.18.117:http TIME_WAIT
TCP rudolph:1132 192.0.0.1:netbios-ssn TIME_WAIT
TCP rudolph:1133 63.236.18.117:http ESTABLISHED
TCP rudolph:1134 63.146.109.221:http ESTABLISHED

Now the first name is my comp name and what local port is being used, the second section is the Remote PC's IP address and what protocol is being used. This should be a good start.

Otherwise, are you running something like Kaza or morpheous? if you are, your hosting files unless you specificly turned it off. You may also want to look into a firewall application (i hear Zonealarm is pretty good) and see what it reports.

Hope you get it sorted out

Oh, almost forgot.. For abuse issues, most ISP's won't do anything unless it's one of THEIR users that is doing the hacking.