Invalid IP address for AT forums

[EagleKeeper]

66.117.33.55 is showing as what is attempting to connect to forums.anandtech.com
66.218.75.184 is showing as what is attempting to connect to mail.yahoo.com

I have removed all references to those sites from the hosts.ini file(s) and the registry

System was fine last Friday/Sat, come Sun morning I was unable to connect. However using another system, I can get to the forums just fine.

I have tried shutting down Zone Alarm, problem still exists.
System restore back to Fri does not fix the problem.

Problem occurs with IE7.0, Mozilla and Netscape.

Many moons ago, my local cable ISP company mentioned that I should rebuild my TCP/IP stack. This was when my mail.yahoo.com stoped being accessible. Never followed up on that suggestion, beyond my knowledge.

I willing to try any leads with the exception of rebuilding the system. I have programs installed/configured that I do not have the installation CDs available at this time

 

[DaiShan]

Ok, so other computers on the same LAN can access the forums fine? Which version of windows are you using? Does the cable modem plug into your computer or a router? If a router, are you using DHCP or statically assigned internal IP's?

/edit when you ping forums.anandtech.com you get the ip you listed in your OP? Also what happens when you type those addresses into your web browser? Does it time out or take you some place else?

 

[HN]

how many hosts files do you have? and they're actually named "hosts.ini"? I thought it was just "hosts" (no extension). just throwing it out there.

 

[RebateMonger]

What is your DNS Server listed as?
I've seen hijacked DNS Server settings that point to a DNS server in Russia.

Make sure that your TCP/IP DNS Server setting ultimately points to a trustworth DNS Server.

You can either check your Network Connections Control Panel or use the "NSLOOKUP" command at the command prompt.

 

[bruceb]

It could be IE7 that is causing it as it is stil in beta
You could also try WINSOCKFIX

Get it here: http://www.majorgeeks.com/download4372.html

This forum should be on IP: 208.65.201.106

 

[drum]

Originally posted by: bruceb
It could be IE7 that is causing it as it is stil in beta
You could also try WINSOCKFIX

Get it here: http://www.majorgeeks.com/download4372.html

This forum should be on IP: 208.65.201.106

definately give the winsockfix a try

 

[EagleKeeper]

Originally posted by: DaiShan
Ok, so other computers on the same LAN can access the forums fine? Which version of windows are you using? Does the cable modem plug into your computer or a router? If a router, are you using DHCP or statically assigned internal IP's?

/edit when you ping forums.anandtech.com you get the ip you listed in your OP? Also what happens when you type those addresses into your web browser? Does it time out or take you some place else?

WinXP Pro with current sevice packs is on the infected laptop.
Currently using a client network that goes though some router and out DSL.
I am using DCHP for all systems.
When the probelm started with AT, I was using a wireless network at my hotel, going out DSL.

When I ping forums.anandtech.com on the "screwed up" system, the echo responds back with the 66.117.33.55 address and states the Request timed out
The same happens when I ping that 66.117.33.55 address.

Trying to enter the bad addy in the address bar; also generates a bad Web address page.

Trying to type in the proper addy as an IP, into IE, pulls up the forums login page. Once I have entered the login information, the page continues to recycle back to the default login.

Originally posted by: HN
how many hosts files do you have? and they're actually named "hosts.ini"? I thought it was just "hosts" (no extension). just throwing it out there.

There are two hosts.ini files existing on the system.
I have made sure that both are identical.
C:\windows\I386
C:\windows\system32\drivers\etc

Originally posted by: RebateMonger
What is your DNS Server listed as?
I've seen hijacked DNS Server settings that point to a DNS server in Russia.

Make sure that your TCP/IP DNS Server setting ultimately points to a trustworth DNS Server.

You can either check your Network Connections Control Panel or use the "NSLOOKUP" command at the command prompt.

On both systems; the properties page is set to "obtain the DNS server address automatically"automatically.

on the good system, I can ping the current DNS server and also ping the "infected" laptop.
When I unplug the laptop, the ping fails.

The DNS server address shows the same on both systems 216.81.203.xxx (chief.eg.int)

 

[EagleKeeper]

Originally posted by: drum

Originally posted by: bruceb
It could be IE7 that is causing it as it is stil in beta
You could also try WINSOCKFIX

Get it here: http://www.majorgeeks.com/download4372.html

This forum should be on IP: 208.65.201.106

definately give the winsockfix a try

Problem solved - Both sites are now available.

Thanks for everything.

 

[bruceb]

So what fixed it ? ?
Winsock ? ?

Or something else ? ?

 

[EagleKeeper]

winsockfix solved the problem.

 

[Medea]

A nice little tool is Spoofstick. It's a browser extension that shows where you pointed your browser to. For instance, at the top of my browser, it's stating: "You're on anandtech.com"

Works with either Firefox or IE.