Hey. I have a cable internet connection running windows xp, and firefox is my browser, avir free is my virus protection, and only running windows firewall. When I try to log on to isohunt.com, I get a "network timed out" error, I click the "try again" button, and the site loads up. I type in something to search for, and same thing, "network timed out". I also have MWB, running IP protection, and when I try to go to isohunt.com, I get a popup saying denying access to malicoius site 95.211.12.140. I even get that popup, when I'm already on a site, with a different ip address, of course. If I disable ip protetection, I still get the "network timed out" error. Now hear's the funny part, If I boot with my network enabled BartPe, or live linux cd, I don't get any issues, when trying to access isohunt.com. I've run rootkit scans, and mutiple virus scans, and same issue. Is there a fix for this? Thanks.
stumped?
- Thread starter miniboss
- Start date
What is this popup? Is it a windows popup or a browser popup? Screenshot?
isohunt.com's ip address is :
208.71.112.30
Can you do this in Windows XP.
1. Open a Dos command prompt
2. Type "ping isohunt.com" without the quotes
3. tell me what the output is.
Then do:
1. Open a DOS command prompt
2. Type "tracert isohunt.com" without the quotes
3. Tell me what the output is.
BTW, do you have a router? If not, I strongly suggest you get one. Your computer with Windows XP connected directly to the internet (even with Windows Firewall) is not good enough.
isohunt.com's ip address is :
208.71.112.30
Can you do this in Windows XP.
1. Open a Dos command prompt
2. Type "ping isohunt.com" without the quotes
3. tell me what the output is.
Then do:
1. Open a DOS command prompt
2. Type "tracert isohunt.com" without the quotes
3. Tell me what the output is.
BTW, do you have a router? If not, I strongly suggest you get one. Your computer with Windows XP connected directly to the internet (even with Windows Firewall) is not good enough.
Last edited:
when i pinged isohunt.com, it pinged 208.71.112.30, with no issues. Trace gave me the following result. Tracing route to isohunt.com(208.71.112.30)over a maximum of 30 hops
1 * * * requested timed file:///C:/DOCUME%7E1/ALMIGH%7E1/LOCALS%7E1/Temp/moz-screenshot-2.jpgout
2 23ms 11ms 19ms rc1ar-ge4-0-0-9.ed.shawcable.net [64.59.189.226]
3 26ms 36ms 46ms rc3sc-tge-0-1-0-5-0.wp.shawcable.net [66.163.77.65]
and so on. the popup was produced by malware bytes ip protection system.
file:///C:/DOCUME%7E1/ALMIGH%7E1/LOCALS%7E1/Temp/moz-screenshot.jpgfile:///C:/DOCUME%7E1/ALMIGH%7E1/LOCALS%7E1/Temp/moz-screenshot-1.jpg
1 * * * requested timed file:///C:/DOCUME%7E1/ALMIGH%7E1/LOCALS%7E1/Temp/moz-screenshot-2.jpgout
2 23ms 11ms 19ms rc1ar-ge4-0-0-9.ed.shawcable.net [64.59.189.226]
3 26ms 36ms 46ms rc3sc-tge-0-1-0-5-0.wp.shawcable.net [66.163.77.65]
and so on. the popup was produced by malware bytes ip protection system.
file:///C:/DOCUME%7E1/ALMIGH%7E1/LOCALS%7E1/Temp/moz-screenshot.jpgfile:///C:/DOCUME%7E1/ALMIGH%7E1/LOCALS%7E1/Temp/moz-screenshot-1.jpg
Eh try uploading the images to the net... copy pasting the location on your hard drive means nothing.
Have you checked your host file to see if there is any pre-dns host trickery going on?
Malware Antibytes could be blocking the IP from one of ISOhunt's advertising partners as well, which would make sense if you can load the actual isohunt page.
edit:
Yup, looks like 95.211.12.140 resolves to www.crowdgravity.com which is a an advertising affiliate program. They probably use a combination of cookies and .gif's to track your travels which raises a flag with Malware Antibytes.
Malware Antibytes could be blocking the IP from one of ISOhunt's advertising partners as well, which would make sense if you can load the actual isohunt page.
edit:
Yup, looks like 95.211.12.140 resolves to www.crowdgravity.com which is a an advertising affiliate program. They probably use a combination of cookies and .gif's to track your travels which raises a flag with Malware Antibytes.
Last edited:
even with MWB ip protection disabled, I still get the "network timed out" error. I have the screen shots of the ping and trace
http://i47.tinypic.com/28k3kt5.jpg
http://i48.tinypic.com/335gox0.jpg
I pinged and traced isohunt.com, with ip protection disabled.
I downloaded a "clean" hostfile(no extension), it's an executable file called "fixhosts" to see if that would fix the issue, no go.
I'm close to just doing a repair install of windows, but I'd like to exhaust all other avenues first. I do appreciate all the help. Thanks.
http://i47.tinypic.com/28k3kt5.jpg
http://i48.tinypic.com/335gox0.jpg
I pinged and traced isohunt.com, with ip protection disabled.
I downloaded a "clean" hostfile(no extension), it's an executable file called "fixhosts" to see if that would fix the issue, no go.
I'm close to just doing a repair install of windows, but I'd like to exhaust all other avenues first. I do appreciate all the help. Thanks.
isohunt & demonoid infected with malware
in regards to ip address 95.211.12.140 being blocked, this same ip address installed malware on 2 computers i own. just clicking on the search bar on isohunt and demonoid resulted in a pdf popping up and freezing, then my screen turns green, then all these popups about being infected. they call it the "internet security 2010 virus" it disabled my task manager and made it impossible to start in safe mode. mcafee antivirus let enough of it in that i had to run malwarebytes, combo fix then malwarebytes again (under the guidance of the malwarebytes folks). even after all of that i still had it coming back, even though i was unplugged from the internet. i had to manually remove a file using mwb file annilator (yehn.exe) which was hiding in widows prefetch. then it finally stopped coming back. i'm sure these torrent sites are being sabotaged by 95.211.12.140. i bought norton. it seems to be stopping this attack. i got mcafee for free with my dsl internet. i guess its worth what i paid for it. nothing. thanks. jim
in regards to ip address 95.211.12.140 being blocked, this same ip address installed malware on 2 computers i own. just clicking on the search bar on isohunt and demonoid resulted in a pdf popping up and freezing, then my screen turns green, then all these popups about being infected. they call it the "internet security 2010 virus" it disabled my task manager and made it impossible to start in safe mode. mcafee antivirus let enough of it in that i had to run malwarebytes, combo fix then malwarebytes again (under the guidance of the malwarebytes folks). even after all of that i still had it coming back, even though i was unplugged from the internet. i had to manually remove a file using mwb file annilator (yehn.exe) which was hiding in widows prefetch. then it finally stopped coming back. i'm sure these torrent sites are being sabotaged by 95.211.12.140. i bought norton. it seems to be stopping this attack. i got mcafee for free with my dsl internet. i guess its worth what i paid for it. nothing. thanks. jim
Ok, here is my screenshot of "ipconfig /all"
http://i46.tinypic.com/1z4v37m.jpg
I noticed something else, when I tried to look for a file, it wouldn't come up, just an ip address: 117.199.80.111, that isn't reachable
This is what the screen should look like when I typed in the search for the file I was looking for. I know I'm going to get in crap for this, but the only way to explain is to show it. I got this via booting with my network enabled BartPE disc.
http://i48.tinypic.com/2zezezc.jpg
this is what the screen looks like when I attempt the search using normal windows.
http://i47.tinypic.com/2wlt5hg.jpg
I know I'll get in hell for that one too. I will try the ip reset, I just wanted to show you the result of the issue I'm having. I appreciate the effort on your part to help me get this thing solved. To "thebinderguy" it sure sounds like a mean little basterd, I hope I don't have the trouble you had, thankfuly there are kind hearted folks out there willing to give us stranded people a hand. I do have another issue, it's in regards to my image burning program "imgburn", that worked flawlessly since I first installed it, but now the buffer drops to zero when I'm tring to burn a disc, then I get a "device i/o error", and can't finish the burn. I don't know if it's related in any way.
http://i46.tinypic.com/1z4v37m.jpg
I noticed something else, when I tried to look for a file, it wouldn't come up, just an ip address: 117.199.80.111, that isn't reachable
This is what the screen should look like when I typed in the search for the file I was looking for. I know I'm going to get in crap for this, but the only way to explain is to show it. I got this via booting with my network enabled BartPE disc.
http://i48.tinypic.com/2zezezc.jpg
this is what the screen looks like when I attempt the search using normal windows.
http://i47.tinypic.com/2wlt5hg.jpg
I know I'll get in hell for that one too. I will try the ip reset, I just wanted to show you the result of the issue I'm having. I appreciate the effort on your part to help me get this thing solved. To "thebinderguy" it sure sounds like a mean little basterd, I hope I don't have the trouble you had, thankfuly there are kind hearted folks out there willing to give us stranded people a hand. I do have another issue, it's in regards to my image burning program "imgburn", that worked flawlessly since I first installed it, but now the buffer drops to zero when I'm tring to burn a disc, then I get a "device i/o error", and can't finish the burn. I don't know if it's related in any way.
I tried the ip reset idea. I don't get the "network timed out error" anymore, and it seems to run snappier, if that's a word, but you compare the first screenshot of my search and the second, the search is still turning up the second screenshot equivalent. Any ideas? I know, I'm pretty demanding 
. Thanks.
. Thanks.I got another crimp to add to the mix. I booted into safemode with networking enabled, logged onto isohunt.com, and typed in the search object as in both screen shots, guess what? The result was the same as in the first screen shot, go figure. So between safemode, and normal boot, windows is handling the internet connection, differently, I just don't know why. If a virus or malware, or anything of that nature caused this, I'd like to know how and why. Thanks.
1. What kind of addons are you running in firefox in windows XP?
2. In Windows XP, do you get the same behaviour when you run Firefox in safe mode? Safe mode for firefox can be accessed in the Start Menu => Programs => Mozilla directory.
Do you leave your computer running 24/7? If so, you ipconfig/all screenshot suggests you have your computer hooked directly to the Internet. XP has known unpatched vulnerabilities and I strongly suggest you run behind an Internet Router.
2. In Windows XP, do you get the same behaviour when you run Firefox in safe mode? Safe mode for firefox can be accessed in the Start Menu => Programs => Mozilla directory.
Do you leave your computer running 24/7? If so, you ipconfig/all screenshot suggests you have your computer hooked directly to the Internet. XP has known unpatched vulnerabilities and I strongly suggest you run behind an Internet Router.
I've just noticed something odd. Your second screenshot from XP, the bottom shows "transferring data from www.yceml.net..." When I look it up on the internet, it is a marketing company serving up ads.
When I try to ping it on my machine, I get response from 127.0.0.1 which is my own machine. I am running Spybot Search and Destroy which probably rerouted it my machine instead of the Internet. It would be interesting to see what your results are when you try to ping "www.yceml.net" (without the quotes) and how long the responses take?
When I try to ping it on my machine, I get response from 127.0.0.1 which is my own machine. I am running Spybot Search and Destroy which probably rerouted it my machine instead of the Internet. It would be interesting to see what your results are when you try to ping "www.yceml.net" (without the quotes) and how long the responses take?
reply to: cdn_bc_ca. No I don't leave my computer on 24/7, and yes it's hooked up directly to the internet, no router, only windows firewall. This is the screenshot of "ping www.yceml.net"
http://i45.tinypic.com/2libr42.jpg
For addons, are you talking extensions, and/or plugins? There is no change when running firefox in safemode. Thanks.
http://i45.tinypic.com/2libr42.jpg
For addons, are you talking extensions, and/or plugins? There is no change when running firefox in safemode. Thanks.
It must be some addon in Firefox or a proxy setting that you've set.
If you go into firefox and in the tools menu select addons. It should list all the addons you are running.
also in the edit menu, under preferences, look for the section that relates to connections. Check those settings to make sure that you are directly connected to the internet.
One useful addon that you can add is Adblock Plus. It basically eliminates all the ads you are seeing in those screenshots you provided.
If you go into firefox and in the tools menu select addons. It should list all the addons you are running.
also in the edit menu, under preferences, look for the section that relates to connections. Check those settings to make sure that you are directly connected to the internet.
One useful addon that you can add is Adblock Plus. It basically eliminates all the ads you are seeing in those screenshots you provided.