when installing spybot get as far as trying to contact 127.0.0.1

I have XP Pro, Comcast internet, the two are connected with a router.

Earlier today Google started returning search results to me that, when clicked, took me to HotJobs and other ad sites.  Uh oh.

I have run AVG, it has found nothing.

I have seen one message today when "AV.DAT" tried to go through AVG firewall.  I denied it.

I downloaded Search & Destroy (on an other machine) but during its install it wants to download files from "127.0.0.1" and the error message is that a connection could not be established.  That isn't surprising to me because I cannot surf to:

http://msdn.microsoft.com/
http://www.safer-networking.org/

I can't get to the Hijackthis site to download it.

HOSTS file is empty save for the comments at the top.  127.0.0.1 WAS there, I removed it.

Malwarebytes is running right now, but it could not contact its web site when it tried.

Please help me.  ;-)

JXCovertAsked:
Who is Participating?
 
ladarlingConnect With a Mentor Commented:
If you are trying to download from \\localhost (127.0.0.1) then your machine is looking at itself. If you dont have any server software running, then you *should*  just get an error. HOSTS, by default, will be blank except for a reference to the localhost (127.0.0.1), so you should not be concerned about that.
If you can browse to *any* well known web sites, then your redirection or blocking is either coming from the Browser, firewall software, or your ISP's DNS server.
 First Thing:  check Add-Ons if you are using IE, disable any add-ons that you cant identify. This is a common place for hijack-ware.
Also, check your Internet Explorer LAN (Tools > Internet Options > Connections > LAN Settings) settings to make sure the you are not being pointed to a Proxy server and that Automaticaly detect settings is checked.
If thats good, check to make sure that you are not blocking the sites with overly-aggressive security settings.
If all else fails, contact you ISP to see if they are having DNS issues.
0
 
aboredmanConnect With a Mentor Commented:
127.0.0.1 is the loopback adress. It's the machine local adress. There is not really any danger in contacting 127.0.0.1
0
 
IndiGenusConnect With a Mentor Commented:
If you can, download HijackThis on another PC and copy it over with a USB drive or whatever is convenient. If it still won't run try renaming it. The log would help analyze what is going on.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
JXCovertAuthor Commented:
Thanks to all thus far!

Malwarebytes found a Trojan and destroyed it (it appears).  I can now surf to the above listed sites quite well.  Spybot is installed and running, thus far it has identified only one threat:

Microsoft.WindowSecurityCenter

Heh!

My issues now are:

-- cannot connect to my home windows network (it shows me that the network exists, but trying to see other computers on it gives "mynetworkname is not accessible".

-- I cannot ping my work VPN, which is disconcerting

LADarling: Automatically detect settings was NOT checked, now it is.  I doubt it is ISP; my other machines on my network here work fine.   I have just disabled a bunch of IE AddOns.

Powering down entire bagshoot now...


0
 
JXCovertAuthor Commented:
These...
-- cannot connect to my home windows network (it shows me that the network exists, but trying to see other computers on it gives "mynetworkname is not accessible".

-- I cannot ping my work VPN, which is disconcerting

are now remedied (LADarling - overzealous firewalling was correct!).  I am going into wait-and-see mode prior to closing this question.

Thanks all!
0
 
JXCovertAuthor Commented:
So in the final analysis:

-- MalwareBytes removed a virus

-- An overzealous firewall was blocking the sites I could not reach.  Perhaps the malware adjusted the firewall, that's unknown.

Thanks ABoredMan.  Thanks IndiGenus.  Thanks LADarling.

I am obliged to you'alll for hopping on this so quickly.

0
All Courses

From novice to tech pro — start learning today.