Solved

when installing spybot get as far as trying to contact 127.0.0.1

Posted on 2008-09-29
6
2,437 Views
Last Modified: 2013-12-06
I have XP Pro, Comcast internet, the two are connected with a router.

Earlier today Google started returning search results to me that, when clicked, took me to HotJobs and other ad sites.  Uh oh.

I have run AVG, it has found nothing.

I have seen one message today when "AV.DAT" tried to go through AVG firewall.  I denied it.

I downloaded Search & Destroy (on an other machine) but during its install it wants to download files from "127.0.0.1" and the error message is that a connection could not be established.  That isn't surprising to me because I cannot surf to:

http://msdn.microsoft.com/
http://www.safer-networking.org/

I can't get to the Hijackthis site to download it.

HOSTS file is empty save for the comments at the top.  127.0.0.1 WAS there, I removed it.

Malwarebytes is running right now, but it could not contact its web site when it tried.

Please help me.  ;-)

0
Comment
Question by:JXCovert
6 Comments
 
LVL 7

Assisted Solution

by:aboredman
aboredman earned 50 total points
ID: 22596900
127.0.0.1 is the loopback adress. It's the machine local adress. There is not really any danger in contacting 127.0.0.1
0
 
LVL 20

Assisted Solution

by:IndiGenus
IndiGenus earned 50 total points
ID: 22596980
If you can, download HijackThis on another PC and copy it over with a USB drive or whatever is convenient. If it still won't run try renaming it. The log would help analyze what is going on.
0
 
LVL 11

Accepted Solution

by:
ladarling earned 400 total points
ID: 22597175
If you are trying to download from \\localhost (127.0.0.1) then your machine is looking at itself. If you dont have any server software running, then you *should*  just get an error. HOSTS, by default, will be blank except for a reference to the localhost (127.0.0.1), so you should not be concerned about that.
If you can browse to *any* well known web sites, then your redirection or blocking is either coming from the Browser, firewall software, or your ISP's DNS server.
 First Thing:  check Add-Ons if you are using IE, disable any add-ons that you cant identify. This is a common place for hijack-ware.
Also, check your Internet Explorer LAN (Tools > Internet Options > Connections > LAN Settings) settings to make sure the you are not being pointed to a Proxy server and that Automaticaly detect settings is checked.
If thats good, check to make sure that you are not blocking the sites with overly-aggressive security settings.
If all else fails, contact you ISP to see if they are having DNS issues.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:JXCovert
ID: 22597517
Thanks to all thus far!

Malwarebytes found a Trojan and destroyed it (it appears).  I can now surf to the above listed sites quite well.  Spybot is installed and running, thus far it has identified only one threat:

Microsoft.WindowSecurityCenter

Heh!

My issues now are:

-- cannot connect to my home windows network (it shows me that the network exists, but trying to see other computers on it gives "mynetworkname is not accessible".

-- I cannot ping my work VPN, which is disconcerting

LADarling: Automatically detect settings was NOT checked, now it is.  I doubt it is ISP; my other machines on my network here work fine.   I have just disabled a bunch of IE AddOns.

Powering down entire bagshoot now...


0
 

Author Comment

by:JXCovert
ID: 22597822
These...
-- cannot connect to my home windows network (it shows me that the network exists, but trying to see other computers on it gives "mynetworkname is not accessible".

-- I cannot ping my work VPN, which is disconcerting

are now remedied (LADarling - overzealous firewalling was correct!).  I am going into wait-and-see mode prior to closing this question.

Thanks all!
0
 

Author Comment

by:JXCovert
ID: 22604951
So in the final analysis:

-- MalwareBytes removed a virus

-- An overzealous firewall was blocking the sites I could not reach.  Perhaps the malware adjusted the firewall, that's unknown.

Thanks ABoredMan.  Thanks IndiGenus.  Thanks LADarling.

I am obliged to you'alll for hopping on this so quickly.

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I recently had to create a utility which aim is to update McAfee's Virusscan and that had to be launched from a command line. I thought I’d share my experience with you. Why is it useful to be able to update an Antivirus from the command line?…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now