![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 4%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
Microsoft Edge | Website issues | Windows 11
Troubleshooting website display or functionality issues in Edge on Windows 11
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 39%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKH%3C/text%3E%3C/svg%3E)
Hello, Josh
Welcome to Microsoft Q&A.
Thank you for contacting us and thoroughly describing your situation. I can truly feel the immense pressure and confusion you’ve endured during this four-year-long struggle—it must be incredibly exhausting. Seeking professional help and diligently collecting information is absolutely the right and commendable approach.
Before you submit all this information to the cybersecurity company, I’d like to offer a potentially different perspective based on my professional knowledge. Many of the symptoms you’ve described—while they certainly resemble a complex hacking attempt—also strongly align with how certain advanced security software operates. Let me walk through your concerns one by one, which may help both you and your cybersecurity team pinpoint the issue faster.
Regarding the Loopback (127.0.0.1) and Your Core Concern
First and foremost, all internet traffic going through the Loopback adapter (127.0.0.1) is not necessarily a sign of being hacked. On the contrary—it’s often a sign that security software is protecting your system.
You can think of the Loopback address as your computer’s internal post office. When one program wants to “talk” to another program on the same machine, it sends data to 127.0.0.1. Many security tools—such as antivirus, firewalls, VPNs, and DNS filters—use this mechanism to protect you by:
- Telling your operating system, “Hey, send all traffic to me first at 127.0.0.1.”
- Listening on that address to intercept all data.
- Filtering, scanning, or encrypting the data to ensure it’s safe.
- Forwarding the clean data to the real internet.
This is a standard and efficient local proxy model.
Let’s Re-examine Your Points Through This Lens:
1 & 2) Why is traffic going through 127.0.0.1 and 127.0.0.2? Why does DNS filtering software “freak out”?
This perfectly matches the local proxy model. When you install DNS filtering software, it needs to become your computer’s DNS server to intercept DNS queries. So it assigns itself a loopback address like 127.0.0.1 or 127.0.0.2.
The “fight” you’re witnessing is likely not with hackers—but rather your DNS software trying to maintain control over DNS settings while you manually override them. These programs are built with self-healing mechanisms to keep working properly, so it might look like a tug-of-war from the outside.
- Regarding the Cloned Open Network
This might not be a “clone.” Many modern routers and Wi-Fi systems offer features that might confuse you, including:
- Guest networks: Isolated open or password-protected networks.
- Band separation: Broadcasting both 2.4GHz and 5GHz under different names.
- Wi-Fi extenders: Creating seemingly similar networks.
- Router Configuration Page
Also a classic case. Many ISPs (like Cogeco) encourage users to use their app instead of directly configuring the router. So, they show a restricted interface on the web portal asking you to download their app.
However, this is only a superficial restriction. You (or a program) may have accessed the router’s true interface (e.g., 192.168.0.1), bypassing the branded screen. That’s not hacking—it’s just how advanced users gain more control.
- Four-Year Battle, No Ransom, No Malice?
That is indeed suspicious. Professional hackers usually have a motive: stealing money, data, computing power, or extorting you. A four-year-long “attack” with no demands and only pushback when you change settings strongly resembles a misconfigured or overly aggressive piece of security software—not a targeted hack. The fact that no malware is found supports this.
- How to Get Off Loopback?
You can’t and shouldn’t remove the loopback adapter. It’s essential to the operation of all modern operating systems (Windows, macOS, Linux). The real question is:
“Which legitimate program is intercepting my traffic locally?”
Before Spending a Fortune on Cybersecurity Firms, I Strongly Recommend:
- Inventory all security software: List every antivirus, firewall, VPN, DNS filter, ad blocker, privacy tool, and system optimizer on your machine.
- Perform a Clean Boot: In Windows, disable all non-Microsoft startup services and reboot. Observe if the issues go away—this helps isolate third-party conflicts.
Disclaimer: A “clean boot” starts Windows with a minimal set of drivers and startup programs. It helps to determine whether a background service is interfering with your game or program and to isolate the cause of a problem.
These steps of "clean boot" might look complicated at first glance. However, to avoid any trouble for you, please follow them in order and step-by step so that it will help you get back on track.
- Enable services one by one: Restart after enabling each service to catch which one causes the issue.
- Fully reset network settings:
- Factory reset your router to remove any weird configurations.
- Reset network settings in Windows: Settings > Network & Internet > Advanced Network Settings > Network Reset.
- Factory reset your router to remove any weird configurations.
If I were your hired expert, my first mission would be to identify and remove the software that’s rerouting all your traffic to loopback.
I hope this gives you a fresh, more constructive direction to investigate. Best of luck!
Best wishes
Kai Ho | Microsoft Q&A Support Specialist