at Wilder's!
http://www.wilderssecurity.com/index.php?board=18;action=display;threadid=23204;start=15#msg137682
"We think Norton is responsible for assigning 127.0.0.1 to www.merijn.org "
"The hosts issue is something that has no bearing in this at all.... and those sites were indeed being redirected to localhost at the time. I know, I tested it and wrote that writeup.... Coolwebsearch installed this hosts file with one of its variants, mainly the smartsearch one.
Coolwebsearch have shown they will stop at nothing to take down the help sites whether it is by redirecting people who need help to one of their domains or denying them access to these sites by sending them to 127.0.0.1. But that by no means make them the only possible source of attack....
Next issue, Norton and its firewall logs.......
It seems the Norton Firewall is using the DNS cache to resolve the IPs in its log.... so "any" connection to local host is switched to merijn.org after a visit of the site."

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic