Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: hosts immunisation. www.007guard.com

  1. #1
    Junior Member
    Join Date
    Nov 2007
    Posts
    1

    Angry hosts immunisation. www.007guard.com

    after i apply the hosts immunization whenever i go to any website and run a netstat in the command prompt i keep connecting to www. 007guard.com when i turn the hosts immunization off is does not connect to that site when surfing.


  2. #2
    Member of Team Spybot PepiMK's Avatar
    Join Date
    Oct 2005
    Location
    Planet Earth
    Posts
    3,601

    Default

    Looks like you're missing the first hosts file entry for localhost 127.0.0.1, so that www. 007guard.com would be the first one pointing to 127.0.0.1 now, and netstat finds it in reverse lookup first

    A host file usually starts like this:
    Code:
    # Copyright (c) 1993-1999 Microsoft Corp.
    #
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a '#' symbol.
    #
    # For example:
    #
    #      102.54.94.97     rhino.acme.com          # source server
    #       38.25.63.10     x.acme.com              # x client host
    
    127.0.0.1       localhost
    Important is the last line, which always should be the first uncommented (uncommented means not starting with the # sign) line.
    Just remember, love is life, and hate is living death.
    Treat your life for what it's worth, and live for every breath
    (Black Sabbath: A National Acrobat)

  3. #3
    Junior Member
    Join Date
    May 2009
    Posts
    2

    Default

    hi, im actually having same problem.

    the www. 007guard.com keep getting in my netstats. scanned with many cleaner especially my trusted spybot S&D but it still there.

    i used Process Explorer and see so many process have the 007guard on it.
    here is 1 screenshot of my yahoo messenger process.



    i used hijackthis, also dont see any suspicous entry.

    so i checked my hosts file and see that 007guard is there on the list.
    i assume my pc should be protected already. but its not.

    so i used combofix, and combofix deleted the hosts file created by spybot and only leave the address 127.0.0.1 localhost

    and them the problem gone.

    after restarted my pc few times, i satisfied until 1 week later i downloaded latest version of spybot, update it and apply immunization.

    and ther it is again. 007guard is on the list and the problem repeated again.

    so what i do is, delete the 007guard from the hosts list, then its okay.

    my question is, i dont know what to ask.
    but i ask anyway, why is this happening. does immunization from spybot did this? (seems like it does).

    this my netstat list :

    C:\Documents and Settings\bzzts>netstat

    Active Connections

    Proto Local Address Foreign Address State
    TCP BzztsIntel:1028 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1031 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1034 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1036 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1037 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1044 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1048 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1050 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1052 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1054 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1060 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1064 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1065 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1067 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1072 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1084 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1088 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1090 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1092 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1095 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1098 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1100 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1102 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1107 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1110 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1112 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1116 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1122 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1131 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1134 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1136 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1140 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1141 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1144 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1154 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1155 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1158 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1160 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1161 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1162 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1178 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1179 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1182 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1184 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1186 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1188 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1197 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1200 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1204 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1206 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1210 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1218 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1222 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1241 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1248 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1251 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1253 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1255 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1257 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1259 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1261 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1267 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1269 007guard.com:10080 ESTABLISHED
    TCP BzztsIntel:1270 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1275 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1277 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1279 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1281 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1285 007guard.com:10080 FIN_WAIT_2
    TCP BzztsIntel:1287 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1289 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1291 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1293 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1295 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1299 007guard.com:10080 ESTABLISHED
    TCP BzztsIntel:1301 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1303 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1313 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1337 007guard.com:10080 ESTABLISHED
    TCP BzztsIntel:1338 007guard.com:10080 ESTABLISHED
    TCP BzztsIntel:1381 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1383 007guard.com:10080 ESTABLISHED
    TCP BzztsIntel:1389 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:1391 007guard.com:10080 ESTABLISHED
    TCP BzztsIntel:4981 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:4987 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:4997 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:4999 007guard.com:10080 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1025 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1042 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1046 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1056 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1057 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1062 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1074 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1076 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1078 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1079 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1082 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1085 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1094 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1104 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1111 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1118 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1119 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1124 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1125 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1128 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1130 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1138 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1146 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1148 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1165 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1168 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1170 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1172 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1174 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1176 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1190 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1192 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1194 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1196 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1202 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1208 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1212 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1213 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1216 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1220 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1224 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1226 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1227 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1228 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1230 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1235 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1236 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1239 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1243 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1246 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1263 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1265 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1269 ESTABLISHED
    TCP BzztsIntel:10080 007guard.com:1273 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1283 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1285 CLOSE_WAIT
    TCP BzztsIntel:10080 007guard.com:1297 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1299 ESTABLISHED
    TCP BzztsIntel:10080 007guard.com:1305 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1307 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1311 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1315 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1317 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1319 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1321 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1323 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1325 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1327 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1329 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1331 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1333 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1335 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1337 ESTABLISHED
    TCP BzztsIntel:10080 007guard.com:1338 ESTABLISHED
    TCP BzztsIntel:10080 007guard.com:1341 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1343 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1345 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1347 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1349 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1351 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1353 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1355 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1357 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1359 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1361 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1363 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1365 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1367 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1369 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1371 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1373 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1375 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1379 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1383 ESTABLISHED
    TCP BzztsIntel:10080 007guard.com:1385 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1387 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:1391 ESTABLISHED
    TCP BzztsIntel:10080 007guard.com:4983 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:4989 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:4991 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:4993 TIME_WAIT
    TCP BzztsIntel:10080 007guard.com:4995 TIME_WAIT
    TCP BzztsIntel:1030 www.geekstogo.com:http TIME_WAIT
    TCP BzztsIntel:1032 www.bleepingcomputer.com:http TIME_WAIT
    TCP BzztsIntel:1035 www.us.debian.org:http TIME_WAIT
    TCP BzztsIntel:1039 rcm.amazon.com:http TIME_WAIT
    TCP BzztsIntel:1040 cache.filehippo.com:http TIME_WAIT
    TCP BzztsIntel:1045 social.bidsystem.com:http TIME_WAIT
    TCP BzztsIntel:1049 hk-in-f99.google.com:http TIME_WAIT
    TCP BzztsIntel:1051 banner.cari.com.my:http TIME_WAIT
    TCP BzztsIntel:1053 rcm:http TIME_WAIT
    TCP BzztsIntel:1055 forum.lowyat.net:http TIME_WAIT
    TCP BzztsIntel:1061 www.imageshare.web.id:http TIME_WAIT
    TCP BzztsIntel:1066 l.sharethis.com:http TIME_WAIT
    TCP BzztsIntel:1068 www.google:http TIME_WAIT
    TCP BzztsIntel:1069 www.google:http TIME_WAIT
    TCP BzztsIntel:1071 hk-in-f99.google.com:http TIME_WAIT
    TCP BzztsIntel:1073 hk-in-f99.google.com:http TIME_WAIT
    TCP BzztsIntel:1086 www.board4all.cz:http TIME_WAIT
    TCP BzztsIntel:1089 hk-in-f99.google.com:http TIME_WAIT
    TCP BzztsIntel:1091 rcm:http TIME_WAIT
    TCP BzztsIntel:1093 ac3.msn.com:http TIME_WAIT
    TCP BzztsIntel:1097 bs.yandex.ru:http TIME_WAIT
    TCP BzztsIntel:1099 anrtx.tacoda.net:http TIME_WAIT
    TCP BzztsIntel:1101 s7.addthis.com:http TIME_WAIT
    TCP BzztsIntel:1103 www.google:http TIME_WAIT
    TCP BzztsIntel:kpop bleepingcomputer.us.intellitxt.com:http TIME_WA
    IT
    TCP BzztsIntel:1113 media.fastclick.net:http TIME_WAIT
    TCP BzztsIntel:1115 pubads.g.doubleclick.net:http TIME_WAIT
    TCP BzztsIntel:1117 apps.rockyou.com:http TIME_WAIT
    TCP BzztsIntel:1123 forum.xda:http TIME_WAIT
    TCP BzztsIntel:1133 z.about.com:http TIME_WAIT
    TCP BzztsIntel:1135 images.adsyndication.msn.com:http TIME_WAIT
    TCP BzztsIntel:1137 www.gravatar.com:http TIME_WAIT
    TCP BzztsIntel:1142 bs.yandex.ru:http TIME_WAIT
    TCP BzztsIntel:1143 bs.yandex.ru:http TIME_WAIT
    TCP BzztsIntel:1145 rd.apmebf.com:http TIME_WAIT
    TCP BzztsIntel:1156 forums.majorgeeks.com:http TIME_WAIT
    TCP BzztsIntel:1157 cdn.at.atwola.com:http TIME_WAIT
    TCP BzztsIntel:1159 geekstogo.us.intellitxt.com:http TIME_WAIT
    TCP BzztsIntel:1163 blog.taragana.com:http TIME_WAIT
    TCP BzztsIntel:1164 up.nytimes.com:http TIME_WAIT
    TCP BzztsIntel:1166 media.fastclick.net:http TIME_WAIT
    TCP BzztsIntel:1180 d13.zedo.com:http TIME_WAIT
    TCP BzztsIntel:1181 bleepingcomputer.us.intellitxt.com:http TIME_WA
    IT
    TCP BzztsIntel:1183 d13.zedo.com:http TIME_WAIT
    TCP BzztsIntel:1185 ai.pricegrabber.com:http TIME_WAIT
    TCP BzztsIntel:1187 bs.yandex.ru:http TIME_WAIT
    TCP BzztsIntel:1189 www.google:http TIME_WAIT
    TCP BzztsIntel:1199 up.nytimes.com:http TIME_WAIT
    TCP BzztsIntel:1201 cdn.at.atwola.com:http TIME_WAIT
    TCP BzztsIntel:1205 apps.rockyou.com:http TIME_WAIT
    TCP BzztsIntel:1207 www.google:http TIME_WAIT
    TCP BzztsIntel:1211 wwp.icq.com:http TIME_WAIT
    TCP BzztsIntel:1219 m1.2mdn.net:http TIME_WAIT
    TCP BzztsIntel:1223 www.is1.clixgalore.com:http TIME_WAIT
    TCP BzztsIntel:1242 geekstogo.us.intellitxt.com:http TIME_WAIT
    TCP BzztsIntel:1249 www.google:http TIME_WAIT
    TCP BzztsIntel:1252 ty-in-f118.google.com:http TIME_WAIT
    TCP BzztsIntel:1254 www.is1.clixgalore.com:http TIME_WAIT
    TCP BzztsIntel:1256 z:http TIME_WAIT
    TCP BzztsIntel:1258 status.icq.com:http TIME_WAIT
    TCP BzztsIntel:1260 pubads.g.doubleclick.net:http TIME_WAIT
    TCP BzztsIntel:1262 status.icq.com:http TIME_WAIT
    TCP BzztsIntel:1268 ty-in-f118.google.com:http TIME_WAIT
    TCP BzztsIntel:1271 social.bidsystem.com:http ESTABLISHED
    TCP BzztsIntel:1272 pubads.g.doubleclick.net:http TIME_WAIT
    TCP BzztsIntel:1276 sitecheck2.opera.com:http TIME_WAIT
    TCP BzztsIntel:1278 status.icq.com:http TIME_WAIT
    TCP BzztsIntel:1280 blog.taragana.com:http TIME_WAIT
    TCP BzztsIntel:1282 pubads.g.doubleclick.net:http TIME_WAIT
    TCP BzztsIntel:1286 sitecheck2.opera.com:http FIN_WAIT_1
    TCP BzztsIntel:1288 status.icq.com:http TIME_WAIT
    TCP BzztsIntel:1290 ty-in-f118.google.com:http TIME_WAIT
    TCP BzztsIntel:1294 ty-in-f113.google.com:http TIME_WAIT
    TCP BzztsIntel:1296 www.assoc:http TIME_WAIT
    TCP BzztsIntel:1300 social.bidsystem.com:http ESTABLISHED
    TCP BzztsIntel:1302 s4.histats.com:http TIME_WAIT
    TCP BzztsIntel:1304 hk-in-f99.google.com:http TIME_WAIT
    TCP BzztsIntel:1310 hk-in-f99.google.com:http TIME_WAIT
    TCP BzztsIntel:1314 pubads.g.doubleclick.net:http TIME_WAIT
    TCP BzztsIntel:1339 media.socialreach.com:http ESTABLISHED
    TCP BzztsIntel:1340 media.socialreach.com:http ESTABLISHED
    TCP BzztsIntel:1382 login.router:http TIME_WAIT
    TCP BzztsIntel:1384 www.safer:http ESTABLISHED
    TCP BzztsIntel:1390 fastspeedtest.net:http TIME_WAIT
    TCP BzztsIntel:1392 www.kushari.org:http ESTABLISHED
    TCP BzztsIntel:4982 neutrino.cpp.in:http TIME_WAIT
    TCP BzztsIntel:4988 z.about.com:http TIME_WAIT
    TCP BzztsIntel:4998 www.rslinks.org:http TIME_WAIT
    TCP BzztsIntel:5000 scenereleases.info:http TIME_WAIT

    C:\Documents and Settings\bzzts>
    anyway, what is this 007guard anyway? how to permanently block this thing from invading my pc?

  4. #4
    Senior Member
    Join Date
    Oct 2005
    Location
    Germany
    Posts
    5,263

    Default

    Hello,

    It does not actually connect to that site.
    Seems like your netstat has a look what its written in the restricted zones and the host file.
    By the immunization of Spybot - Search & Destroy the baddies are blocked.
    That means that the sites where the baddies come from are added to the restricted zones in order to block them.
    So 007guard is added to the restricted zones in order to block it.

    Best regards
    Sandra
    Team Spybot

  5. #5
    Junior Member
    Join Date
    May 2009
    Posts
    2

    Default

    Quote Originally Posted by spybotsandra View Post
    Hello,

    It does not actually connect to that site.
    Seems like your netstat has a look what its written in the restricted zones and the host file.
    By the immunization of Spybot - Search & Destroy the baddies are blocked.
    That means that the sites where the baddies come from are added to the restricted zones in order to block them.
    So 007guard is added to the restricted zones in order to block it.

    Best regards
    Sandra
    Team Spybot
    thanks for your reply. however i still not satisfy.
    my next question :

    1- do u mean everything is okay? that UDP/TCP to www. 007guard.com is safe?

    2- how to get rid of this situation? (if u can help find solutions).
    becoz my other compewter are all okay and dont hav this problem. (and i hate to format my pc).

    thanks again.

  6. #6
    Member
    Join Date
    Jan 2009
    Posts
    78

    Default

    Quote Originally Posted by disketx View Post
    thanks for your reply. however i still not satisfy.
    my next question :

    1- do u mean everything is okay? that UDP/TCP to www. 007guard.com is safe?

    2- how to get rid of this situation? (if u can help find solutions).
    becoz my other compewter are all okay and dont hav this problem. (and i hate to format my pc).

    thanks again.
    Did you check if you got this entry in your HOSTS file? 127.0.0.1 localhost
    If not, edit your hosts file with notepad and add it before every other entry.

  7. #7
    Junior Member
    Join Date
    May 2009
    Posts
    5

    Default

    I get the same connected to 007guard thing, and yes, 127.0.0.1 localhost is the first entry in the hosts file.

    What is going on here?

    Is there a connection or not? Netstat and IE properties TCP/IP connections say there is a connection.

  8. #8
    Member of Team Spybot PepiMK's Avatar
    Join Date
    Oct 2005
    Location
    Planet Earth
    Posts
    3,601

    Default

    There is a connection - to 127.0.0.1.

    It is not a connection to 007guard.com though - that's a misinterpretation by netstat, displaying just a "random" (possible last?) 127.0.0.1 entry and not the first from the hosts file.

    Connections to 127.0.0.1 are "to" your local machine - a loop redirection to block access to the actual address of specific bad hosts (like 007guard.com).

    Without the hosts file entry, access to 007guard.com would lead to the real bad server, with this, access will be kept "inside" your machine and will enter the nirvana. Since there are many such sites, programs that use the IP address (127.0.0.1) to later display an associated domain (007guard.com) might show invalid names, since there are many and its impossible to find the correct one. Usually, access to 127.0.0.1 would be legit "local" communication.
    Just remember, love is life, and hate is living death.
    Treat your life for what it's worth, and live for every breath
    (Black Sabbath: A National Acrobat)

  9. #9
    Junior Member IchBin's Avatar
    Join Date
    Sep 2007
    Posts
    3

    Default OK how do I change Host file without run in safe mode

    I understand and like what Spybot Search & Destroy is doing in my host file. Problem is I need to track the connected IPs to my machine. Why would they not make 127.0.0.1 localhost the first in the host list. I want to change to have it as the first entry. I tell it to not protect my host file, so I can change it, but I still can not modify it. I know that I can boot Windows 7 in safe mode and change it but:

    - Why can I not change the host file with out going in to safe mode (reboot twice) just to do this.
    - I have done this in the past but SS&D insists on modifying it back to there on list. I do not want this to happen if it is so hard to put the local host address as the first entry.

    Again I need to see the connected IP address via Windows 7 Resource Monitor.

    Just frustrating...

  10. #10
    Junior Member
    Join Date
    Nov 2010
    Posts
    1

    Default localhost on Windows 7

    Hi all,

    Sorry to contribute to this thread so late. I have found some information that might be relevant.

    On Windows 7, localhost resolution has been moved to the DNS. Therefore, it no longer appears as first line of the HOSTS file.
    http://serverfault.com/questions/468...dns-itself-why

    When you apply Spybot's Immunization on Windows 7, the first few lines of your HOSTS file are

    Code:
    # Copyright (c) 1993-2009 Microsoft Corp.
    #
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a '#' symbol.
    #
    # For example:
    #
    #      102.54.94.97     rhino.acme.com          # source server
    #       38.25.63.10     x.acme.com              # x client host
    
    # localhost name resolution is handled within DNS itself.
    #	127.0.0.1       localhost
    #	::1             localhost
    # Start of entries inserted by Spybot - Search & Destroy
    127.0.0.1	www.007guard.com
    127.0.0.1	007guard.com

    As you can see, the first uncommented line corresponds to www.007guards.com, which is what netstat displays.

    In order to avoid potential problems in the future, You should not add "localhost" as first uncommented line in your HOSTS file.

    But what you can do is add a custom line (the line in bold below) in your HOSTS file, like

    Code:
    # localhost name resolution is handled within DNS itself.
    #	127.0.0.1       localhost
    #	::1             localhost
    127.0.0.1       localhost_NAME_OF_MY_COMPUTER
    # Start of entries inserted by Spybot - Search & Destroy
    127.0.0.1	www.007guard.com
    By doing this, netstat will no longer display www.007guard.com.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •