Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Al het internet via www.007guard.com???

Abraham54
9 antwoorden
  • Hallo,

    Toevallig zag ik met Process Hacker de site www.007guard.com overal opduiken als ik naar de Netwerkactiviteiten van mijn pc kijk. Dat lijkt op spyware, maar ik kan niets vinden. Het zou ook aan de host file kunnen liggen als ik het een beetje begrijp, Spybot heb ik ook op mijn computer gehad en die doet wat preventieve aanvullingen in de host file.

    Maar klopt dat dan met wat de netwerk activiteiten laten zien? Zie hier het overzicht van Process Hacker, en alvast dank voor een reactie!


    Process Hacker 2.27
    Windows NT 6.1 Service Pack 1 (64-bit)
    5-3-2012 23:21:15

    Name Local Address Local Port Remote Address Remote Port Protocol State Owner
    AppleMobileDeviceService.exe (1860) www.007guard.com 27015 TCP Listen Apple Mobile Device
    AppleMobileDeviceService.exe (1860) www.007guard.com 27015 www.007guard.com 49199 TCP Established Apple Mobile Device
    AppleMobileDeviceService.exe (1860) www.007guard.com 49155 www.007guard.com 5354 TCP Established Apple Mobile Device
    AppleMobileDeviceService.exe (1860) www.007guard.com 59707 UDP Apple Mobile Device
    AppleMobileDeviceService.exe (1860) www.007guard.com 59708 UDP Apple Mobile Device
    APSDaemon.exe (4664) www.007guard.com 51680 www.007guard.com 1110 TCP Established
    APSDaemon.exe (4664) www.007guard.com 61921 UDP
    APSDaemon.exe (4664) www.007guard.com 61922 UDP
    avp.exe (1888) Mike-PC 1110 TCP Listen AVP
    avp.exe (1888) www.007guard.com 1110 www.007guard.com 49218 TCP Established AVP
    avp.exe (1888) www.007guard.com 1110 www.007guard.com 51680 TCP Established AVP
    avp.exe (1888) Mike-PC.lokaal 49219 sjc-not16.sjc.dropbox.com 80 TCP Established AVP
    avp.exe (1888) Mike-PC.lokaal 51681 st11p01st-courier144-bz.push.apple.com 5223 TCP Established AVP
    avp.exe (1888) Mike-PC 1110 TCP6 Listen AVP
    daemonu.exe (2356) www.007guard.com 2559 TCP Listen nvUpdatusService
    daemonu.exe (2356) www.007guard.com 48000 UDP nvUpdatusService
    Dropbox.exe (5080) Mike-PC 17500 TCP Listen
    Dropbox.exe (5080) www.007guard.com 19872 www.007guard.com 49214 TCP Established
    Dropbox.exe (5080) www.007guard.com 49214 www.007guard.com 19872 TCP Established
    Dropbox.exe (5080) www.007guard.com 49218 www.007guard.com 1110 TCP Established
    Dropbox.exe (5080) Mike-PC 17500 UDP
    iTunesHelper.exe (5496) www.007guard.com 49199 www.007guard.com 27015 TCP Established
    iTunesHelper.exe (5496) www.007guard.com 56309 UDP
    iTunesHelper.exe (5496) www.007guard.com 56310 UDP
    lsass.exe (720) Mike-PC 49186 TCP Listen
    lsass.exe (720) Mike-PC 49186 TCP6 Listen
    mDNSResponder.exe (1968) www.007guard.com 5354 TCP Listen Bonjour Service
    mDNSResponder.exe (1968) www.007guard.com 5354 www.007guard.com 49155 TCP Established Bonjour Service
    mDNSResponder.exe (1968) Mike-PC.lokaal 5353 UDP Bonjour Service
    mDNSResponder.exe (1968) Mike-PC 59709 UDP Bonjour Service
    mDNSResponder.exe (1968) Mike-PC 5353 UDP6 Bonjour Service
    mDNSResponder.exe (1968) Mike-PC 59710 UDP6 Bonjour Service
    nvtray.exe (5620) www.007guard.com 48001 UDP
    OUTLOOK.EXE (2648) www.007guard.com 57918 UDP
    PnkBstrA.exe (1232) www.007guard.com 44301 UDP PnkBstrA
    services.exe (668) Mike-PC 49174 TCP Listen
    services.exe (668) Mike-PC 49174 TCP6 Listen
    sidebar.exe (4672) www.007guard.com 53549 UDP
    svchost.exe (1124) Mike-PC 3702 UDP EventSystem
    svchost.exe (1124) Mike-PC 49316 UDP EventSystem
    svchost.exe (1124) Mike-PC 49322 UDP EventSystem
    svchost.exe (1124) Mike-PC 54712 UDP EventSystem
    svchost.exe (1124) Mike-PC 3702 UDP6 EventSystem
    svchost.exe (1124) Mike-PC 49317 UDP6 EventSystem
    svchost.exe (1124) Mike-PC 49323 UDP6 EventSystem
    svchost.exe (1124) Mike-PC 54713 UDP6 EventSystem
    svchost.exe (1328) Mike-PC 5355 UDP Dnscache
    svchost.exe (1328) Mike-PC 5355 UDP6 Dnscache
    svchost.exe (3420) Mike-PC 49175 TCP Listen PolicyAgent
    svchost.exe (3420) Mike-PC 49175 TCP6 Listen PolicyAgent
    svchost.exe (460) Mike-PC 49153 TCP Listen eventlog
    svchost.exe (460) Mike-PC 49153 TCP6 Listen eventlog
    svchost.exe (5200) Mike-PC 3587 TCP6 Listen p2pimsvc
    svchost.exe (5200) Mike-PC 3540 UDP6 p2pimsvc
    svchost.exe (5684) www.007guard.com 1900 UDP SSDPSRV
    svchost.exe (5684) Mike-PC.lokaal 1900 UDP SSDPSRV
    svchost.exe (5684) Mike-PC 3702 UDP FDResPub
    svchost.exe (5684) Mike-PC 49314 UDP FDResPub
    svchost.exe (5684) Mike-PC.lokaal 49320 UDP SSDPSRV
    svchost.exe (5684) www.007guard.com 49321 UDP SSDPSRV
    svchost.exe (5684) Mike-PC 1900 UDP6 SSDPSRV
    svchost.exe (5684) Mike-PC.lokaal 1900 UDP6 SSDPSRV
    svchost.exe (5684) Mike-PC 3702 UDP6 FDResPub
    svchost.exe (5684) Mike-PC 49315 UDP6 FDResPub
    svchost.exe (5684) Mike-PC.lokaal 49318 UDP6 SSDPSRV
    svchost.exe (5684) Mike-PC 49319 UDP6 SSDPSRV
    svchost.exe (604) Mike-PC 49154 TCP Listen Schedule
    svchost.exe (604) Mike-PC 49154 TCP6 Listen Schedule
    svchost.exe (604) Mike-PC 500 UDP IKEEXT
    svchost.exe (604) Mike-PC 3544 UDP iphlpsvc
    svchost.exe (604) Mike-PC 4500 UDP IKEEXT
    svchost.exe (604) Mike-PC.lokaal 54354 UDP iphlpsvc
    svchost.exe (604) Mike-PC 500 UDP6 IKEEXT
    svchost.exe (604) Mike-PC 4500 UDP6 IKEEXT
    svchost.exe (972) Mike-PC 135 TCP Listen RpcSs
    svchost.exe (972) Mike-PC 135 TCP6 Listen RpcSs
    System (4) Mike-PC.lokaal 139 TCP Listen
    System (4) Mike-PC 445 TCP Listen
    System (4) Mike-PC 2869 TCP Listen
    System (4) Mike-PC 5357 TCP Listen
    System (4) Mike-PC 10243 TCP Listen
    System (4) Mike-PC 445 TCP6 Listen
    System (4) Mike-PC 2869 TCP6 Listen
    System (4) Mike-PC 5357 TCP6 Listen
    System (4) Mike-PC 10243 TCP6 Listen
    System (4) Mike-PC.lokaal 137 UDP
    System (4) Mike-PC.lokaal 138 UDP
    TeamViewer_Service.exe (2060) www.007guard.com 26467 TCP Listen TeamViewer6
    TeamViewer_Service.exe (2060) www.007guard.com 49172 www.007guard.com 49173 TCP Established TeamViewer6
    TeamViewer_Service.exe (2060) www.007guard.com 49173 www.007guard.com 49172 TCP Established TeamViewer6
    TeamViewer_Service.exe (2100) www.007guard.com 24709 TCP Listen TeamViewer7
    Waiting Connections www.007guard.com 1110 www.007guard.com 53332 TCP Time Wait
    Waiting Connections www.007guard.com 1110 www.007guard.com 53431 TCP Time Wait
    Waiting Connections www.007guard.com 1110 www.007guard.com 53440 TCP Time Wait
    Waiting Connections www.007guard.com 53416 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53417 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait
    Waiting Connections www.007guard.com 53438 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53439 ey-in-f102.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 1110 www.007guard.com 53411 TCP Time Wait
    Waiting Connections www.007guard.com 1110 www.007guard.com 53425 TCP Time Wait
    Waiting Connections www.007guard.com 1110 www.007guard.com 53429 TCP Time Wait
    Waiting Connections www.007guard.com 1110 www.007guard.com 53424 TCP Time Wait
    Waiting Connections www.007guard.com 1110 www.007guard.com 53427 TCP Time Wait
    Waiting Connections www.007guard.com 1110 www.007guard.com 53430 TCP Time Wait
    Waiting Connections www.007guard.com 53256 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53257 ey-in-f156.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53074 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53075 student.xml.services.ilse.nl 80 TCP Time Wait
    Waiting Connections www.007guard.com 53186 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53188 ey-in-f139.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53190 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53191 ey-in-f156.1e100.net 443 TCP Time Wait
    Waiting Connections www.007guard.com 53242 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53243 ey-in-f156.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53340 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53341 62.69.179.60 80 TCP Time Wait
    Waiting Connections www.007guard.com 53358 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53359 ey-in-f157.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53378 www.007guard.com 1110 TCP Time Wait
    Waiting Connections www.007guard.com 53379 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53380 ey-in-f157.1e100.net 80 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53381 ey-in-f157.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53382 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53383 ey-in-f147.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 52567 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 52568 62.69.177.200 80 TCP Time Wait
    Waiting Connections www.007guard.com 52644 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 52646 ey-in-f102.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53071 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53073 a92-122-216-240.deploy.akamaitechnologies.com 80 TCP Time Wait
    Waiting Connections www.007guard.com 53240 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53241 q-138.n-81.18.240.qore.nl 80 TCP Time Wait
    Waiting Connections www.007guard.com 53384 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53385 ey-in-f104.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53386 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53387 ey-in-f104.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53388 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53389 ee-in-f106.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53390 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53391 ey-in-f104.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53392 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53393 ey-in-f94.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53394 www.007guard.com 1110 TCP Time Wait
    Waiting Connections www.007guard.com 53395 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53396 ee-in-f94.1e100.net 80 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53397 ee-in-f94.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53398 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53399 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait
    Waiting Connections www.007guard.com 53400 www.007guard.com 1110 TCP Time Wait
    Waiting Connections www.007guard.com 53401 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53402 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53403 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait
    Waiting Connections www.007guard.com 53404 www.007guard.com 1110 TCP Time Wait
    Waiting Connections www.007guard.com 53405 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53406 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait
    Waiting Connections www.007guard.com 53407 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53408 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53409 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait
    Waiting Connections www.007guard.com 53410 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53412 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait
    Waiting Connections www.007guard.com 53413 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53415 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait
    Waiting Connections www.007guard.com 53418 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53419 ee-in-f149.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53420 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53421 ee-in-f148.1e100.net 80 TCP Time Wait
    Waiting Connections www.007guard.com 53422 www.007guard.com 1110 TCP Time Wait
    Waiting Connections www.007guard.com 53436 www.007guard.com 1110 TCP Time Wait
    Waiting Connections Mike-PC.lokaal 53437 q-138.n-81.18.240.qore.nl 80 TCP Time Wait
    Waiting Connections www.007guard.com 53444 www.007guard.com 1110 TCP Time Wait
    wininit.exe (608) Mike-PC 49152 TCP Listen
    wininit.exe (608) Mike-PC 49152 TCP6 Listen
    wmpnetwk.exe (5404) Mike-PC 554 TCP Listen WMPNetworkSvc
    wmpnetwk.exe (5404) Mike-PC 554 TCP6 Listen WMPNetworkSvc
    wmpnetwk.exe (5404) Mike-PC 5004 UDP WMPNetworkSvc
    wmpnetwk.exe (5404) Mike-PC 5005 UDP WMPNetworkSvc
    wmpnetwk.exe (5404) Mike-PC 5004 UDP6 WMPNetworkSvc
    wmpnetwk.exe (5404) Mike-PC 5005 UDP6 WMPNetworkSvc
  • Update: In het logfile van HijackThis zag ik dit:

    # Start of entries inserted by Spybot - Search & Destroy
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com

    …en de lijst gaat verder. Ik weet niet veel van netwerken (dat is duidelijk ;-)), maar ik denk dat er eigenlijk niks aan de hand is, omdat Spybot ooit in de hostfile deze toevoegingen heeft gedaan, die kennelijk bedoeld zijn om ervoor te zorgen dat bepaalde gevaarlijke websites nooit benaderd kunnen worden.

    Alleen lijkt het er in Proces Hacker wel erg op, alsof er juist wel met of via een gevaarlijke site (in dit geval www.007guard.com) de hele tijd gecommuniceerd wordt.

    Toch…?!?


    Ps: HitmanPro en MalwareBytes Anti malware vinden niets (die laatste gebruik ik sowieso regelmatig). Ik gebruik ook Spyware Blaster.


    Hallo,

    Toevallig zag ik met Process Hacker de site www.007guard.com overal opduiken als ik naar de Netwerkactiviteiten van mijn pc kijk. Dat lijkt op spyware, maar ik kan niets vinden. Het zou ook aan de host file kunnen liggen als ik het een beetje begrijp, Spybot heb ik ook op mijn computer gehad en die doet wat preventieve aanvullingen in de host file.

    Maar klopt dat dan met wat de netwerk activiteiten laten zien? Zie hier het overzicht van Process Hacker, en alvast dank voor een reactie!


    Process Hacker 2.27
    Windows NT 6.1 Service Pack 1 (64-bit)
    5-3-2012 23:21:15

    Name Local Address Local Port Remote Address Remote Port Protocol State Owner
    AppleMobileDeviceService.exe (1860) www.007guard.com 27015 TCP Listen
  • Je hebt 007guard.com al in het Google-vakje gemikt?
  • [quote:483e74aa4f="Tirm"]Je hebt 007guard.com al in het Google-vakje gemikt?[/quote:483e74aa4f]

    Ja, heb ik, en op http://forums.spybot.info/showthread.php?t=20443 wel info erover gevonden. In 1e instantie geeft het forum van Spybot aan dat het inderdaad in de host file zit en er alleen maar lijkt of er connectie wordt gemaakt, maar dat is een 3 jaar oud bericht, en ook gaat Windows 7 anders met de host file om. De line 127.0.0.1 localhost die als eerste moet komen, wordt in Windows 7 in het DNS zelf gedaan. <- Deze zin gaat mij boven m'n pet ;-)

    Dus vraag ik graag aan de deskundigen of ik een risico loop, of niet. :D
  • En voor de volledigheid het log van HijackThis hier:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 0:33:31, on 6-3-2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Safe mode with network support

    Running processes:
    D:\Downloads Firefox\HijackThis.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
    O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Tools\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
    O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user')
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\ProgramData\AVP11\sbhook.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32
    vvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Secunia PSI Agent - Secunia - D:\Secunia\PSI\PSIA.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision
    vSCPAPISvr.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Tools\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: Windows7FirewallService - Sphinx Software - D:\Security\Windows7FirewallControl\Windows7FirewallService.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 10986 bytes
  • Het is een bug van Spybot!

    Gebruik [b:647c8f8774]HostsXpert[/b:647c8f8774] om het probleem op te lossen!

    [b:647c8f8774]Download HostsXpert[/b:647c8f8774] [b:647c8f8774]hier[/b:647c8f8774]
    [b:647c8f8774]HostEpert gebruiken[/b:647c8f8774]:

    [list:647c8f8774][*:647c8f8774]Windows 2000 en Windows XP: open de map "HostExpert" en dubbelklik op [b:647c8f8774]Hoster.exe[/b:647c8f8774].
    [*:647c8f8774]Windows Vista en Windows 7: open de map "HostExpert" en start [b:647c8f8774]Hoster.exe[/b:647c8f8774] middels rechtsklik daarop waarbij jij kiest voor [b:647c8f8774]Als Administrator uitvoeren[/b:647c8f8774].[/list:u:647c8f8774]
    [list:647c8f8774][*:647c8f8774]Klik nu op de knop [b:647c8f8774]Make Writeable?[/b:647c8f8774]
    [list:647c8f8774][*:647c8f8774]Indien je enkel een [b:647c8f8774]Make Read-Only selection[/b:647c8f8774] ziet, dan is het herschrijven al aktief.[/list:u:647c8f8774]
    [*:647c8f8774]Klik nu eerst op de knop [b:647c8f8774]Restore Microsofts Original Hosts File[/b:647c8f8774].
    [*:647c8f8774]Klik vervolgens op de knop [b:647c8f8774]OK[/b:647c8f8774] en sluit dan het het programma.[/list:u:647c8f8774]
  • Abraham, ik heb met XP geen last van die luistervink maar omdat ik vroeger Spybot heb gebruikt, staat er nog een grote hoeveelheid regels in de "Host"
    Na de voorbeeldregels zie je

    127.0.0.1 localhost
    # Start of entries inserted by Spybot - Search & Destroy
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    enz enz enz

    Kan ik die zooi laten staan, geeft het nog enige bescherming, of is het beter om het met jouw tip op te ruimen?
  • Hallo Tim, je kan die vermeldingen, die Spybot erin heeft gezet gewoon verwijderen.
    Want uptodate kan je dat niet meer noemen.

    Verder raad ik aan naar http://winhelp2002.mvps.org/hosts.txt te gaan en het geheel daar via CTRL+A te selekteren via CTRL+C te kopieren.

    Plak vervolgens het geheel onder de MS vermeldingen in de hostfile erbij en kies voor opslaan.
    Daarmee wordt het surfen dan weer beschermd aan de hand van een aktuele lijst.
    Deze lijst op mvps.org wordt maandelijks vernieuwd!

    [b:ddfbca874a]Opmerkingen[/b:ddfbca874a][/color:ddfbca874a]
    1) Wordt Avira gebruikt - dan eerst Avira deaktiveren.
    [b:ddfbca874a]Avira bewaakt namelijk de hostfile tegen veranderingen[/b:ddfbca874a].

    2) Wordt Windows Vista of Windows 7 gebruikt, dan laat de hostfile zich niet zomaar veranderen.

    [b:ddfbca874a]Hostfile in Windows Vista en Windows 7 veranderen.[/b:ddfbca874a][/color:ddfbca874a]
    [list:ddfbca874a][*:ddfbca874a]Start [b:ddfbca874a]Kladblok/Notepad[/b:ddfbca874a][/color:ddfbca874a] met [b:ddfbca874a]administratorrechten[/b:ddfbca874a][/color:ddfbca874a] op.
    [*:ddfbca874a]Klik op [b:ddfbca874a]Bestand[/b:ddfbca874a][/color:ddfbca874a] en vervolgens op [b:ddfbca874a]Openen[/b:ddfbca874a][/color:ddfbca874a].
    [*:ddfbca874a]Verander nu eerst rechtsonder de instelling van [b:ddfbca874a]Tekstdocumenten (*.txt)[/b:ddfbca874a][/color:ddfbca874a] naar [b:ddfbca874a]Alle bestanden (*.*)[/b:ddfbca874a][/color:ddfbca874a].
    [*:ddfbca874a]Vervolgens navigeer je naar [b:ddfbca874a]C:\Windows\System32\drivers\etc[/b:ddfbca874a][/color:ddfbca874a] en klik je op [b:ddfbca874a]hosts[/b:ddfbca874a][/color:ddfbca874a].
    [*:ddfbca874a]De inhoud van de hostfile staat nu in het kladblokvenster en mag/kan je de hostfile aanpassen.
    [*:ddfbca874a]Ben je klaar met aanpassen, dan klik je weer op [b:ddfbca874a]Bestand[/b:ddfbca874a][/color:ddfbca874a] en kies je voor [b:ddfbca874a]Opslaan[/b:ddfbca874a][/color:ddfbca874a].[/list:u:ddfbca874a]
  • Dat is gelukt, bedankt. Ik heb XP met Avast. Het Hosts-bestand heb ik botweg vervangen door de "MVPS HOSTS file". De extensie .txt moest van het in kladblok gewijzigde Hosts-bestand worden verwijderd en de Eigenschappen moesten op Alleen lezen.
    Als ik nu in FF een van die url's tik, krijg ik dit te zien
    Unable to connect
    Firefox can't establish a connection to the server at ad2.doubleclick.net.
    met nog wat tekstregels.

    Werkt dat zo goed? Is dat de bedoeling zo?

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.