Vraag & Antwoord

Beveiliging & privacy

Al het internet via www.007guard.com???

9 antwoorden
  • Hallo, Toevallig zag ik met Process Hacker de site www.007guard.com overal opduiken als ik naar de Netwerkactiviteiten van mijn pc kijk. Dat lijkt op spyware, maar ik kan niets vinden. Het zou ook aan de host file kunnen liggen als ik het een beetje begrijp, Spybot heb ik ook op mijn computer gehad en die doet wat preventieve aanvullingen in de host file. Maar klopt dat dan met wat de netwerk activiteiten laten zien? Zie hier het overzicht van Process Hacker, en alvast dank voor een reactie! Process Hacker 2.27 Windows NT 6.1 Service Pack 1 (64-bit) 5-3-2012 23:21:15 Name Local Address Local Port Remote Address Remote Port Protocol State Owner AppleMobileDeviceService.exe (1860) www.007guard.com 27015 TCP Listen Apple Mobile Device AppleMobileDeviceService.exe (1860) www.007guard.com 27015 www.007guard.com 49199 TCP Established Apple Mobile Device AppleMobileDeviceService.exe (1860) www.007guard.com 49155 www.007guard.com 5354 TCP Established Apple Mobile Device AppleMobileDeviceService.exe (1860) www.007guard.com 59707 UDP Apple Mobile Device AppleMobileDeviceService.exe (1860) www.007guard.com 59708 UDP Apple Mobile Device APSDaemon.exe (4664) www.007guard.com 51680 www.007guard.com 1110 TCP Established APSDaemon.exe (4664) www.007guard.com 61921 UDP APSDaemon.exe (4664) www.007guard.com 61922 UDP avp.exe (1888) Mike-PC 1110 TCP Listen AVP avp.exe (1888) www.007guard.com 1110 www.007guard.com 49218 TCP Established AVP avp.exe (1888) www.007guard.com 1110 www.007guard.com 51680 TCP Established AVP avp.exe (1888) Mike-PC.lokaal 49219 sjc-not16.sjc.dropbox.com 80 TCP Established AVP avp.exe (1888) Mike-PC.lokaal 51681 st11p01st-courier144-bz.push.apple.com 5223 TCP Established AVP avp.exe (1888) Mike-PC 1110 TCP6 Listen AVP daemonu.exe (2356) www.007guard.com 2559 TCP Listen nvUpdatusService daemonu.exe (2356) www.007guard.com 48000 UDP nvUpdatusService Dropbox.exe (5080) Mike-PC 17500 TCP Listen Dropbox.exe (5080) www.007guard.com 19872 www.007guard.com 49214 TCP Established Dropbox.exe (5080) www.007guard.com 49214 www.007guard.com 19872 TCP Established Dropbox.exe (5080) www.007guard.com 49218 www.007guard.com 1110 TCP Established Dropbox.exe (5080) Mike-PC 17500 UDP iTunesHelper.exe (5496) www.007guard.com 49199 www.007guard.com 27015 TCP Established iTunesHelper.exe (5496) www.007guard.com 56309 UDP iTunesHelper.exe (5496) www.007guard.com 56310 UDP lsass.exe (720) Mike-PC 49186 TCP Listen lsass.exe (720) Mike-PC 49186 TCP6 Listen mDNSResponder.exe (1968) www.007guard.com 5354 TCP Listen Bonjour Service mDNSResponder.exe (1968) www.007guard.com 5354 www.007guard.com 49155 TCP Established Bonjour Service mDNSResponder.exe (1968) Mike-PC.lokaal 5353 UDP Bonjour Service mDNSResponder.exe (1968) Mike-PC 59709 UDP Bonjour Service mDNSResponder.exe (1968) Mike-PC 5353 UDP6 Bonjour Service mDNSResponder.exe (1968) Mike-PC 59710 UDP6 Bonjour Service nvtray.exe (5620) www.007guard.com 48001 UDP OUTLOOK.EXE (2648) www.007guard.com 57918 UDP PnkBstrA.exe (1232) www.007guard.com 44301 UDP PnkBstrA services.exe (668) Mike-PC 49174 TCP Listen services.exe (668) Mike-PC 49174 TCP6 Listen sidebar.exe (4672) www.007guard.com 53549 UDP svchost.exe (1124) Mike-PC 3702 UDP EventSystem svchost.exe (1124) Mike-PC 49316 UDP EventSystem svchost.exe (1124) Mike-PC 49322 UDP EventSystem svchost.exe (1124) Mike-PC 54712 UDP EventSystem svchost.exe (1124) Mike-PC 3702 UDP6 EventSystem svchost.exe (1124) Mike-PC 49317 UDP6 EventSystem svchost.exe (1124) Mike-PC 49323 UDP6 EventSystem svchost.exe (1124) Mike-PC 54713 UDP6 EventSystem svchost.exe (1328) Mike-PC 5355 UDP Dnscache svchost.exe (1328) Mike-PC 5355 UDP6 Dnscache svchost.exe (3420) Mike-PC 49175 TCP Listen PolicyAgent svchost.exe (3420) Mike-PC 49175 TCP6 Listen PolicyAgent svchost.exe (460) Mike-PC 49153 TCP Listen eventlog svchost.exe (460) Mike-PC 49153 TCP6 Listen eventlog svchost.exe (5200) Mike-PC 3587 TCP6 Listen p2pimsvc svchost.exe (5200) Mike-PC 3540 UDP6 p2pimsvc svchost.exe (5684) www.007guard.com 1900 UDP SSDPSRV svchost.exe (5684) Mike-PC.lokaal 1900 UDP SSDPSRV svchost.exe (5684) Mike-PC 3702 UDP FDResPub svchost.exe (5684) Mike-PC 49314 UDP FDResPub svchost.exe (5684) Mike-PC.lokaal 49320 UDP SSDPSRV svchost.exe (5684) www.007guard.com 49321 UDP SSDPSRV svchost.exe (5684) Mike-PC 1900 UDP6 SSDPSRV svchost.exe (5684) Mike-PC.lokaal 1900 UDP6 SSDPSRV svchost.exe (5684) Mike-PC 3702 UDP6 FDResPub svchost.exe (5684) Mike-PC 49315 UDP6 FDResPub svchost.exe (5684) Mike-PC.lokaal 49318 UDP6 SSDPSRV svchost.exe (5684) Mike-PC 49319 UDP6 SSDPSRV svchost.exe (604) Mike-PC 49154 TCP Listen Schedule svchost.exe (604) Mike-PC 49154 TCP6 Listen Schedule svchost.exe (604) Mike-PC 500 UDP IKEEXT svchost.exe (604) Mike-PC 3544 UDP iphlpsvc svchost.exe (604) Mike-PC 4500 UDP IKEEXT svchost.exe (604) Mike-PC.lokaal 54354 UDP iphlpsvc svchost.exe (604) Mike-PC 500 UDP6 IKEEXT svchost.exe (604) Mike-PC 4500 UDP6 IKEEXT svchost.exe (972) Mike-PC 135 TCP Listen RpcSs svchost.exe (972) Mike-PC 135 TCP6 Listen RpcSs System (4) Mike-PC.lokaal 139 TCP Listen System (4) Mike-PC 445 TCP Listen System (4) Mike-PC 2869 TCP Listen System (4) Mike-PC 5357 TCP Listen System (4) Mike-PC 10243 TCP Listen System (4) Mike-PC 445 TCP6 Listen System (4) Mike-PC 2869 TCP6 Listen System (4) Mike-PC 5357 TCP6 Listen System (4) Mike-PC 10243 TCP6 Listen System (4) Mike-PC.lokaal 137 UDP System (4) Mike-PC.lokaal 138 UDP TeamViewer_Service.exe (2060) www.007guard.com 26467 TCP Listen TeamViewer6 TeamViewer_Service.exe (2060) www.007guard.com 49172 www.007guard.com 49173 TCP Established TeamViewer6 TeamViewer_Service.exe (2060) www.007guard.com 49173 www.007guard.com 49172 TCP Established TeamViewer6 TeamViewer_Service.exe (2100) www.007guard.com 24709 TCP Listen TeamViewer7 Waiting Connections www.007guard.com 1110 www.007guard.com 53332 TCP Time Wait Waiting Connections www.007guard.com 1110 www.007guard.com 53431 TCP Time Wait Waiting Connections www.007guard.com 1110 www.007guard.com 53440 TCP Time Wait Waiting Connections www.007guard.com 53416 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53417 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait Waiting Connections www.007guard.com 53438 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53439 ey-in-f102.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 1110 www.007guard.com 53411 TCP Time Wait Waiting Connections www.007guard.com 1110 www.007guard.com 53425 TCP Time Wait Waiting Connections www.007guard.com 1110 www.007guard.com 53429 TCP Time Wait Waiting Connections www.007guard.com 1110 www.007guard.com 53424 TCP Time Wait Waiting Connections www.007guard.com 1110 www.007guard.com 53427 TCP Time Wait Waiting Connections www.007guard.com 1110 www.007guard.com 53430 TCP Time Wait Waiting Connections www.007guard.com 53256 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53257 ey-in-f156.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53074 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53075 student.xml.services.ilse.nl 80 TCP Time Wait Waiting Connections www.007guard.com 53186 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53188 ey-in-f139.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53190 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53191 ey-in-f156.1e100.net 443 TCP Time Wait Waiting Connections www.007guard.com 53242 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53243 ey-in-f156.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53340 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53341 62.69.179.60 80 TCP Time Wait Waiting Connections www.007guard.com 53358 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53359 ey-in-f157.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53378 www.007guard.com 1110 TCP Time Wait Waiting Connections www.007guard.com 53379 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53380 ey-in-f157.1e100.net 80 TCP Time Wait Waiting Connections Mike-PC.lokaal 53381 ey-in-f157.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53382 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53383 ey-in-f147.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 52567 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 52568 62.69.177.200 80 TCP Time Wait Waiting Connections www.007guard.com 52644 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 52646 ey-in-f102.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53071 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53073 a92-122-216-240.deploy.akamaitechnologies.com 80 TCP Time Wait Waiting Connections www.007guard.com 53240 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53241 q-138.n-81.18.240.qore.nl 80 TCP Time Wait Waiting Connections www.007guard.com 53384 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53385 ey-in-f104.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53386 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53387 ey-in-f104.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53388 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53389 ee-in-f106.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53390 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53391 ey-in-f104.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53392 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53393 ey-in-f94.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53394 www.007guard.com 1110 TCP Time Wait Waiting Connections www.007guard.com 53395 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53396 ee-in-f94.1e100.net 80 TCP Time Wait Waiting Connections Mike-PC.lokaal 53397 ee-in-f94.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53398 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53399 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait Waiting Connections www.007guard.com 53400 www.007guard.com 1110 TCP Time Wait Waiting Connections www.007guard.com 53401 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53402 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait Waiting Connections Mike-PC.lokaal 53403 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait Waiting Connections www.007guard.com 53404 www.007guard.com 1110 TCP Time Wait Waiting Connections www.007guard.com 53405 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53406 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait Waiting Connections www.007guard.com 53407 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53408 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait Waiting Connections Mike-PC.lokaal 53409 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait Waiting Connections www.007guard.com 53410 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53412 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait Waiting Connections www.007guard.com 53413 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53415 host137.85-112-25.rev.eu.terremark.com 80 TCP Time Wait Waiting Connections www.007guard.com 53418 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53419 ee-in-f149.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53420 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53421 ee-in-f148.1e100.net 80 TCP Time Wait Waiting Connections www.007guard.com 53422 www.007guard.com 1110 TCP Time Wait Waiting Connections www.007guard.com 53436 www.007guard.com 1110 TCP Time Wait Waiting Connections Mike-PC.lokaal 53437 q-138.n-81.18.240.qore.nl 80 TCP Time Wait Waiting Connections www.007guard.com 53444 www.007guard.com 1110 TCP Time Wait wininit.exe (608) Mike-PC 49152 TCP Listen wininit.exe (608) Mike-PC 49152 TCP6 Listen wmpnetwk.exe (5404) Mike-PC 554 TCP Listen WMPNetworkSvc wmpnetwk.exe (5404) Mike-PC 554 TCP6 Listen WMPNetworkSvc wmpnetwk.exe (5404) Mike-PC 5004 UDP WMPNetworkSvc wmpnetwk.exe (5404) Mike-PC 5005 UDP WMPNetworkSvc wmpnetwk.exe (5404) Mike-PC 5004 UDP6 WMPNetworkSvc wmpnetwk.exe (5404) Mike-PC 5005 UDP6 WMPNetworkSvc
  • Update: In het logfile van HijackThis zag ik dit: # Start of entries inserted by Spybot - Search & Destroy 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com ...en de lijst gaat verder. Ik weet niet veel van netwerken (dat is duidelijk ;-)), maar ik denk dat er eigenlijk niks aan de hand is, omdat Spybot ooit in de hostfile deze toevoegingen heeft gedaan, die kennelijk bedoeld zijn om ervoor te zorgen dat bepaalde gevaarlijke websites nooit benaderd kunnen worden. Alleen lijkt het er in Proces Hacker wel erg op, alsof er juist wel met of via een gevaarlijke site (in dit geval www.007guard.com) de hele tijd gecommuniceerd wordt. Toch...?!? Ps: HitmanPro en MalwareBytes Anti malware vinden niets (die laatste gebruik ik sowieso regelmatig). Ik gebruik ook Spyware Blaster. [quote="Mike678"]Hallo, Toevallig zag ik met Process Hacker de site www.007guard.com overal opduiken als ik naar de Netwerkactiviteiten van mijn pc kijk. Dat lijkt op spyware, maar ik kan niets vinden. Het zou ook aan de host file kunnen liggen als ik het een beetje begrijp, Spybot heb ik ook op mijn computer gehad en die doet wat preventieve aanvullingen in de host file. Maar klopt dat dan met wat de netwerk activiteiten laten zien? Zie hier het overzicht van Process Hacker, en alvast dank voor een reactie! Process Hacker 2.27 Windows NT 6.1 Service Pack 1 (64-bit) 5-3-2012 23:21:15 Name Local Address Local Port Remote Address Remote Port Protocol State Owner AppleMobileDeviceService.exe (1860) www.007guard.com 27015 TCP Listen
  • Je hebt 007guard.com al in het Google-vakje gemikt?
  • [quote:483e74aa4f="Tirm"]Je hebt 007guard.com al in het Google-vakje gemikt?[/quote:483e74aa4f] Ja, heb ik, en op http://forums.spybot.info/showthread.php?t=20443 wel info erover gevonden. In 1e instantie geeft het forum van Spybot aan dat het inderdaad in de host file zit en er alleen maar lijkt of er connectie wordt gemaakt, maar dat is een 3 jaar oud bericht, en ook gaat Windows 7 anders met de host file om. De line 127.0.0.1 localhost die als eerste moet komen, wordt in Windows 7 in het DNS zelf gedaan. <- Deze zin gaat mij boven m'n pet ;-) Dus vraag ik graag aan de deskundigen of ik een risico loop, of niet. :D
  • En voor de volledigheid het log van HijackThis hier: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 0:33:31, on 6-3-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Safe mode with network support Running processes: D:\Downloads Firefox\HijackThis.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Tools\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\ProgramData\AVP11\sbhook.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - D:\Secunia\PSI\PSIA.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Tools\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Windows7FirewallService - Sphinx Software - D:\Security\Windows7FirewallControl\Windows7FirewallService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10986 bytes
  • Het is een bug van Spybot! Gebruik [b:647c8f8774]HostsXpert[/b:647c8f8774] om het probleem op te lossen! [b:647c8f8774]Download HostsXpert[/b:647c8f8774] [url=http://www.funkytoad.com/index.php?option=com_content&task=view&id=13][b:647c8f8774]hier[/b:647c8f8774][/url] [b:647c8f8774]HostEpert gebruiken[/b:647c8f8774]: [list:647c8f8774][*:647c8f8774]Windows 2000 en Windows XP: open de map "HostExpert" en dubbelklik op [b:647c8f8774]Hoster.exe[/b:647c8f8774]. [*:647c8f8774]Windows Vista en Windows 7: open de map "HostExpert" en start [b:647c8f8774]Hoster.exe[/b:647c8f8774] middels rechtsklik daarop waarbij jij kiest voor [b:647c8f8774]Als Administrator uitvoeren[/b:647c8f8774].[/list:u:647c8f8774] [list:647c8f8774][*:647c8f8774]Klik nu op de knop [b:647c8f8774]Make Writeable?[/b:647c8f8774] [list:647c8f8774][*:647c8f8774]Indien je enkel een [b:647c8f8774]Make Read-Only selection[/b:647c8f8774] ziet, dan is het herschrijven al aktief.[/list:u:647c8f8774] [*:647c8f8774]Klik nu eerst op de knop [b:647c8f8774]Restore Microsofts Original Hosts File[/b:647c8f8774]. [*:647c8f8774]Klik vervolgens op de knop [b:647c8f8774]OK[/b:647c8f8774] en sluit dan het het programma.[/list:u:647c8f8774]
  • Abraham, ik heb met XP geen last van die luistervink maar omdat ik vroeger Spybot heb gebruikt, staat er nog een grote hoeveelheid regels in de "Host" Na de voorbeeldregels zie je 127.0.0.1 localhost # Start of entries inserted by Spybot - Search & Destroy 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com enz enz enz Kan ik die zooi laten staan, geeft het nog enige bescherming, of is het beter om het met jouw tip op te ruimen?
  • Hallo Tim, je kan die vermeldingen, die Spybot erin heeft gezet gewoon verwijderen. Want uptodate kan je dat niet meer noemen. Verder raad ik aan naar http://winhelp2002.mvps.org/hosts.txt te gaan en het geheel daar via CTRL+A te selekteren via CTRL+C te kopieren. Plak vervolgens het geheel onder de MS vermeldingen in de hostfile erbij en kies voor opslaan. Daarmee wordt het surfen dan weer beschermd aan de hand van een aktuele lijst. Deze lijst op mvps.org wordt maandelijks vernieuwd! [color=#0000FF:ddfbca874a][b:ddfbca874a]Opmerkingen[/b:ddfbca874a][/color:ddfbca874a] 1) Wordt Avira gebruikt - dan eerst Avira deaktiveren. [b:ddfbca874a]Avira bewaakt namelijk de hostfile tegen veranderingen[/b:ddfbca874a]. 2) Wordt Windows Vista of Windows 7 gebruikt, dan laat de hostfile zich niet zomaar veranderen. [color=#008000:ddfbca874a][b:ddfbca874a]Hostfile in Windows Vista en Windows 7 veranderen.[/b:ddfbca874a][/color:ddfbca874a] [list:ddfbca874a][*:ddfbca874a]Start [color=#0000FF:ddfbca874a][b:ddfbca874a]Kladblok/Notepad[/b:ddfbca874a][/color:ddfbca874a] met [color=#0000FF:ddfbca874a][b:ddfbca874a]administratorrechten[/b:ddfbca874a][/color:ddfbca874a] op. [*:ddfbca874a]Klik op [color=#0000FF:ddfbca874a][b:ddfbca874a]Bestand[/b:ddfbca874a][/color:ddfbca874a] en vervolgens op [color=#0000FF:ddfbca874a][b:ddfbca874a]Openen[/b:ddfbca874a][/color:ddfbca874a]. [*:ddfbca874a]Verander nu eerst rechtsonder de instelling van [color=#0000FF:ddfbca874a][b:ddfbca874a]Tekstdocumenten (*.txt)[/b:ddfbca874a][/color:ddfbca874a] naar [color=#0000FF:ddfbca874a][b:ddfbca874a]Alle bestanden (*.*)[/b:ddfbca874a][/color:ddfbca874a]. [*:ddfbca874a]Vervolgens navigeer je naar [color=#0000FF:ddfbca874a][b:ddfbca874a]C:\Windows\System32\drivers\etc[/b:ddfbca874a][/color:ddfbca874a] en klik je op [color=#0000FF:ddfbca874a][b:ddfbca874a]hosts[/b:ddfbca874a][/color:ddfbca874a]. [*:ddfbca874a]De inhoud van de hostfile staat nu in het kladblokvenster en mag/kan je de hostfile aanpassen. [*:ddfbca874a]Ben je klaar met aanpassen, dan klik je weer op [color=#0000FF:ddfbca874a][b:ddfbca874a]Bestand[/b:ddfbca874a][/color:ddfbca874a] en kies je voor [color=#0000FF:ddfbca874a][b:ddfbca874a]Opslaan[/b:ddfbca874a][/color:ddfbca874a].[/list:u:ddfbca874a]
  • Dat is gelukt, bedankt. Ik heb XP met Avast. Het Hosts-bestand heb ik botweg vervangen door de "MVPS HOSTS file". De extensie .txt moest van het in kladblok gewijzigde Hosts-bestand worden verwijderd en de Eigenschappen moesten op Alleen lezen. Als ik nu in FF een van die url's tik, krijg ik dit te zien Unable to connect Firefox can't establish a connection to the server at ad2.doubleclick.net. met nog wat tekstregels. Werkt dat zo goed? Is dat de bedoeling zo?

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.