Author Topic: www.007guard.com  (Read 8378 times)

0 Members and 1 Guest are viewing this topic.

Offline Muni70

  • Newbie
  • *
  • Posts: 2
www.007guard.com
« on: December 23, 2008, 12:13:40 PM »
Hi! when I run AgentNetstat I see: remote adress hxxp://www.007guard.com conected. I would like to know how can I kill this malware.

I tryed: ccleaner, shutdown system restore, start in safe mode, run malwarebytes, ccleaner again, restart and antivirus online...
But nothing 007guard is still there. ???
I have the free avast home version.
Thank you a lot.
« Last Edit: December 23, 2008, 03:36:27 PM by kubecj »

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 65867
Re: www.007guard.com
« Reply #1 on: December 23, 2008, 12:20:35 PM »
I suggest:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
6. Disable System Restore and then reenable it again.
7. Immunize your system with SpywareBlaster.
8. Check if you have insecure applications with Secunia Software Inspector.

The best things in life are free.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4860
  • I'm a GNU
    • Don't Surf in the Nude!
Re: www.007guard.com
« Reply #2 on: December 23, 2008, 12:54:52 PM »
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline Muni70

  • Newbie
  • *
  • Posts: 2
Re: www.007guard.com
« Reply #3 on: December 23, 2008, 01:56:15 PM »

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 71847
  • No support PMs thanks
Re: wXw.007guard.com
« Reply #4 on: December 23, 2008, 03:10:54 PM »
Can you please modify your first post and edit the URL so it isn't active to avoid accidental exposure. Change the www for wXw, e.g. wXw.007guard.com
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2015 10.2.2218 R2-SP2/ Outpost Firewall Pro9.1/ Firefox 38.0.1, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.1.6/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security