007guard: What is it, is it dangerous, and can it be removed?

virus-removal malware-removal

Solution 1:

I'm pretty sure I know what's going on, and it's Spybot that did it to you (sort of).

Spybot put entries in your Hosts file, but removed the usual default localhost entry (or it is missing for some other reason).

"007guard.com" happens to be alphabetically first, so it was inserted at the top of the list.

When a process does a reverse lookup for the 127.0.0.1 loopback's name (which happens frequently for many different, benign reasons), it will return the first matching record for 127.0.0.1 found in the Hosts file.

Normally it would get localhost back as the name, because by default it's the first entry in the Hosts file, but it's not in yours, 007guard.com is.

0007guard.com, whatever malicious thing it was, is long gone but Spybot still ads the entry to Hosts, and you're just seeing references to the blocked domain because your loopback address' (127.0.0.1) name is resolving incorrectly.

So opening your Hosts file and adding 127.0.0.1 localhost above all other entries should fix the trouble you're having.

Related

Remotely accessing OSX Lion from Windows in a sane manner
Triple vs. Dual Channel with 6 sticks of memory
Windows 10 Start Menu Critical Error
How to force redownload with wget?
How could Google Latitude find my exact PC location with no GPS or public WiFi?
Can I extend my taskbar across multiple monitors in Windows 8?
X11 forwarding - grab windows of programs already running
Move emails from from Deleted Items back to their orginal folders
Split MPEG video from command line?
Is it possible to choose which OS will be loaded using a hardware switch?
How to connect this laptop SATA HDD to regular desktop SATA cable?
3GB of RAM showing up as 2GB