A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » Performance and Maintainance of XP
Reload this Page Security Warning
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Security Warning


« Previous Thread | Next Thread »

 
 
Thread Tools Display Modes
  #1  
Old March 17th 08, 09:06 PM posted to microsoft.public.windowsxp.perform_maintain
Bob Griendling
external usenet poster
  
Posts: 3
Default Security Warning
It may be coincidental, but about the time I downloaded an upgraded Spybot
program, I began to get a Security Warning that oftens reads something like
this:

"The current Web page is trying to open a site on the Internet. Do you want
to allow this?

Current site: ad.yieldmanager.com

Internet site: C:\Windows\system32\shdoclc.dll



Warning: allowing this can expose your computer to security risks. If you
don't trust the current Web page, choose no."

Here is my hijack this log, if it helps. Any suggestions are welcome.

Bob
================================================== =
Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 4:52:06 PM, on 3/17/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal



Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Dell\Media Experience\PCMService.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\WINDOWS\system32\PDesk\PDesk.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\DPS\EzBackup\EzBackupStartupMonitor.exe

C:\Program Files\Google\Google Updater\GoogleUpdater.exe

C:\Program Files\Microsoft Office\Office\1033\msoffice.exe

C:\Program Files\DPS\EzBackup\EzBackup.exe

C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe

C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\WINDOWS\system32\mgabg.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\ups.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\Program Files\DPS\EzBackup\DPS_OneButton.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Microsoft Office\Office\outlook.exe

C:\Program Files\Common Files\System\MAPI\1033\nt\MAPISP32.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Quote.com\QCharts 5.1\QCharts.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Microsoft Office\Office\WINWORD.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/mywaybiz

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://cm.my.yahoo.com/?.src=fp

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.dell4me.com/mywaybiz

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.hackerwatch.org/library/a...D7D46C59AD7112

O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection -
{53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} -
C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\2.1.615.5858\sw g.dll

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media
Experience\PCMService.exe"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\system32\PDesk\PDesk.exe
/Autolaunch

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common
Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support
Center\gs_agent\custom\dsca.exe"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe"
/startup

O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support
Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
/RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
/RUNONCE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
/RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
/RUNONCE (User 'Default user')

O4 - Startup: Check for ContinuumClient Updates.lnk = C:\Program
Files\Quote.com\ContinuumClient\WiseUpdt.exe

O4 - Startup: Check for QCharts Updates.lnk = C:\Program
Files\Quote.com\QCharts 5.1\WiseUpdt.exe

O4 - Global Startup: APC UPS Status.lnk = ?

O4 - Global Startup: EzBackup Monitor.lnk = C:\Program
Files\DPS\EzBackup\EzBackupStartupMonitor.exe

O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google
Updater\GoogleUpdater.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program
Files\AIM\aim.exe

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: MUSICMATCH MX Web Player -
{d81ca86b-ef63-42af-bee3-4502d9a03c2d} -
http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe

O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) -
http://leg3.state.va.us/qp2.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {3BA3B159-7533-4F96-A2CE-EE5894BBD3D5} (Scanner.SysScanner) -
http://i.dell.com/images/global/js/s...SYSSCANNER.cab

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) -
http://ipgweb.cce.hp.com/rdqnbk/downloads/sysinfo.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsof...?1124031960359

O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) -
http://www.crucial.com/controls/cpcScanner.cab

O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer
Control) - http://www.sbe.state.va.us/viewer/ac...ivexviewer.cab

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) -
https://optionsxpressevents.webex.co...ex/ieatgpc.cab

O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} -
http://download.abacast.com/download...basetup162.cab

O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) -
http://207.190.197.68/webmap/Acgm.cab

O16 - DPF: {FFFFFFFF-CAFE-BABE-BABE-00AA0055595A} -
http://www.networksolutionsemailpopw...ueSwitchEC.exe

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program
Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: APC UPS Service - American Power Conversion Corporation -
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common
Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program
Files\DellSupport\brkrsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common
Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program
Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common
Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: MGABGEXE - Matrox Graphics Inc. -
C:\WINDOWS\system32\mgabg.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter)
(sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell
Support Center\bin\sprtsvc.exe



--

End of file - 10363 bytes
Ads
  #2  
Old March 18th 08, 07:47 PM posted to microsoft.public.windowsxp.perform_maintain
smlunatick
external usenet poster
  
Posts: 4,866
Default Security Warning
On Mar 17, 4:06*pm, "Bob Griendling" wrote:
It may be coincidental, but about the time I downloaded an upgraded Spybot
program, I began to get a Security Warning that oftens reads something like
this:

"The current Web page is trying to open a site on the Internet. Do you want
to allow this?

Current site: *ad.yieldmanager.com

Internet site: C:\Windows\system32\shdoclc.dll

Warning: allowing this can expose your computer to security risks. If you
don't trust the current Web page, choose no."

Here is my hijack this log, if it helps. *Any suggestions are welcome.

Bob
================================================== =
Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 4:52:06 PM, on 3/17/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Dell\Media Experience\PCMService.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\WINDOWS\system32\PDesk\PDesk.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\DPS\EzBackup\EzBackupStartupMonitor.exe

C:\Program Files\Google\Google Updater\GoogleUpdater.exe

C:\Program Files\Microsoft Office\Office\1033\msoffice.exe

C:\Program Files\DPS\EzBackup\EzBackup.exe

C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe

C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\WINDOWS\system32\mgabg.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\ups.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\Program Files\DPS\EzBackup\DPS_OneButton.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Microsoft Office\Office\outlook.exe

C:\Program Files\Common Files\System\MAPI\1033\nt\MAPISP32.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Quote.com\QCharts 5.1\QCharts.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Microsoft Office\Office\WINWORD.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://www.dell4me.com/mywaybiz

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://cm.my.yahoo.com/?.src=fp

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.dell4me.com/mywaybiz

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =http://www.hackerwatch.org/library/app/feedback/?Md5=3DC9256DA25BDFF5...

O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection -
{53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} -
C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\2.1.615.5858\sw g.dll

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media
Experience\PCMService.exe"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\system32\PDesk\PDesk.exe
/Autolaunch

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common
Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support
Center\gs_agent\custom\dsca.exe"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe"
/startup

O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support
Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
/RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
/RUNONCE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
/RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
/RUNONCE (User 'Default user')

O4 - Startup: Check for ContinuumClient Updates.lnk = C:\Program
Files\Quote.com\ContinuumClient\WiseUpdt.exe

O4 - Startup: Check for QCharts Updates.lnk = C:\Program
Files\Quote.com\QCharts 5.1\WiseUpdt.exe

O4 - Global Startup: APC UPS Status.lnk = ?

O4 - Global Startup: EzBackup Monitor.lnk = C:\Program
Files\DPS\EzBackup\EzBackupStartupMonitor.exe

O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google
Updater\GoogleUpdater.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program
Files\AIM\aim.exe

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: MUSICMATCH MX Web Player -
{d81ca86b-ef63-42af-bee3-4502d9a03c2d} -http://wwws.musicmatch.com/mmz/openWebRadio.html(file missing)

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe

O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) -http://leg3.state.va.us/qp2.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) -http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {3BA3B159-7533-4F96-A2CE-EE5894BBD3D5} (Scanner.SysScanner) -http://i.dell.com/images/global/js/scanner/SYSSCANNER.cab

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) -http://ipgweb.cce.hp.com/rdqnbk/downloads/sysinfo.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/clie...

O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) -http://www.crucial.com/controls/cpcScanner.cab

O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer
Control) -http://www.sbe.state.va.us/viewer/activeXViewer/activexviewer.cab

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) -https://optionsxpressevents.webex.com/client/T25L/webex/ieatgpc.cab

O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} -http://download.abacast..com/download/files/abasetup162.cab

O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) -http://207.190.197.68/webmap/Acgm.cab

O16 - DPF: {FFFFFFFF-CAFE-BABE-BABE-00AA0055595A} -http://www.networksolutionsemailpopwizard.com/TrueSwitchEC.exe

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program
Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: APC UPS Service - American Power Conversion Corporation -
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common
Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program
Files\DellSupport\brkrsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common
Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program
Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common
Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: MGABGEXE - Matrox Graphics Inc. -
C:\WINDOWS\system32\mgabg.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter)
(sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell
Support Center\bin\sprtsvc.exe

--

End of file - 10363 bytes

Your HiJackThis log is not useful here. You will need to re=post it
on a true HiJackThis web forum.
  #3  
Old March 18th 08, 08:19 PM posted to microsoft.public.windowsxp.perform_maintain
Nepatsfan
external usenet poster
  
Posts: 3,023
Default Security Warning
"Bob Griendling" wrote in message
...
It may be coincidental, but about the time I downloaded an upgraded Spybot
program, I began to get a Security Warning that oftens reads something like
this:

"The current Web page is trying to open a site on the Internet. Do you want to
allow this?

Current site: ad.yieldmanager.com

Internet site: C:\Windows\system32\shdoclc.dll



Warning: allowing this can expose your computer to security risks. If you
don't trust the current Web page, choose no."

Here is my hijack this log, if it helps. Any suggestions are welcome.


snipped

There are a number of web sites where HijackThis logs should be posted. Here are
some of the more popular ones.

CastleCops HijackThis Forum
http://castlecops.com/f67-Hijackthis...s_Oh_My.htm l

Aumha Forums - HijackThis Logs
http://forum.aumha.org/

HijackThis Logs and Analysis
http://www.bleepingcomputer.com/foru...lysis-f22.html

HijackThis Logs and Spyware/Malware Removal
http://forums.whatthetech.com/Hijack...moval_f27.html

Spyware Warrior HijackThis Logs
http://spywarewarrior.com/viewforum.php?f=5

These forums are staffed by volunteers who have demonstrated their ability to
interpret these logs and provide safe and helpful assistance. Also, the forums
are moderated, adding a degree of assurance that the advice given is valid.
Please do not post a HijackThis log on one of these newsgroups. You have no
guarantee that the advice given would not make a bad situation worse.

Good luck

Nepatsfan
  #4  
Old July 3rd 08, 02:38 AM posted to microsoft.public.windowsxp.perform_maintain
Bram Weiser
external usenet poster
  
Posts: 12
Default Security Warning
Hi, Everyone,

I'm having the same thing happen to me now, too.

Is this necessarily a Spybot side-effect, though? (I'd looked in that
program and couldn't find what's making it happen, or what could turn it off.)

If not, any ideas about what else could be causing this?

Thanks,
Bram


"Bob Griendling" wrote:

It may be coincidental, but about the time I downloaded an upgraded Spybot
program, I began to get a Security Warning that oftens reads something like
this:

"The current Web page is trying to open a site on the Internet. Do you want
to allow this?

Current site: ad.yieldmanager.com

Internet site: C:\Windows\system32\shdoclc.dll



Warning: allowing this can expose your computer to security risks. If you
don't trust the current Web page, choose no."

Here is my hijack this log, if it helps. Any suggestions are welcome.

Bob

SNIP
 



« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 09:39 AM.

Feed Icon - Contact Us - Windows XP Help Forum home - FAQ - Links - Privacy Statement - Top

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.