New update causes "web page is trying to open" security dialog box.

[jstevens]

On patch Tuesday 6/13/2006 Microsoft released updates that are causing the following issue.

On any webpage that has ad.doubleclick.net, a confirmation dialog box pops up asking the user to confirm this access. Of course this is a major pain. Most all websites use doubleclick.

---------------------------------------
Security Warning:

The current Web page is trying to open a site on the Internet. Do you want to allow this?

Current site: ad.doubleclick.net
Internet site: c:\windows\system32\shdoclc.dll
---------------------------------------

If this is related to this issue, I think we may have a riot on our hands.

http://www.networkworld.com/news/20...ch-word-bug.html?nlhtsec=060506securityalert3

http://www.eweek.com/article2/0,1895,1490621,00.asp

Anyway, is there a way to turn off this security prompt?


Thanks,
Jason

 

[smah]

There's really no reason that an doubleclick.net banner ad should be accessing files on your computer. A thorough spyware scan may be in order. The Eolas issue is a different matter.

 

[jstevens]

I use spywareblaster to help protect from addware and malicious sites. *.doubleclick.net is added to restricted sites. There is a new security measure that if an address in is that zone this prompt comes up. I can't seem to find the option to turn it off.

If I place the site in trusted sites, another but more anoying prompt comes us saying, blah blah is trying to access blah blah in your trusted sites.

So if I remove the doubleclick.net entry all together, the prompt goes away. Of course when I re-run blaster and enable all protection, site gets added.


Jason

 

[jstevens]

Well, I went to another machine that had spywareblaster installed, all latest patches, and its not displaying this popup.

Im stumped.

 

[erikhertzel]

Spywareblaster is just a preventative spyware program, it does not check for spyware at all.

Try Webroot Spysweeper

Download it here:

http://www.sabethacomputing.com/downloads.html

Webroot Spysweeper 14 day Trial

Update the defs and do a sweep.

Also check this out:

Ewido download:

http://www.ewido.net/en

Update it and run a complete scan.


I would also check it with some other virus scanners just to make sure.

http://housecall.trendmicro.com

http://www.pandasoftware.com/activescan

Post back and let us know how it's going.

Best regards.

Erik

 

[jstevens]

Yes my site uses SpySweeper Enterprise, 3.0.2 and there is nothing that is better.


However spysweeper only has some basic hosts file blocking entries, but I dont think its as thorough as Spyblasters. Currently at 6362 items Spyblaster's preventitive protection is deeper than webroots. While I consider Spysweepers active shields to be good I just have more confidence with spyblasters addition to it. Plus its free. Only issue is its not enterprise deployable which is ok.

Now in terms of the best spyware removal software from my experience that has to be

http://www.superantispyware.com

superantispyware. I had a machine infected with Virtumonde / wtlhelper and Spysweeper was not able to clean and remove it. I had to use superantispyware. I notified webroot support so they should have that addressed.

But in any event, has anyone had this issue? I find it very anoying.


Jason