Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown Files On My Computer


  • Please log in to reply
12 replies to this topic

#1 cessenaacrobat

cessenaacrobat

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 08 August 2006 - 02:42 PM

I have XP home edition, Dell 8200 pent 4 2.39 ghz. I have zone alarm as a fire wall. I was checking my programs on ZA and found several I hadn't seen there before. They are :
"Run a Dll as an app", "services and contracts", WMI, LSA Shell(export) windows systems32\lsass.exe. Also on your forum I read something about OCreaware.

Are any of these files intruders or just system files updates? I'm totally computer unsavy. Thanks.

Missy

BC AdBot (Login to Remove)

 


m

#2 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:01:36 PM

Posted 08 August 2006 - 04:31 PM

Do you have Scansoft software named OmniPage? Is what you saw Ocraware, not OCreaware?

If you do not, run a few of these online scans using Internet Explorer:

Trend Micro antivirus and malware scan:
http://housecall-beta.trendmicro.com/en/st...orp.asp?id=scan

Etrust Anti-virus web scanner
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx.

Avast Online scan
http://onlinescan.avast.com/

F Secure online scan
http://support.f-secure.com/ols/start.html

Ewido Online scan
http://www.ewido.net/en/onlinescan/

And especially these three:

Trojan scans
Sygate Trojanscan
http://scan.sygatetech.com/pretrojanscan.html


Windows Security Trojanscan
http://windowsecurity.com/trojanscan
See instructions for it here:
http://www.windowsecurity.com/trojanscan/trojanscan.asp

Parasite scan from Aumha:
http://www.aumha.org/a/noads.php
or here:
http://www.aumha.org/win5/a/noads2.htm

Let us know what, if anything, they find.

#3 cessenaacrobat

cessenaacrobat
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 08 August 2006 - 06:41 PM

Nothing found and it is ocraware. The only scan that would work was the CA SCAN. I did see a file that I didn't recognize and am going to open. I still don't know what those files are.


Missy

#4 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:01:36 PM

Posted 08 August 2006 - 07:13 PM

They are files related to OCR which may have been added when you added a scanner.

OCR (optical character recognition) recognizes text you scan with your scanner.

Scansoft is one of the major publishers of OCR software and it is packaged with many brands of scanners or sold seperately.

#5 cessenaacrobat

cessenaacrobat
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 10 August 2006 - 08:21 PM

Now I think I have another problem. I have ZoneAlarm as fire wall, Norton as antivirus and ad-aware to scan each time I go on the internet. When it finished scanning. There was a little statement at the top that said "this is a targeted family". What does that mean?

Missy

#6 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:01:36 PM

Posted 10 August 2006 - 10:50 PM

When you finish scanning with which ap?

#7 cessenaacrobat

cessenaacrobat
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 10 August 2006 - 11:38 PM

I have this routine. When I finish being online, I delete all my cookies and then I scan my computer, all files,with ad-aware, to be sure I didn't have any unwelcome additions. When it was all finished. I had a double click cookie, and ad-aware showed it, but at the top, above the cookie list, in blue it said "this is a targeted family". When I quarantined the cookie, it was gone, but I rescan and it was back. It was never there before. I try to be realllllly careful because I don't want viruses. Thats why I delete my cookies and scan. Norton scans my computer too and has never shown any virus.

The ocraware, I guess, must be from my scanner. But the targeted thingy really worries me.

Missy

#8 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,722 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:36 PM

Posted 10 August 2006 - 11:47 PM

If you don't have this program, I would suggest downloading and installing SpywareBlaster. After you install, it make sure to update it. This program PREVENTS a lot of those bad cookies from getting onto your computer in the first place. Read this tutorial for how to install and use SpywareBlaster. The download link is there also.

Also, what browser are you using and what are your cookie settings? You can block many un-needed cookies with proper cookie settings. Also, you can delete most cookies without having to scan for them. In IE go to tools then internet options then click on the general tab if it isn't the one on top. At the bottom left, you will see a button "delete cookies" Click on it, and most or all of your IE cookies will be deleted. In FireFox, click on Tools, then "clear private data" Make sure that Cookies has a green check by it, then click on "clear private data now." You'll see that button at the bottom.

I think the "targeted family" message has to do with the fact that doubleclick cookies are suspect and thus are 'targeted' by Ad-Aware for removal.

Orange Blossom :thumbsup:

Edited by Orange Blossom, 10 August 2006 - 11:51 PM.

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#9 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:01:36 PM

Posted 11 August 2006 - 12:06 AM

Cookies for the most part are fairly harmless.
If you are really worried about it find it in Windows Explorer and manually delete it -(you may have to use safe mode)

Some cookies are beneficial - like the one this board sets to recognize you so you don't have to manually log in each time you visit the board.

Doubleclick is a commercial tracking cookie set by millions of internet sites.

#10 cessenaacrobat

cessenaacrobat
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 13 August 2006 - 01:11 PM

I use IE. I think you're right, I think it's ad-aware saying what the double click cookies are. I have my IE set to high security, and manual on my zone alarm so I can see what's up. I am way paranoid because a friend got one of those viruses or whatever that takes over a computer and he had to have his computer wiped out and reinstalled. It was realllly bad. So now I'm not answering if you're knocking. I delete the cookies out of my cookie file every time. I know what site the double click is coming from, but another friend said that I couldn't go to that site unless I allowed the cookie. Right or wrong? You guys really are great to answer.

Missy

#11 buddy215

buddy215

  • BC Advisor
  • 12,620 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:36 PM

Posted 13 August 2006 - 01:37 PM

You don't need 3rd party cookies. Set your cookie controls in IE to block them. You only need 1st party cookies when you intend to interact with the site that you are on.
Scanning every time you use the net is a bit paranoid. Unless you are a user that clicks on links willynilly and visit sites that are known to harbor malware. Firefox has a much more user friendly cookie control than IE.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#12 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,722 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:36 PM

Posted 13 August 2006 - 02:20 PM

You can also set your privacy settings in ZoneAlarm to block 3rd party cookies.

In IE to block third party cookies, on the top of the IE screen, click on Tools then Internet Options. Now click on the privacy tab on the little window that comes up. Now click on the Advanced button second from the right under the settings part of the menu.

Click on the little white box by "over-ride automatic cookie handling" so there is a white check in it. Put a green check in the white box by "block" under third party cookies and put a green check in the white box by "prompt" under first party cookies. Now click on the okay button at the bottom of that little window, and click on the okay button of the other window.

Now when you surf, all third party cookies will be blocked. You will receive a prompt message everytime a site wants to set a cookie. Click on the More information button and read the information about who wants to set it and for how long. If it is a cookie necessary for that site, such as the cookies for BleepingComputer, put a check in the box that says "apply this decision to all cookies from this website" and then click on the allow cookie button. You will receive no more prompts about cookies from BleepingComputer. If it's not needed, such as the cookies Microsoft wants to plant, again put a check in "apply this decision to all cookies from this site" and click on the "block cookie" button. Now IE will automatically block all the cookies from that site. If you find out that you need cookies from a specific site after all, go back to the privacy tab and click on the sites button near the bottom left. Now you will see a list of all the sites that are blocked or allowed to set cookies. Go to the one that is causing problems, click on it, then click on the remove button to the right.
---------------
In ZoneAlarm:
Restore your window to full size
Click on privacy on the left. Now click on main tab at the top right. Click on the custom button to the right in the cookie section. Make sure there is a little check in the box by Block 3rd party cookies. Click on the box if there isn't.
--------
Again, if you don't have SpywareBlaster, I'd suggest that you get it. It blocks a lot of bad stuff from getting on your computer. Read this tutorial for how to get and use SpywareBlaster.

Orange Blossom :thumbsup:, who prevents all cookies but the ones needed to navigate and deletes them all when closing the browser. :flowers:

Edited by Orange Blossom, 13 August 2006 - 02:22 PM.

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#13 moomoo

moomoo

  • Members
  • 267 posts
  • OFFLINE
  •  
  • Local time:02:36 PM

Posted 13 August 2006 - 02:51 PM

There all legit...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users