Unidentified Files

TheMSsForum.com: The Microsoft Software Forum

I have recently acquired several files of the form BQSHYJ2R.ocx in the
Windows folder. From a 'Goggle' search I understand these files are
associated with ActiveX controls but in what respect I couldn't determine.

Are these files dangerous in any way and require removal or are they an
essential part of the 'system'?
Top

Re: Unidentified Files by Frank

Frank
Tue Feb 01 06:06:54 CST 2005

"Edward W. Thompson" <thomeduk1@btopenworld.com> wrote in message
news:uP$06BECFHA.1260@TK2MSFTNGP12.phx.gbl
> I have recently acquired several files of the form BQSHYJ2R.ocx in the
> Windows folder. From a 'Goggle' search I understand these files are
> associated with ActiveX controls but in what respect I couldn't
> determine.
> Are these files dangerous in any way and require removal or are they
> an essential part of the 'system'?

Right click it and choose Properties. Go to the Version tab. It should
tell you what it is and where it is from. If it doesn't or you don't
recognize it as something you want, delete it. If it's something you need
you will be asked to download it again.

The fact that it isn't in Downloaded Program Files is suspicious. I would
also do the following:
First eliminate any spyware.
What You Should Know About Spyware
http://www.microsoft.com/athome/security/spyware/devioussoftware.mspx

CAUTION!!!!! Removing some spyware can damage the Winsock stact. Before
you try to remove spyware using any of these programs , download a copy of
LSP-Fix - a free program to repair damaged Winsock 2 stacks (all Windows
versions)
http://www.cexx.org/lspfix.htm
Winsockfix for W95, W98, ME, NT, 2000, XP
http://www.tacktech.com/pub/winsockfix/WinsockFix.zip
Directions here: http://www.tacktech.com/display.cfm?ttid=257
WinXP:
Get WinSockxpFix
http://www.spychecker.com/program/winsockxpfix.html
How to Reset Internet Protocol (TCP/IP) in Windows XP
http://support.microsoft.com/kb/299357
In WinXP SP2: You can fix Winsock by going to Start | Run and typing
CMD
In the command window type
netsh winsock reset

See
Dealing with Unwanted Malware, Parasites, Toolbars and Search Engines
http://mvps.org/winhelp2002/unwanted.htm

Note that AdAware and SpyBot S & D will each catch some things the other
won't. Also, each needs to be updated with the program's update function
before every use, even when just downloaded. There's also a lot more to do
than just those two programs. CWShredder is also available here:
http://www.intermute.com/products/cwshredder
**Post your HijackThis log to
http://www.spywareinfo.com/forums/
http://forums.tomcoyote.org/
http://castlecops.com/forum67.html
http://www.wilderssecurity.com/ or the Spyware forum at
http://forum.aumha.org/viewforum.php?f=30 for expert analysis, not here.**
Alternative download pages for Ad-Aware, Spybot, HijackThis and CWShredder
may be found on this page:
http://aumha.org/a/parasite.htm.

See this link for information about malware:
http://arstechnica.com/articles/paedia/malware.ars

If nothing there helps, please post back to this thread.

--
Frank Saunders, MS-MVP, IE/OE
Please respond in Newsgroup only. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com./athome/security/protect/default.aspx
http://defendingyourmachine.blogspot.com/


Top

Re: Unidentified Files by Edward

Edward
Wed Feb 02 01:24:32 CST 2005


"Frank Saunders, MS-MVP IE/OE" <franksaunders@mvps.org> wrote in message
news:%23QG5EaFCFHA.1260@TK2MSFTNGP12.phx.gbl...
> "Edward W. Thompson" <thomeduk1@btopenworld.com> wrote in message
> news:uP$06BECFHA.1260@TK2MSFTNGP12.phx.gbl
>> I have recently acquired several files of the form BQSHYJ2R.ocx in the
>> Windows folder. From a 'Goggle' search I understand these files are
>> associated with ActiveX controls but in what respect I couldn't
>> determine.
>> Are these files dangerous in any way and require removal or are they
>> an essential part of the 'system'?
>
> Right click it and choose Properties. Go to the Version tab. It should
> tell you what it is and where it is from. If it doesn't or you don't
> recognize it as something you want, delete it. If it's something you need
> you will be asked to download it again.
>
> The fact that it isn't in Downloaded Program Files is suspicious. I would
> also do the following:
> First eliminate any spyware.
> What You Should Know About Spyware
> http://www.microsoft.com/athome/security/spyware/devioussoftware.mspx
>
snip

Thanks Frank, when I open 'Properties' on the files there is no version tab
or any indication where the files originated. The curious thing is, and as
you say make the files suspicious, is the date that gives the year 1617! I
run Ad Aware, Spybot, Spy Sweeper, KAV and NOD32, so I am reasonably
confident the system is free of known bugs. The only problem I know I have
with my system is with System Restore ( Incorectly reports in Event Log that
there is a space limitation and only one Restore Point is kept when I reboot
overnight although I can make multiple Restore Points in any one day!).
Have posted the problem with System Restore but have had no takers!

With respect to the unidentified files they are each 3127 kb so I have
transfered them to a floppy and will see what happens.


Top

Re: Unidentified Files by Frank

Frank
Wed Feb 02 04:17:18 CST 2005

"Edward W. Thompson" <thomeduk1@btopenworld.com> wrote in message
news:%23o2O$gPCFHA.2568@TK2MSFTNGP11.phx.gbl
> "Frank Saunders, MS-MVP IE/OE" <franksaunders@mvps.org> wrote in
> message news:%23QG5EaFCFHA.1260@TK2MSFTNGP12.phx.gbl...
>> "Edward W. Thompson" <thomeduk1@btopenworld.com> wrote in message
>> news:uP$06BECFHA.1260@TK2MSFTNGP12.phx.gbl
>>> I have recently acquired several files of the form BQSHYJ2R.ocx in
>>> the Windows folder. From a 'Goggle' search I understand these
>>> files are associated with ActiveX controls but in what respect I
>>> couldn't determine.
>>> Are these files dangerous in any way and require removal or are they
>>> an essential part of the 'system'?
>>
>> Right click it and choose Properties. Go to the Version tab. It
>> should tell you what it is and where it is from. If it doesn't or
>> you don't recognize it as something you want, delete it. If it's
>> something you need you will be asked to download it again.
>>
>> The fact that it isn't in Downloaded Program Files is suspicious. I
>> would also do the following:
>> First eliminate any spyware.
>> What You Should Know About Spyware
>> http://www.microsoft.com/athome/security/spyware/devioussoftware.mspx
>>
> snip
>
> Thanks Frank, when I open 'Properties' on the files there is no
> version tab or any indication where the files originated. The
> curious thing is, and as you say make the files suspicious, is the
> date that gives the year 1617! I run Ad Aware, Spybot, Spy Sweeper,
> KAV and NOD32, so I am reasonably confident the system is free of
> known bugs. The only problem I know I have with my system is with
> System Restore ( Incorectly reports in Event Log that there is a
> space limitation and only one Restore Point is kept when I reboot
> overnight although I can make multiple Restore Points in any one
> day!). Have posted the problem with System Restore but have had no
> takers!
> With respect to the unidentified files they are each 3127 kb so I have
> transfered them to a floppy and will see what happens.

Go to: http://mvps.org/winhelp2002/unwanted.htm
Download "Hijack This!" [freeware]

Unzip, double-click "HijackThis.exe" and Press "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log"
button.
Click: "Save Log" (generates: "hijackthis.log")

Next, go to the below location:
http://www.spywareinfo.com/forums/

Sign in, go to the "Spyware and Hijackware Removal" section.
Press "New Topic" and post a description of your symptoms. If they need to
see your log they will ask for it.

--
Frank Saunders, MS-MVP, IE/OE
Please respond in Newsgroup only. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com./athome/security/protect/default.aspx
http://defendingyourmachine.blogspot.com/


Top