iondjp

Strange Program Names in OA Programs Tab

Recommended Posts

In the Programs tab, I noticed a lengthy list of Programs that had unusual names (see attached). They all appear in the middle of the night.

 

It appears that Windows 7 (x64) did an update overnight but, should I be concerned about these program names?

 

BTW: I hardly ever check the Online Armour, because I find that it usually just confuses me and causes undue stress. However, I did check it this morning because I was getting alerts about 'iexplorer' has changed and alerts about 'mouse_hook'. I assume that the Windows update was at least in part due to an Internet Explorer update, but I have not gone through the list if updates to determine that for sure.

 

A little bit of reading online has me believing that "iexplorer has changed" and "trying to set mouse_hook" alerts are normal after an update, but I would like that confirmed as well please.

 

Thanks;

iondjp

post-29692-0-58361500-1392225048_thumb.png
Download Image

Share this post


Link to post
Share on other sites

The names are definitely strange. Can you right click on them and get information about them, such as the full path?

Share this post


Link to post
Share on other sites

Sorry for the delay in following up. I expected to get an email when a reply was made.

 

Anyway, the strange thing is the list of programs in the list has changed. I have attached a PDF with some clips. You will see:

 

  1. the names of the programs in the list has changed
  2. the file info screen for the strange looking third program from the bottom of the programs list (i.e. starts with "ykG") notice the file date is 30/12/1899
  3. there is a sample of the AutoRuns tab -- it too shows some strange program names
  4. below that screen shot, there is a sample of the file info and it appears to indicate the program entry named 'f' is a product of Outlook

Anything to worry about here?

 

Any comment or advice on this would be appreciated.

Emsisoft OA Screens.pdf

Share this post


Link to post
Share on other sites

Office 2010 (32bit version) with Business Contact Manager (BCM) installed afterward.

 

OS: Windows 7 Home premium Service Pack 1

 

Why do you ask?

Share this post


Link to post
Share on other sites

It looks like the file path information is either corrupt, or not in the correct character encoding. I'll ask one of our developers what he thinks about this.

Share this post


Link to post
Share on other sites

Thanks Masood;

 

I don't want to be difficult, but I'd really rather not re-install Office if it is not necessary. As a former repair technician, my train of thought is sequential. I am more interested in understanding and interpreting what I am looking at and less concerned (at this stage) in eliminating these entries. In other words, my objective is to understand if these entries present a risk (i.e. block versus allow) or if they indicate a problem (i.e. - is something tinkering with my OA rules?)

 

So, before I go through the exercise of uninstalling and re-installing Office, I'd like to understand what I'm looking? Some specific questions might help.

 

  1. The Programs List has changed - is that normal in any situation?
  2. Would it be reasonable to delete all the strange entries in the Auto-Start list and then restart system to see if they reappear?
  3. If they do, what does that mean?
  4. If they don't, what does that mean?
  5. The fact that the entries are in gray, does this mean that the programs are no longer on my harddrive?

All input is appreciated.

 

Thx....

Share this post


Link to post
Share on other sites

The Programs List has changed - is that normal in any situation?

I'm not sure I understand what you mean. Your screenshots do not seem abnormal to me, other than the strange entries.

Would it be reasonable to delete all the strange entries in the Auto-Start list and then restart system to see if they reappear?

That it probably a good idea, if for no other reason than to determine if these things are still on your computer.

If they do, what does that mean?

If they do reappear, then it means we can get Debug Logs for our developers. It also means that whatever caused it is still there.

If they don't, what does that mean?

It either means that the issue was a fluke to begin with (perhaps some corruption when saving the data for the Programs list for some reason), or that the files that Online Armor was trying to list no longer exist.

The fact that the entries are in gray, does this mean that the programs are no longer on my harddrive?

Gray means unknown. It just means you haven't blocked or trusted them.

Share this post


Link to post
Share on other sites

Thanks Arthur;

 

All questions seem to be clear now, except the question about changing Programs List.  You will see the Programs List for the date of 12/02/2104 is quite different in the second set of screen clips I posted. In other words, the program names are different on that date for the two samples.

 

These are logs, so why would they change? Logically the data for that date should be the same no matter when I open it.

 

If it is just a corrupted read of the log, I can live with that. The log today logs the same as it did yesterday, but does not resemble the sample I took on 12/02/2014. This might someone's faith in the logs.

 

Furthermore, I just worry that something more serious is going on in the background. I notice that when I have OA running, some SQL database related programs are so unbearably slow that I have to shut OA down. Other programs like IE9, IE10, IE11 are considerably slower when OA is running.

 

But perhaps I should open another topic to discuss that. Let's focus on the "strange looking entries" and the "log issue" for now.

 

I will clear the autorun list and report my findings.

Share this post


Link to post
Share on other sites

Some sort of corruption of the log data seems to be the most obvious cause for the discrepancies in the names. Our developers may have some other ideas as well.

You can open another topic for the performance issues, but when it comes to issues like that then exclusions usually resolves the problem. If it is a local SQL server, then you can just add its folder to Online Armor's exclusions list. Here are some instructions for adding a folder to the Exclusions list in Online Armor:

  • Click on the Start button, go to All Programs, go to Online Armor, and click on the Online Armor icon to open it.
  • Click on Options in the menu on the left.
  • Go to the Exclusions tab.
  • Click on the Add button.
  • Use the little [+] and [-] icons to the left of folder names to open and close them, find the folder you want to add, click on it to highlight it, and then click OK at the bottom.
  • Close the Online Armor window.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.