When my browser is connected to the internet [Firfox] I have found myself with several messages regarding OLE Automation. Almost all of the Comodo messages are as follows:
C:\Wiindows\Explorer.exe has tried to use SvcHost.exe through OLE Automation. And then it goes one about hijacking blablabla.
Note, that I am usually receiving these messages while on a web based email system and usually only receive these Comodo OLE messages while viewing the emails. In addition, I do not open any email that is from anyone other than who I personally know which is why I am so curious as to why I am receiving these OLE messages. I scanned my system for malware/spyware using Adaware, Spybot, Webroot, A2, as well as for rootkits using , Panda, blacklight, bitdefender [all aforementioned programs are rootkit finders by said companies]. I also searched the forums for OLE errors but did not find any that directly relate to my situation. Can anyone shed a little light other than linking to the FAQ which I already read [re: OLE Automation]?? (:NRD) THANKS FOR YOUR TIME!!!
Personally I have not gone into activeX/COM/OLE. The sources below is allot of reading and I have skimmed over it as far as I can tell:
Internet Explorer is very closely integrated with Explorer which is just an interface/shell/Graphical User Interface (Internet Explorer is much more separated from explorer in vista/IE7 I THINK).
So from what I can figure, Internet Explorer is using Explorer for some functionality. Explorer under Internet Explorer’s direction decides it needs to connect using OLE Automation to use some shared functionality in svchost.exe. For us to know what is going on from there, please post the detailed log as shown in:
https://forums.comodo.com/comodo_firewall/not_sure_about_alerts-t11728.0.html;msg83106
If you like reading ALLOT:
Mmmm wikipedia:
Read (For understanding of main key words):
Then read:
Thanks for the reply and info Rotty (:WIN)…by the way, here is my log. It is actually longer than what I posted but I just took the top ten rather than plastering what was/is about 100 or so log entries :o…
COMODO Firewall Pro Logs
Date Created: 23:53:05 18-08-2007
Log Scope:: Today
Date/Time :2007-08-18 23:28:59
Severity :High
Reporter :Application Monitor
Description: Application Access Denied (firefox.exe:216.195.66.237: :http(80))
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\WINDOWS\EXPLORER.EXE
Protocol: TCP Out
Destination: 216.195.66.237::http(80)
Date/Time :2007-08-18 23:25:07
Severity :High
Reporter :Application Behavior Analysis
Description: Suspicious Behaviour (firefox.exe)
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\WINDOWS\EXPLORER.EXE
Protocol: TCP Out
Destination: 216.195.66.237::http(80)
Details: C:\WINDOWS\EXPLORER.EXE has tried to use C:\Program Files\Mozilla Firefox\firefox.exe through OLE Automation, which can be used to hijack other applications.
Date/Time :2007-08-18 23:25:07
Severity :High
Reporter :Application Monitor
Description: Application Access Denied (firefox.exe:216.195.66.237: :http(80))
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\WINDOWS\EXPLORER.EXE
Protocol: TCP Out
Destination: 216.195.66.237::http(80)
Date/Time :2007-08-18 23:25:07
Severity :High
Reporter :Application Monitor
Description: Application Access Denied (firefox.exe:64.151.125.199: :http(80))
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\WINDOWS\EXPLORER.EXE
Protocol: TCP Out
Destination: 64.151.125.199::http(80)
Date/Time :2007-08-18 23:25:06
Severity :High
Reporter :Application Monitor
Description: Application Access Denied (firefox.exe:63.251.58.170: :http(80))
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\WINDOWS\EXPLORER.EXE
Protocol: TCP Out
Destination: 63.251.58.170::http(80)
Date/Time :2007-08-18 23:25:06
Severity :High
Reporter :Application Monitor
Description: Application Access Denied (firefox.exe:209.85.163.91: :http(80))
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\WINDOWS\EXPLORER.EXE
Protocol: TCP Out
Destination: 209.85.163.91::http(80)
Date/Time :2007-08-18 23:25:05
Severity :High
Reporter :Application Monitor
Description: Application Access Denied (firefox.exe:192.168.10.1: :dns(53))
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\WINDOWS\EXPLORER.EXE
Protocol: UDP Out
Destination: 192.168.10.1::dns(53)
Date/Time :2007-08-18 23:25:05
Severity :High
Reporter :Application Behavior Analysis
Description: Suspicious Behaviour (firefox.exe)
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\WINDOWS\EXPLORER.EXE
Protocol: UDP Out
Destination: 192.168.10.1::dns(53)
Details: C:\WINDOWS\EXPLORER.EXE has tried to use C:\Program Files\Mozilla Firefox\firefox.exe through OLE Automation, which can be used to hijack other applications.
Date/Time :2007-08-18 23:25:05
Severity :High
Reporter :Application Behavior Analysis
Description: Suspicious Behaviour (firefox.exe)
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\WINDOWS\EXPLORER.EXE
Protocol: TCP Out
Destination: 63.251.58.170::http(80)
Details: C:\WINDOWS\EXPLORER.EXE has tried to use C:\Program Files\Mozilla Firefox\firefox.exe through OLE Automation, which can be used to hijack other applications.
Date/Time :2007-08-18 23:25:00
Severity :High
Reporter :Application Behavior Analysis
Description: Suspicious Behaviour (firefox.exe)
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\WINDOWS\EXPLORER.EXE
Protocol: TCP Out
Destination: 216.195.66.237::http(80)
Details: C:\WINDOWS\EXPLORER.EXE has tried to use C:\Program Files\Mozilla Firefox\firefox.exe through OLE Automation, which can be used to hijack other applications.
Those are all fine to allow.
It seems that the browser uses svchost for allot of legitimate things. Just make sure the requesting application is a trusted one like firefox. The thread link I gave, the answers there apply to your situation.
Super!! Thanks for the wealth of information and answers to my question Rotty (:CLP)
BTW-- I am sure you are aware, A lot is two words not one…I see it misspelled at work all the time and believe it or not! by senior executives! (:NRD) Again, thanks for the super info on my OLE Automation inquiry (:KWL)
Oh wow, thankyou for pointing that out.
English is not my strong point, please do point out any of my grammar or spelling errors(Spelling errors are usually typos).
I have always been more of a maths person.