OLE Automation Win Word?

sanctuary24 · August 16, 2007, 5:37pm

Does this look alright to you guys, it came up when my dad pasted a web page into Microsoft Word?

Date/Time :2007-08-16 18:27:02Severity :HighReporter :Application Behavior AnalysisDescription: Suspicious Behaviour (iexplore.exe)Application: C:\Program Files\Internet Explorer\iexplore.exeParent: C:\WINDOWS\explorer.exeProtocol: TCP OutDestination: 127.0.0.1::12080Details: C:\Program Files\Microsoft Office\Office10\WINWORD.EXE has tried to use C:\Program Files\Internet Explorer\iexplore.exe through OLE Automation, which can be used to hijack other applications.

Date/Time :2007-08-16 18:27:01Severity :HighReporter :Application Behavior AnalysisDescription: Suspicious Behaviour (iexplore.exe)Application: C:\Program Files\Internet Explorer\iexplore.exeParent: C:\WINDOWS\explorer.exeProtocol: UDP OutDestination: 212.139.132.9::dns(53)Details: C:\Program Files\Microsoft Office\Office10\WINWORD.EXE has tried to use C:\Program Files\Internet Explorer\iexplore.exe through OLE Automation, which can be used to hijack other applications.

[attachment deleted by admin]

anderow · August 16, 2007, 5:44pm

This looks ok to me. When something from a webpage is pasted into word CFP thinks that Word is trying to access the internet through internet explorer.

The following may help:

https://forums.comodo.com/cfp_beta_corner/unaddressed_problem_in_all_releases_including_latest_beta-t5207.0.html;msg38857#msg38857

Since you know both applications and were actually pasting from one into the other I don’t think you have anything to worry about.

These warnings are why CFP is so leakproof.

:SMLR

sanctuary24 · August 16, 2007, 5:52pm

I hope I was right to allow it my dad can be pushy at times just to get things moving along, if it was a bad choice will I be able to notice anything odd or would my anti-virus pick up on anything?

What about the attahed log does that look ok mate?

[attachment deleted by admin]

anderow · August 16, 2007, 6:02pm

I think you have no need to worry. The scenario you described seems normal to me. I would definately advise use of BOClean though - it is a great security program and requires very little interaction. Once installed and configured it will just sit monitoring, taking up few resources and will catch a huge number of nasties if they try it on. sounds perfect for your dad.

:SMLR

sanctuary24 · August 16, 2007, 6:04pm

Is it compatible with Avast home edition and is it a spyware detector?

Does the attachment on my previous message look genuine?

anderow · August 16, 2007, 6:15pm

As far as I know BOClean is compatible with Avast and it detects malware of all types - check out the Comodo website where you can read about it. There are also many posts in the BOClean section of these forums wher people have stated that BoClean had saved their necks when their antivirus had not picked something up but BOClean had.

http://www.comodo.com/boclean/boclean.html

https://forums.comodo.com/comodo_boclean_antimalware-b83.0/

:SMLR

Little_Mac · August 16, 2007, 6:44pm

That last alert looks like it’s going to your ISP, and based on the port (123) it may be a time update to their servers. If you’re concerned, you can always check with them about it.

LM