OLE Automation

[MerryMav@gmail.com]

Can OLE be used in conjunction with spyware programs?

[MerryMav@gmail.com]

On Jun 7, 10:00*am, Merry...@gmail.com wrote:

> Can OLE be used in conjunction with spyware programs?

I asked the above question the other day because OLE keeps popping up
on my system of late when I navigate from one website to another,
which it never did before. I realize this is a harmless exe but am
just asking if there's been an evolution w/it in the last six months
or so.

C'mon guys, help assuage this old gal's paranoia....

[jen]

<MerryMav@gmail.com> wrote in message
news:82b9133a-8382-4c27-910e-a875921f3c7e@i36g2000prf.googlegroups.com...
On Jun 7, 10:00 am, Merry...@gmail.com wrote:
> Can OLE be used in conjunction with spyware programs?
"I asked the above question the other day because OLE keeps popping up
on my system of late when I navigate from one website to another,
which it never did before. I realize this is a harmless exe but am
just asking if there's been an evolution w/it in the last six months
or so.
C'mon guys, help assuage this old gal's paranoia...."

Not enough info in your post to be able to answer...
By "OLE" do you perhaps mean Outlook Express by any chance?
OLE or Ole may refer to:
http://en.wikipedia.org/wiki/OLE

-jen

[MerryMav@gmail.com]

On Jun 9, 2:38*pm, "jen" <j...@example.com> wrote:

> <Merry...@gmail.com> wrote in message
>
> news:82b9133a-8382-4c27-910e-a875921f3c7e@i36g2000prf.googlegroups.com...

> On Jun 7, 10:00 am, Merry...@gmail.com wrote:> Can OLE be used in conjunction with spyware programs?
>
> "I asked the above question the other day because OLE keeps popping up
> on my system of late when I navigate from one website to another,
> which it never did before. *I realize this is a harmless exe but am
> just asking if there's been an evolution w/it in the last six months
> or so.
> C'mon guys, help assuage this old gal's paranoia...."

Jen replied:

> Not enough info in your post to be able to answer...
> By "OLE" do you perhaps mean Outlook Express by any chance?
> OLE or Ole may refer to:http://en.wikipedia.org/wiki/OLE
>
> -jen


Hi, Jen, thank you for responding. I was referring to the Win32
application, which, everybody has on their systems and which is
normally safe:

http://www.cgoakley.demon.co.uk/prog/oleaut.html

http://en.wikipedia.org/wiki/Object_..._and_Embedding

But, it can be programmed to do other things, from what I understand.
I am an absolute novice, so know little. Just wondered if someone had
come up with a way to use it to hijack browser history.

Cheers!

M

[jen]

<MerryMav@gmail.com> wrote in message
news:dd5b7e82-3c08-4000-bf71-3f231215a427@l28g2000prd.googlegroups.com...
On Jun 9, 2:38 pm, "jen" <j...@example.com> wrote:
> <Merry...@gmail.com> wrote in message
> news:82b9133a-8382-4c27-910e-a875921f3c7e@i36g2000prf.googlegroups.com...
> On Jun 7, 10:00 am, Merry...@gmail.com wrote:> Can OLE be used in
> conjunction with spyware programs?
> "I asked the above question the other day because OLE keeps popping up
> on my system of late when I navigate from one website to another,
> which it never did before. I realize this is a harmless exe but am
> just asking if there's been an evolution w/it in the last six months
> or so.
> C'mon guys, help assuage this old gal's paranoia...."
Jen replied:
> Not enough info in your post to be able to answer...
> By "OLE" do you perhaps mean Outlook Express by any chance?
> OLE or Ole may refer to:http://en.wikipedia.org/wiki/OLE
"Hi, Jen, thank you for responding. I was referring to the Win32
application, which, everybody has on their systems and which is
normally safe:
http://www.cgoakley.demon.co.uk/prog/oleaut.html
http://en.wikipedia.org/wiki/Object_..._and_Embedding
But, it can be programmed to do other things, from what I understand.
I am an absolute novice, so know little. Just wondered if someone had
come up with a way to use it to hijack browser history."

Well, of course there are OLE exploits
Don't know what you mean by "hijack browser history"...
Here's a recent exploit:
(are you up-to-date on your MS patches?)

More analysis on the MS Jet Exploits camouflaging as Microsoft Word
files
Wednesday March 26, 2008 at 4:27 pm CST

The trojan installation techniques used in this threat are nothing
special and can be seen in other exploit files; however the method to
trick users in this attack, by using non-exploit OLE files as loaders of
other exploit OLE files is something new. As we see from past attacks,
we no longer can rely on file extensions. We should continuously be
careful with all unknown OLE files and not open untrusted email
attachments.
http://www.avertlabs.com/research/bl...ft-word-files/
Take a look here:
http://www.google.com/search?client=...=Google+Search

-jen

[jen]

"jen" <jen@example.com> wrote in message
news:Fkz3k.2761$Nr.2670@bignews6.bellsouth.net...
> <MerryMav@gmail.com> wrote in message
> news:dd5b7e82-3c08-4000-bf71-3f231215a427@l28g2000prd.googlegroups.com...
> On Jun 9, 2:38 pm, "jen" <j...@example.com> wrote:
>> <Merry...@gmail.com> wrote in message
>> news:82b9133a-8382-4c27-910e-a875921f3c7e@i36g2000prf.googlegroups.com...
>> On Jun 7, 10:00 am, Merry...@gmail.com wrote:> Can OLE be used in
>> conjunction with spyware programs?
>> "I asked the above question the other day because OLE keeps popping
>> up
>> on my system of late when I navigate from one website to another,
>> which it never did before. I realize this is a harmless exe but am
>> just asking if there's been an evolution w/it in the last six months
>> or so.
>> C'mon guys, help assuage this old gal's paranoia...."
> Jen replied:
>> Not enough info in your post to be able to answer...
>> By "OLE" do you perhaps mean Outlook Express by any chance?
>> OLE or Ole may refer to:http://en.wikipedia.org/wiki/OLE
> "Hi, Jen, thank you for responding. I was referring to the Win32
> application, which, everybody has on their systems and which is
> normally safe:
> http://www.cgoakley.demon.co.uk/prog/oleaut.html
> http://en.wikipedia.org/wiki/Object_..._and_Embedding
> But, it can be programmed to do other things, from what I understand.
> I am an absolute novice, so know little. Just wondered if someone had
> come up with a way to use it to hijack browser history."
>
> Well, of course there are OLE exploits
> Don't know what you mean by "hijack browser history"...
> Here's a recent exploit:
> (are you up-to-date on your MS patches?)
>
> More analysis on the MS Jet Exploits camouflaging as Microsoft Word
> files
> Wednesday March 26, 2008 at 4:27 pm CST
>
> The trojan installation techniques used in this threat are nothing
> special and can be seen in other exploit files; however the method to
> trick users in this attack, by using non-exploit OLE files as loaders
> of other exploit OLE files is something new. As we see from past
> attacks, we no longer can rely on file extensions. We should
> continuously be careful with all unknown OLE files and not open
> untrusted email attachments.
> http://www.avertlabs.com/research/bl...ft-word-files/
> Take a look here:
> http://www.google.com/search?client=...=Google+Search

BTW, there is *no such thing* as a "harmless exe", unless it has been
*thoroughly analyzed by a competent malware expert*...
Tell us exactly what you mean by "OLE keeps popping up on my system of
late when I navigate from one website to another".

-jen

[MerryMav]

On Jun 10, 11:26*am, "jen" <j...@example.com> wrote:
> "jen" <j...@example.com> wrote in message
>
> news:Fkz3k.2761$Nr.2670@bignews6.bellsouth.net...
>
>
>
>
>
> > <Merry...@gmail.com> wrote in message
> >news:dd5b7e82-3c08-4000-bf71-3f231215a427@l28g2000prd.googlegroups.com....
> > On Jun 9, 2:38 pm, "jen" <j...@example.com> wrote:
> >> <Merry...@gmail.com> wrote in message
> >>news:82b9133a-8382-4c27-910e-a875921f3c7e@i36g2000prf.googlegroups.com....
> >> On Jun 7, 10:00 am, Merry...@gmail.com wrote:> Can OLE be used in
> >> conjunction with spyware programs?
> >> "I asked the above question the other day because OLE keeps popping
> >> up
> >> on my system of late when I navigate from one website to another,
> >> which it never did before. I realize this is a harmless exe but am
> >> just asking if there's been an evolution w/it in the last six months
> >> or so.
> >> C'mon guys, help assuage this old gal's paranoia...."
> > Jen replied:
> >> Not enough info in your post to be able to answer...
> >> By "OLE" do you perhaps mean Outlook Express by any chance?
> >> OLE or Ole may refer to:http://en.wikipedia.org/wiki/OLE
> > "Hi, Jen, thank you for responding. *I was referring to the Win32
> > application, which, everybody has on their systems and which is
> > normally safe:
> >http://www.cgoakley.demon.co.uk/prog/oleaut.html
> >http://en.wikipedia.org/wiki/Object_..._and_Embedding
> > But, it can be programmed to do other things, from what I understand.
> > I am an absolute novice, so know little. Just wondered if someone had
> > come up with a way to use it to hijack browser history."
>
> > Well, of course there are OLE exploits
> > Don't know what you mean by "hijack browser history"...
> > Here's a recent exploit:
> > (are you up-to-date on your MS patches?)
>
> > More analysis on the MS Jet Exploits camouflaging as Microsoft Word
> > files
> > Wednesday March 26, 2008 at 4:27 pm CST
>
> > The trojan installation techniques used in this threat are nothing
> > special and can be seen in other exploit files; however the method to
> > trick users in this attack, by using non-exploit OLE files as loaders
> > of other exploit OLE files is something new. As we see from past
> > attacks, we no longer can rely on file extensions. We should
> > continuously be careful with all unknown OLE files and not open
> > untrusted email attachments.
> >http://www.avertlabs.com/research/bl...3/26/more-anal...
> > Take a look here:
> >http://www.google.com/search?client=...ozilla%3Aen-US...
>
> BTW, there is *no such thing* as a "harmless exe", unless it has been
> *thoroughly analyzed by a competent malware expert*...
> Tell us exactly what you mean by "OLE keeps popping up on my system of
> late when I navigate from one website to another".
>
> -jen- Hide quoted text -
>
> - Show quoted text -

Hi, Jen---thank you for your responses: Well, it just sort of bothers
me because it only started up recently. I'll try to navigate to
another page or even when I leave a website, I get a message from my
Firewall (Comodo) telling me that the OLE application might be trying
to hijack my computer. The Firewall then asks if I should permit it.
If I deny, I can't surf. I can only surf if I allow it. So far,
nothing adverse has occurred: It is just odd.

Anyway, thank you for taking the time to respond: I really appreciate
it.

Sincerely,

MM

[jen]

"MerryMav" <MerryMav@gmail.com> wrote in message
news:9c04b2b4-54c5-4a73-acf2-05ee16d99d3b@w8g2000prd.googlegroups.com...
On Jun 10, 11:26 am, "jen" <j...@example.com> wrote:
> "jen" <j...@example.com> wrote in message
> news:Fkz3k.2761$Nr.2670@bignews6.bellsouth.net...
> > <Merry...@gmail.com> wrote in message
> >news:dd5b7e82-3c08-4000-bf71-3f231215a427@l28g2000prd.googlegroups.com...
> > On Jun 9, 2:38 pm, "jen" <j...@example.com> wrote:
> >> <Merry...@gmail.com> wrote in message
> >>news:82b9133a-8382-4c27-910e-a875921f3c7e@i36g2000prf.googlegroups.com...
> >> On Jun 7, 10:00 am, Merry...@gmail.com wrote:> Can OLE be used in
> >> conjunction with spyware programs?
> >> "I asked the above question the other day because OLE keeps popping
> >> up
> >> on my system of late when I navigate from one website to another,
> >> which it never did before. I realize this is a harmless exe but am
> >> just asking if there's been an evolution w/it in the last six
> >> months
> >> or so.
> >> C'mon guys, help assuage this old gal's paranoia...."
> > Jen replied:
> >> Not enough info in your post to be able to answer...
> >> By "OLE" do you perhaps mean Outlook Express by any chance?
> >> OLE or Ole may refer to:http://en.wikipedia.org/wiki/OLE
> > "Hi, Jen, thank you for responding. I was referring to the Win32
> > application, which, everybody has on their systems and which is
> > normally safe:
> >http://www.cgoakley.demon.co.uk/prog/oleaut.html
> >http://en.wikipedia.org/wiki/Object_..._and_Embedding
> > But, it can be programmed to do other things, from what I
> > understand.
> > I am an absolute novice, so know little. Just wondered if someone
> > had
> > come up with a way to use it to hijack browser history."
> > Well, of course there are OLE exploits
> > Don't know what you mean by "hijack browser history"...
> > Here's a recent exploit:
> > (are you up-to-date on your MS patches?)
> > More analysis on the MS Jet Exploits camouflaging as Microsoft Word
> > files
> > Wednesday March 26, 2008 at 4:27 pm CST
> > The trojan installation techniques used in this threat are nothing
> > special and can be seen in other exploit files; however the method
> > to
> > trick users in this attack, by using non-exploit OLE files as
> > loaders
> > of other exploit OLE files is something new. As we see from past
> > attacks, we no longer can rely on file extensions. We should
> > continuously be careful with all unknown OLE files and not open
> > untrusted email attachments.
> >http://www.avertlabs.com/research/bl...3/26/more-anal...
> > Take a look here:
> >http://www.google.com/search?client=...ozilla%3Aen-US...
> BTW, there is *no such thing* as a "harmless exe", unless it has been
> *thoroughly analyzed by a competent malware expert*...
> Tell us exactly what you mean by "OLE keeps popping up on my system of
> late when I navigate from one website to another".
Hi, Jen---thank you for your responses: Well, it just sort of bothers
me because it only started up recently. I'll try to navigate to
another page or even when I leave a website, I get a message from my
Firewall (Comodo) telling me that the OLE application might be trying
to hijack my computer. The Firewall then asks if I should permit it.
If I deny, I can't surf. I can only surf if I allow it. So far,
nothing adverse has occurred: It is just odd.
Anyway, thank you for taking the time to respond: I really appreciate
it.
----------------------------------------------------------------------------------------------------------------------------

YW, MerryMav

I do not use Comodo. What version do you have? Maybe an update wiil
help. Seems to be problems with this function from my research...

See here (follow all links in all threads from this page) and ask your
questions on their forum:

I keep receiving COM/OLE Automation Alerts:
http://forums.comodo.com/frequently_...s-t9521.0.html

-jen