1. Home
  2. Networking Firewalls
  3. Kerio - What is OFFICEGUI32.EXE?

Kerio - What is OFFICEGUI32.EXE?

I watched my "Opened Connections" window as this OFFICEGUI32.EXE program opened like a trillion ports in sequence. Eventually I was no longer able to communicate on the internet at all. No NNTP, no POP3, no HTTP. It's very bizarre. This is a fresh install of Windows XP Home with the SP2 update which I downloaded right after installation, and it was done on a clean formatted partition. I've only installed the programs I've always installed which were stored in a directory I use for archiving installation EXE's, and I scanned each one with the latest virus scan databases before using them. I find it highly unlikely that I've already been infected by a virus so soon after installing Windows. I can confidently say that I haven't been infected by a virus in ages because I just don't run any old thing that comes through my e-mail, nor have I run anything in this install.

I can't find any information on this OFFICEGUI.EXE program. Has anyone here heard of it? I have now denied this program all connection activity and so far things seem to be going well.

Thanks, Damaeus

Reply to
Damaeus
Loading thread data ...

Find the program in Explorer or Search/Find, right-click it, and click on the Version tab. See if there is any useful information. The name would make you think it's parts of MS Office, although these days, you never know. You should run both a virus and adware/spyware scan, to be safe.

Reply to
Andrew Rossmann

I think what I'd do is make a copy of it to some other folder somewhere in case I need it again, and then delete it from the system32 directory and see what happens. If it's needed, you'll probably find out about it one way or another. If not, then that might solve your problem.

Reply to
Kerodo

In news:comp.security.firewalls, Andrew Rossmann posted on Tue, 16 Nov 2004 16:22:20

-0600:

You know, this is the strangest thing. I searched all files, including hidden and system files, and I cannot find a file named officegui32.exe anywhere on any of my drives or partitions. And yet in the processes list, it's there plain as day.

Damaeus

Reply to
Damaeus

In news:comp.security.firewalls, "Matt M" posted on Wed, 17 Nov 2004 09:13:24 +0700:

Okay, I found it in System Information under Running Tasks. The path leads to the C:\\windows\\system32 directory. I had failed to turn off the hiding of protected system files. Scanning OfficeGUI32.exe directly results in no virus being detected. But this 97k executable was causing such a problem I had to disallow it all communications. There's no information when viewing the properties of the file -- nothing in the Summary tab or anything.

Damaeus

Reply to
Damaeus

Try something like Process Explorer, which will show you the full path to the executable.

M
Reply to
Matt M

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.