Shellcode Injection

DanielC88 · 19 May 2011

About an hour ago I did an error check on my C drive. I had to restart my computer to do it and after it was done and I had logged back in Comodo Defense had blocked the application explorer.exe. I wasn't browsing the internet in FireFox yet. It said "this is typical of a buffer overflow attack". It said it isolated explorer.exe from the rest of the system and will continue to do so unless I skip the alert but it is strongly recommended that I close the application and contact with it's vendor for a fix. So, I hit terminate and here I am.

Now what? Nothing happened when I hit terminate. Under defense events it says the application is C:\windows\SysWOW64\explorer.exe and the flag is Shellcode Injection. Like I said, it didn't alert me until an hour ago but under defense events it's listed as also happening at 11:43 last night. I believe windows ran something last night, can't remember what. I think it was a Windows virus scan or something, it wasn't Comodo that ran it.

I am currently running Comodo virus scan to see if anything is in there, but so far nothing. What's a vendor and how do I contact them to fix explorer.exe? Is this something to be concerned about? I'm decent with computers but I don't know a lot, so please keep that in mind.

Xhi · 19 May 2011

Try reseting IE to its defaults first. Tools > Internet Options > Advanced > Reset button. Are you running IE8 or IE9?

DanielC88 · 19 May 2011

I'm not sure which version I'm on, but I use FireFox to browse the internet, I never use IE.

Edit: I just ran Comodo, which found nothing, and Malwarebtyes, which found 34 spyware.onlinegames which have now been quarantined. Did it not do anything to my computer?

Carolyn · 20 May 2011

Please post the Malwarebytes' log. You can find the log in the Logs tab. The bottom most log is the latest.