Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Shellcode Injection

19 May 2011   #1

Windows 7 Home Premium x64
Shellcode Injection

About an hour ago I did an error check on my C drive. I had to restart my computer to do it and after it was done and I had logged back in Comodo Defense had blocked the application explorer.exe. I wasn't browsing the internet in FireFox yet. It said "this is typical of a buffer overflow attack". It said it isolated explorer.exe from the rest of the system and will continue to do so unless I skip the alert but it is strongly recommended that I close the application and contact with it's vendor for a fix. So, I hit terminate and here I am.

Now what? Nothing happened when I hit terminate. Under defense events it says the application is C:\windows\SysWOW64\explorer.exe and the flag is Shellcode Injection. Like I said, it didn't alert me until an hour ago but under defense events it's listed as also happening at 11:43 last night. I believe windows ran something last night, can't remember what. I think it was a Windows virus scan or something, it wasn't Comodo that ran it.

I am currently running Comodo virus scan to see if anything is in there, but so far nothing. What's a vendor and how do I contact them to fix explorer.exe? Is this something to be concerned about? I'm decent with computers but I don't know a lot, so please keep that in mind.

My System SpecsSystem Spec
19 May 2011   #2

Windows 7 Ultimate 64-bit / Ubuntu Linux 11.04

Try reseting IE to its defaults first. Tools > Internet Options > Advanced > Reset button. Are you running IE8 or IE9?
My System SpecsSystem Spec
19 May 2011   #3

Windows 7 Home Premium x64

I'm not sure which version I'm on, but I use FireFox to browse the internet, I never use IE.

Edit: I just ran Comodo, which found nothing, and Malwarebtyes, which found 34 spyware.onlinegames which have now been quarantined. Did it not do anything to my computer?
My System SpecsSystem Spec

20 May 2011   #4

Windows 7 Ultimate 64 bit

Please post the Malwarebytes' log. You can find the log in the Logs tab. The bottom most log is the latest.
My System SpecsSystem Spec

 Shellcode Injection

Thread Tools

Similar help and support threads
Thread Forum
Low-Level Code Injection
Is there any conflicts or protection with/for Low Level Code Injection into processes? Also, turning off DEP is the same as it was on vista correct? Thanks, Dante
System Security
Ghost Injection
Hey just read this. " Epic exploited two holes in windows 7 to gain access via a ghost remote injection and crash allowing complete control of the kennel will be releasing the two zero days in a few weeks once I've had my fun." Think it is possible.
System Security
Malware Injection Surprise
I use Kaspersky Internet Security 2010. They claim that all third party programs interfere with its detection somehow. I have Malwarebytes' Amti-Malware on my HP and ran it yesterday. It found a little over 7 pieces of malware that Kaspersky never blocked. Only one was in my Temporary Internet...
System Security
shellcode injection - buffer overflow atack
Hey guys, I wanted to share this with you and hear your suggestions/opinions about this: "In computer security, a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called "shellcode" because it typically starts a command shell from...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 16:37.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App