Author Topic: explorer.exe  (Read 8048 times)

Offline Flate

  • Comodo Member
  • **
  • Posts: 36
explorer.exe
« on: April 01, 2009, 08:15:00 AM »
I guess this is a kind of noob question, but explorer.exe has been blocked 3 times only today by the memory firewall (see attached screenshots for attack dilates) while I was uninstalling some programs (my parents and little brother's computer.. more then 300 gigs of programs we barly use..)

Is this a FP that I should let pass or is there a rather large problem on my computer?

Edit: and if it matter, my specs are:

OS: Windows vista 32bit SP1.
ram: 2gig
Possessor: Intel core 2quad Q6600 (2.40GHz.)
Security programs: Trend micro internet security, malwarebytes antimalware, superantispywere free edition, CMF.

[attachment deleted by admin]
« Last Edit: April 01, 2009, 08:21:21 AM by Flate »
I apologize my poor English.

Online EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25283
Re: explorer.exe
« Reply #1 on: April 14, 2009, 11:05:30 AM »
CIS has detected a buffer overflow. Buffer overflows get exploited by malware. Assuming your system is clean you can allow to execute explorer.exe.

I see you are also using Trend Micro Suite. Is the firewall enabled? Please consider disabling it when using CIS. Two firewalls can produce unpredictable results.

Offline John Buchanan

  • "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well armed lamb contesting the outcome of the vote." ~ Benjamin Franklin
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6683
  • Personal Dragons can be defeated. Improve yourself
Re: explorer.exe
« Reply #2 on: April 14, 2009, 12:52:50 PM »
Also, CMF is not required as it is included with CIS 3.8 (Shellcode Injection).
Please follow Comodo Forum Policy

Bah! Ban 'em all! The only good member is a banned member
And a member is just a policy violator who hasn't been caught yet. >:-D

Offline Flate

  • Comodo Member
  • **
  • Posts: 36
Re: explorer.exe
« Reply #3 on: April 14, 2009, 03:21:35 PM »
Hi, and thank you for the help :) I use CIS on my own computer, but the computer this happened on was my parents, and they use Trend Micro. I don't really trust TM, but I know my parents (and little brother) wont be able to answer ANY of the defense+ alerts, which I why I don't force it on them. But reading more while I waited for the replay, and also biased on yours replay, I guess to kill whatever explorer.exe did was the right decision :)
I apologize my poor English.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek