Hi All, I have avast antivirus running, and Comodo firewall and defense+
I recently activated defense+, and since then, whenever I open any MS Word doc, then I get this warning from defense+ of “Shellcode injection attack due to possible Buffer overflow protection in spoolsv.exe”. When I terminate this process, all my printers are gone. Any clues ? Is it a virus / malware ?
I have following printers installed
- Canon ip1800
- MS ImageWriter
- MS XPSwriter
In this situation it is best to check for a possible virus infection just to be certain. There is some nasty malware out there these days that abuses a buffer overflow in Spoolserver. So before we are going to allow the alert it is best to make sure your computer is clean.
Follow What to do if you’re infected - eXPerience Rev.3 and report back.
There doesn’t seem at first sight to be a virus, but a serious problem with cis, spoolsv, and word:
For the record.I’d rather be safe than sorry.
Certainly, and the op should check.
But for my situation, i did: the only “malware” in it is defense+ attacking via ntvdm and spoolsv my printer as soon as i open word, and also from some other prining able applications (pdf…).