I guess this is a kind of noob question, but explorer.exe has been blocked 3 times only today by the memory firewall (see attached screenshots for attack dilates) while I was uninstalling some programs (my parents and little brother’s computer… more then 300 gigs of programs we barly use…)

Is this a FP that I should let pass or is there a rather large problem on my computer?

Edit: and if it matter, my specs are:

OS: Windows vista 32bit SP1.
ram: 2gig
Possessor: Intel core 2quad Q6600 (2.40GHz.)
Security programs: Trend micro internet security, malwarebytes antimalware, superantispywere free edition, CMF.

[attachment deleted by admin]

CIS has detected a buffer overflow. Buffer overflows get exploited by malware. Assuming your system is clean you can allow to execute explorer.exe.

I see you are also using Trend Micro Suite. Is the firewall enabled? Please consider disabling it when using CIS. Two firewalls can produce unpredictable results.

Also, CMF is not required as it is included with CIS 3.8 (Shellcode Injection).

Hi, and thank you for the help :slight_smile: I use CIS on my own computer, but the computer this happened on was my parents, and they use Trend Micro. I don’t really trust TM, but I know my parents (and little brother) wont be able to answer ANY of the defense+ alerts, which I why I don’t force it on them. But reading more while I waited for the replay, and also biased on yours replay, I guess to kill whatever explorer.exe did was the right decision :slight_smile: