Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    The Week in Ransomware - April 20th 2018 - Reveton Charges, GandCrab, and More

Featured Deal: Get 96% off the MCSA SQL Server Training Deal

Photo

Shellcode Injection ???

Started by hhill , Apr 15 2009 01:56 PM

  • Please log in to reply
No replies to this topic

#1 hhill

hhill

  • Members
  • 2 posts
  • OFFLINE
    •  
  • Local time:02:47 AM

Posted 15 April 2009 - 01:56 PM

Asus EEE Celeron M 900 1G
Windows XP Home Ed. 2002 SP2
Comodo Firewall, Avira AntiVir
Firefox 3.0.3

I downloaded a real player install from a very well known site in the uk to get live sports radio online... During installation, Comodo firewall continuously gave me warnings that realplay.exe was trying to control a bunch of my processes and tried to access memory. I have read about real player being badware so I allowed the firewall to continue assuming that it was 'normal'.. Since I only needed the player for a few hours I uninstalled it. 1 day later, while browsing, Firefox stopped reacting to the mouse and opened a few unrelated new windows. PC didn't react for about 10sec until Comodo gave me a shellcode injection warning from AcroRd32 .exe - that I blocked - thus isolating AcroRd32.exe. There were no adobe progs running or pdf links clicked at the time. I remember some real player trying to control AcroRd32.exe during install so I imagine it might be related.
Please help me on this 1, I usually reinstall the whole PC when there's a problem but I'm not sure if that's necessary now.

Thank you!

BC AdBot (Login to Remove)

 

Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·