DefenseWall "shatter" in event log

Discussion in 'other anti-malware software' started by kvernick, Jan 12, 2007.

Thread Status:
Not open for further replies.
  1. kvernick

    kvernick Registered Member

    Joined:
    Jan 10, 2007
    Posts:
    6
    What is a the event type, shatter, listed under the DW event log? Eudora email client is listed as trying to talk to multiple processes it should probably have no honest business talking to. For example, listed under Eudora:
    Attemps to send message 3E0 into the window of the process C:\Program Files\Symantec Client Security\Symantec AntiVirus\VPTray.exe.​

    And many others, including explorer and apparently all the security programs. I think acrobat was doing something similar the other day.

    Should I be worried about this? If you google shatter attack, it doesn't sound good...
     
  2. toadbee

    toadbee Registered Member

    Joined:
    Nov 10, 2003
    Posts:
    123
    That's refferring to a "shatter attack"

    http://en.wikipedia.org/wiki/Shatter_attack

    I would assume most of what you are seeing is harmless, a process sending some sort of message to another process. If it is harmful, well DW has stopped it ;)
     
  3. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    This message is wildly used by meny programs, so, within the next, 1.74 version, this message number will be disconcontinued from blocking as shattered.
     
  4. kvernick

    kvernick Registered Member

    Joined:
    Jan 10, 2007
    Posts:
    6
    OK, that doesn't sound bad (probably). Thanks.
     
Thread Status:
Not open for further replies.