McAfee has automatically blocked a buffer overflow.
About this Buffer Overflow
However when I run a complete scan with McAfee Security Center nothing is found.
This occurs on both PCs where McAfee Security Center 9.15 is installed.
I have uploaded C:\WINDOWS\System32\svchost.exe to Virustotal.com and nothing was found.
I had Conficker virus on these machines, but I believe it was successfully removed, as indicated by McAfee and several other virus scanners.
I am not getting any of the usual conficker symptoms, and scanning my running processes with the University of Bonn Conficker detection tools finds nothing.
I have also run the McAfee Conficker S.t.i.n.g.e.r.exe program, which indicates that svchost.exe is in fact infected, but a scan of my machine using S.t.i.n.g.e.r.exe again finds nothing on any file on my hard drive.
Full scans with other tools such as Windows defender and Malicious Software Removal Tool also indicate nothing.
Again my PC is showing none of the usual Conficker symptoms. Only McAfee seems to see any sort of problem.
1. Is this an infection attacking svchost.exe, or could it be just a legitimate but buggy program running under svchost.exe ?
2. Could it be a problem with McAfee's buffer overflow detection?
3. If this is just a buggy program running in svchost.exe how does one find which application that is causing the problem?
4. There is a McAfee file called BufferOverflowProtectionLog.txt that I have heard about but do not see on my own PC. What application is supposed to generate this log?
5. I have tried to install different virus scanners such as AVG but most of them say that previously installed virus scanners (e.g. McAfee) would be problematic. Does that mean I have to uninstall McAfee in order to try other virus scanners?
6. Any help you can provide in finding and removing this problem would be greatly appreciated.
Edited by GerryMarkham, 10 September 2009 - 11:16 AM.