=========================================== McAfee has automatically blocked a buffer overflow. About this Buffer Overflow File: C:\WINDOWS\System32\svchost.exe ===========================================
However when I run a complete scan with McAfee Securuty Center nothing is found.
This occurs on both PCs where MSC 9.15 is installed.
I have uploaded C:\WINDOWS\System32\svchost.exe to Virustotal.com and nothing was found.
I had Conficker virus on these machines, but I believe it was successfully removed, as indicated by McAfee and several other virus scanners.
I am not getting any of the usual conficker symptons, and scanning my running processes with the University of Bonn Conficker detection tools finds nothing.
I have also run the McAfee Conficker S.t.i.n.g.e.r.exe program, which indicates that svchost.exe is in fact infected, but a scan of my machine using S.t.i.n.g.e.r.exe again finds nothing on any file on my hard drive.
Full scans with other tools such as Windows defender and Malicious Software Removal Tool also indicate nothing.
Again my PC is showing none of the usual Conficker symptoms. Only McAfee seems to see any sort of problem. This is making me think this is a false alarm and I would like to know what can be done about it.
I have exactly the same problem, we had many computers who were infected by conficker but everything is clean now (according to McAfee Enterprise 8.7.0i and the Microsoft Malicious software removal tool). Now some computers also show the same message as Gerry's. Our ePolicy 4.5.0 shows svchost.exe as the thread source and _:kernel32.loadlibraryA as the "Threat target file path".
Hi Ex_brit, thanks for your response. The post you pointed out indicates that most crashes and errors dealing with buffer overflows in Windows will come from an outside source aka a Third Party application or plugin.
Some questions that come to mind are:
1. Do you have any suggestions on methods to find the source of the error (i.e. which program or process is causing the buffer overflow) ?
2. Can you tell me what McAfee program generates the BufferOverflowProtectionLog.txt log that I have read about?
3. Is there a way to turn off the Buffer Overflow detection specifically while leaving the other virus detection facilities in place?
Basically these things shouldn't occur if Windows is kept totally up to date with both critical and non-critical updates plus you keep software, driver etc. up to date, expecially Java, Flash and suchlike.