troubleshooting Question

How do I get rid of the BO:Writable -or- the BO:Heap virus alert

Avatar of Steve Avery
Steve AveryFlag for United States of America asked on
Anti-Virus Apps
16 Comments1 Solution15357 ViewsLast Modified:
Problem:  I have a desktop PC that has contacted the BO:Writable BO:Heap virus alert ... and I can't seem to get rid of it.  I have tried many things, but all to no avail.

Scenario:  1. When the user tries to use the internet (IE 6), they get the following virus alert from McAfee:
                         Name: C:\Program Files\Internet Explorer\iexplorer.exe:KERNEL32.GetProcAddress
                         Detected As:     BO:Writable     BO:Heap
                         State:                Blocked by Buffer Overflow Protection
                 2. All other software works perfectly fine ... .no issues/problems ... only IE6 is the problem.

Current State:  1. Currently we have McAfee's Enterprise Solution 8.5i as our virus protection.  The patch
                            version is 5; scan engine is 5200.2160; dat version is 5303.0000; created on 05/26/08;
                            buffer overflow and access protection dat version is 354.
                        2. We are a Microsoft shop, so using another browser is not an option.

What I have done:  1. I have run a McAfee virus scan and nothing was found.
                               2. I installed Spy Sweeper and it found spyware but did not rid the PC of the 2 alerts.
                               3. I downloaded BitDefender and ran it ... it too found stuff but did not rid the PC of
                                   the above 2 alerts.
                               4. I installed Symantec's Endpoint Protection ... and that froze on me while running.
                               5. I have investigated experts-exchange and so far, "it seems" that things I have tried
                                   experts-exchange has suggested.

Other things:  1. The PC is a corporate controlled PC, so I can't change the buffer overflow protection.
                       2. I don't want to re-format the hard drive, but if I have to ... I have to.  Since the users can
                          get to their data, I may just copy the data to a memory stick and put it back on when the
                          hard drive is re-formatted and all software is re-installed ... again, I don't want to, but if I
                          have to I will.
                      3. However, I find this a challenge and I want to understand how to remove this message
                          in case it happens again on another PC.
                      4. I have been to McAfee's website and they do acknowledge that the above 2 alerts have
                          been found by McAfee's anti-virus software; however unless I missed it, McAfee did not
                          give a solution to rid the PC of the 2 alerts.

Thanks for your help.  
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 16 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 16 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros