?
Solved

How do I rectify buffer overflow related message everytime on Xp notebook?

Posted on 2009-05-10
8
Medium Priority
?
2,567 Views
Last Modified: 2013-12-09
Hi there,
Every time, I boot my notebook there is a BO heap, buffer overflow message, which I ve no luck trying to clean/delete via my AV client- McAfeeVirusScanEnterprise8_5_0i
ow to overcome these buffer-overflow messages?

I'm also unable to initiate a windows update via web browser INternet Explorer.
Attached system specs and AV BO heap messages.
Kindly advise how to circumvent this issue, apart from formatting the notebook..
Awaiting earliest reply.Thank you


sysprops.JPG
McAfeeVirusScanEnterprise8-5-0i.JPG
0
Comment
Question by:juggernaut78
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 

Author Comment

by:juggernaut78
ID: 24349139
The MCafree related BO heap messages read as:

"Name: "  C:\windows\system32\services.exe:ADVAPI32.RegOpenKeyA
 
"Detected as:" BO: Writeable BO: Heap
 
"Application:" C:\Windows\system32\service.exe
0
 
LVL 3

Expert Comment

by:flopez235
ID: 24349574
According the McAfee KB, this is a valid BO occurring when a process is trying to utilize the MSJAVA.DLL.  It says if you have DEP turned on, DEP will block this from occurring and McAfee will not detect this.

However, after a google search of your BO issue, read the following:
http://www.geekstogo.com/forum/NTOSKRNL-HOOK-and-USB-port-not-recognize-any-Ext-storage-t234449.html

Hope this helps.


0
 

Author Comment

by:juggernaut78
ID: 24361048
Thank you for your prompt reply flopez235, but I'm still not able to solve this issue.
 
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
LVL 3

Expert Comment

by:flopez235
ID: 24365507
Buffer Overflow errors occur because there is program trying to overload the buffer to execute code as a result.  In this instance, your error is pointing to ADVAPI32.DLL trying to access a registry entry.  This has caused McAfee to respond by stopping it because it is happening during a buffer overflow and not regular operation.  

This usually points to malware in your system.  I would try running online AV scans from other vendors like Kaspersky or Bit Defender to check your system using other AV engines.

If you get nothing from the scans, try reinstalling McAfee.  If that still doesn't work, try doing a repair install on your system.  Maybe you did have malware at one point and this file just needs to be repaired.

Try these out and let me know if one works for you.
0
 
LVL 16

Expert Comment

by:legalsrl
ID: 24436785
OK, lets approach this logically....

First can you download and install HiJackthis from http://www.hijackthis.de and then run it, Do a System Scan and post the logfile as an attachment (or a link to the results) here and let me have a look at it.

We'll get it sorted......

Cheers
Si
0
 

Author Comment

by:juggernaut78
ID: 24630440
Thanks all, this one sorted now by disabling system restore, running a scan and removed virus.Then enables system restore in Windows Xp again.
Also had done all the latest Windows XP related system updates.that helped.
0
 

Accepted Solution

by:
ee_auto earned 0 total points
ID: 24847189
Question PAQ'd, 125 points refunded, and stored in the solution database.
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some site administrators might be considering how to filter incoming traffic to a site by identifying the domains or networks of the traffic source, in the same way that a spam filter does on an email server, such as blocking all emails sent from th…
PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question