Anonymous_User Absent Member.
Absent Member.
2733 views

buffer overflow

Have a user w/ weird **** going on w/ her laptop. Running really slow
& sophos reports explorer.exe is causing a buffer overflow.

Sometimes things like excel & word will cause the same issue.

Machine is *really* slow. Sophos scan found nothing, McAfee scan found
nothing, malwarebytes scan found nothing.

Machine had been reloaded from scratch a week or 2 ago.

Suggestions?

Labels (1)
0 Likes
29 Replies
adrockk Frequent Contributor.
Frequent Contributor.

Re: buffer overflow

Bad HD? Memory? I'd run a long fsck or scandisk on the thing first, then find a
util to check the mem.
--



Stevo spewed:

> Have a user w/ weird **** going on w/ her laptop. Running really slow
> & sophos reports explorer.exe is causing a buffer overflow.
>
> Sometimes things like excel & word will cause the same issue.
>
> Machine is really slow. Sophos scan found nothing, McAfee scan found
> nothing, malwarebytes scan found nothing.
>
> Machine had been reloaded from scratch a week or 2 ago.
>
> Suggestions?


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow

Whip out your bootable CD OS - ubcd4win or a live Linux. Scan from
there, plus you'll find/eliminate hardware issues pretty quickly.

Stevo wrote:

> Have a user w/ weird **** going on w/ her laptop. Running really slow
> & sophos reports explorer.exe is causing a buffer overflow.
>
> Sometimes things like excel & word will cause the same issue.
>
> Machine is really slow. Sophos scan found nothing, McAfee scan found
> nothing, malwarebytes scan found nothing.
>
> Machine had been reloaded from scratch a week or 2 ago.
>
> Suggestions?

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow

Stevo wrote:
> Have a user w/ weird **** going on w/ her laptop. Running really slow
> & sophos reports explorer.exe is causing a buffer overflow.
>
> Sometimes things like excel & word will cause the same issue.


Sounds like a misbehaving shell extension -- typically something that
provides thumbnails / additional file details, or context menu items --
if one of those runs off the end of a buffer, it'd be quite feasible
for it to crash either Explorer (if it was triggered from a folder
window / Start menu / etc.) or an application (that uses a shell common
dialog, like Open or Save As).

In fact, I think something on my machine is doing just that at the
moment...

Might be worth looking at something like Autoruns to see if anything
related to any apps installed on the box has registered itself as a
shell extension?

--
Regards,
Ben A L Jemmett.
http://flatpack.microwavepizza.co.uk/
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow


> Suggestions?
>



Uhhhhh.....fdisk?


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow

Craig blathered something to the effect:

> Uhhhhh.....fdisk?


I'm thinking it's headed that direction, again.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow

Ben A L Jemmett blathered something to the effect:

> Might be worth looking at something like Autoruns to see if anything
> related to any apps installed on the box has registered itself as a
> shell extension?


Ok, where/how would one check that? This thing will even act weird
when it's just booted up sitting at the desktop. Double click My
Computer, it goes wonky.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow

£Jim blathered something to the effect:

> Whip out your bootable CD OS - ubcd4win or a live Linux. Scan from
> there, plus you'll find/eliminate hardware issues pretty quickly.


Think I'll try that shortly, ran chkdsk & a bootable memory test, all
looks good there.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow

Adam Gabriel blathered something to the effect:

> Bad HD? Memory? I'd run a long fsck or scandisk on the thing first,
> then find a util to check the mem.


Both came up w/ no errors.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow

I'm surprised nobody else suggested it. 🙂


"Stevo" <steveSPAM@LESSccgov.net> wrote in message
news:xtmOl.8398$s8.8296@kovat.provo.novell.com...
> Craig blathered something to the effect:
>
>> Uhhhhh.....fdisk?

>
> I'm thinking it's headed that direction, again.



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow

Craig blathered something to the effect:

> I'm surprised nobody else suggested it. 🙂


Yeah, me too!
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow

Stevo wrote:
> Ben A L Jemmett blathered something to the effect:
> > Might be worth looking at something like Autoruns to see if anything
> > related to any apps installed on the box has registered itself as a
> > shell extension?

>
> Ok, where/how would one check that?


Grab Autoruns from:

http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

.... and see what shows up on the Explorer tab. Uhm. Just tried that
here and a whole /load/ of stuff shows up, which makes life unpleasant;
I would try ticking the "Hide Microsoft and Windows Entries" on the
Options menu and refreshing to narrow it down a bit.

You should be able to untick options to see if removing any of them
improves stability, but since it's a bit trial-and-error you'll either
need a lot of patience or end up reformatting anyway 😕

> This thing will even act weird when it's just booted up sitting at
> the desktop. Double click My Computer, it goes wonky.


Yeah, that sounds like it's probably something hooked in trying to
provide extra services and failing -- if it affects My Computer I'd
probably suspect stuff on the Explorer and Internet Explorer tabs in
Autoruns first.

Good luck!

--
Regards,
Ben A L Jemmett.
http://flatpack.microwavepizza.co.uk/
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow

You don't suppose they've tired of the joke?
"Stevo" <steveSPAM@LESSccgov.net> wrote in message
news:w7nOl.8407$s8.6353@kovat.provo.novell.com...
> Craig blathered something to the effect:
>
>> I'm surprised nobody else suggested it. 🙂

>
> Yeah, me too!



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow

Craig blathered something to the effect:

> You don't suppose they've tired of the joke?


I highly doubt that, knowing this bunch
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: buffer overflow

Ben A L Jemmett blathered something to the effect:

> Good luck!


Thx for the suggestions!
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.