Need emergency help

Discussion in 'other anti-malware software' started by roark37, Jun 2, 2009.

Thread Status:
Not open for further replies.
  1. roark37

    roark37 Registered Member

    Joined:
    May 23, 2006
    Posts:
    190
    Hello to all,

    My laptop will not boot to Windows XP. It gets stuck in a loop where I get an error message about buffer overrun with winlogin over and over again. I am almost positive the issue is caused by an update to Superantispyware free. The reason I think so is that on the SAS forum there is a description of this exact problem and supposedly a recent update to SAS caused the buffer overrun message and problem. Plus I just tried to run SAS and got the message and then the next time I tried to reboot the current problem. I have never had any issues with this laptop before. Now on the SAS forum posters claim that the problem file just has to be renamed. They suggest doing this using a ubuntu live cd but I don't know how. I have used two live cd's, one for Puppy and one for PClinux and want to know if you can access the files on the hard drive while using a live cd and is it fairly easy. Also are there other options like using a XP rescue disk or something like that? I don't think I have one for the laptop but I have another XP cd that came with an older desktop and wondered if that could also work to fix a file or just to reboot to a prior configuration which would also be fine. Any recommendations or advice would be much appreciated.

    Also if I am right in what is causing the problem, would this be a fairly easy and quick repair for a computer tech/geek squad type? Would they have tools to easily fix something like this if the SAS update problem is all that it is?

    Thanks again.

    roark
     
  2. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
    Have you tried booting in to safe mode - tap F8 when booting starts (after the BIOS messages)

    This may allow you to delete SAS
     
  3. wat0114

    wat0114 Guest

    I agree with Retadpuss, as safe mode would be the easiest solution. However, using using a live Linux cd should also work, should safe mode not. I'm not sure about Ubuntu; I can vouch for PCLinux. It is easy after you burn the iso image to optical media, then boot from the cd. It is self-explanatory after that. Linux GUI is a bit different from Windows GUI, but you should be able to figure out how to access your Windows files once you're logged in with your Linux cd.

    Post questions if you need help.
     
  4. roark37

    roark37 Registered Member

    Joined:
    May 23, 2006
    Posts:
    190
    Thank you both for your help. I tried to boot into safe mode but it did not work.

    As far as using PCLinux I have the live cd for that but I have only used it once briefly. Can you access(and change) files on the hard drive using only the live cd? Or do you have to do a full install of PClinux? If you can access and change files on hard drive using only the live cd can you please offer some guidance as to how? Anything would be of help as I do not want to have to install fully if I can avoid it. All I want to do is change the name of one program file in superantispyware. Thanks again.

    roark37
     
  5. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    I'm not familiar with Linux - and I'm not sure whether Puppy and PCLinux will let you get into your Windows files (I thought they were installation rather than rescue disks...??)

    However, one way to avoid the Geek Squad option would be to d/l and purchase Macrium Reflect - this gives you access to a WinPE installer from which you can easily create a rescue disk that will definitely allow you to access your files and make deletions as required.

    When you boot from the disk, you get this menu (part shown):
    Capture.JPG

    There's also a "Fix Boot Problems" option, if your boot files have been burnt.

    I use this whenever I screw up my machine - only because it's very simple and easy to use - not because I'm a shill...

    I'm sure, however, there are other (probably free) ways to do this and someone smarter will offer a better way to do it.

    Anyway, hope this helps.

    philby
     
    Last edited: Jun 2, 2009
  6. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    If you, or someone you know and trust, could remove the drive and connect it to another PC, then you should be able to find that file and delete it, or rename it slightly which would stop it running.

    Hope you get it sorted whichever method you use.
     
  7. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    Told you! :oops: :)

    philby
     
  8. wat0114

    wat0114 Guest

    You have other good suggestions offered but since you have the PCLinux CD, here are some rudimentary instructions using the 2009 version (earlier versions should be similar):

    1. Power on pc and immediately open cd tray to place CD in then close. Hopefully it boots off the CD right away, otherwise just restart pc.
    2. Choose option: Live CD (may already be selected by default).
    3. The CD should load Linux and could take several minutes
    4. While it is loading, You may see at the bottom of screen: Booting system... press Esc for verbose mode but don't bother doing anything.
    5. Select: US keyboard
    6. At login screen, click on: root for username; password: root, <Enter>
    7. Double click the: My Computer icon
    8. Double click: Storage media
    9. There should be a drive (if you only have one) or several if you have your disk partitioned
    10. Find the one that has the installation of SuperAntispyware, which might be under C:\program files\SuperAntispyware
    11. Find the file that you need to rename or delete or whatever, right-click and do your thing.

    Just remember working off the live CD is a little slower than working off the hard drive as things go a little bit slower, but that should cause you no problems.

    Good luck and let us know the results if you choose this route.

    Also: be careful what you delete/rename. Take your time ;)

    Finally, there's nothing geeky about this; no need to be intimidated by Linux for this type of use.
     
    Last edited by a moderator: Jun 2, 2009
  9. roark37

    roark37 Registered Member

    Joined:
    May 23, 2006
    Posts:
    190
    Thank you so much wat0114 for your help. Your directions were excellent and I made it all the way to the end with no problems but it would not allow me to make any changes to the files. I tried to give myself permission by going into properties then permissions but that would not work either. Besides not allowing me to change the executable file I need to I also tried to rename a simple pdf file and that was not allowed either. I poked around and tried everything I could think of but I could not get it to allow me to change any file. Are you sure you can do so off the live cd? And I used root as my username and pw as you suggested but wonder if that has to be something else. Do you have any other recommendations? It is so frustrating to be so close but I am not sure what else to try but I would think there is a way in PCLinux as you were right in how easy it is to use(and fast to once it boots up). Would welcome any ideas.

    Thanks again for your and everyone's help.

    roark
     
  10. wat0114

    wat0114 Guest

    Hi roark,

    it looks like you've tried the right things, so I don't what's going on?? It looks to be a permissions issue for sure. Are you using the 2009 version of PCLOS or earlier? I have no problems whatsoever changing files, even executables.

    Please see my screenshot for the permissions you should have as a root user under Linux.

    To add: it is difficult to jog my memory, but I seem to remember encountering permissions issues with the 2007 version of PCLOS. No such problems with 2009.
     

    Attached Files:

    Last edited by a moderator: Jun 2, 2009
  11. Mosqu

    Mosqu Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    69
    Location:
    Germany
    If Windows hasn't shut down correctly, the NTFS file system may be marked as unreliable. And therefore Linux refuses to write on it. I guess, there is a way to force Linux to mount it with write access enabled - or maybe Linux could perform a fs-check, but I don't know how.
     
    Last edited: Jun 3, 2009
  12. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,127
    Location:
    USA
    .
    Do you have the original Windows XP CD you can boot the system with? If so you could try repairing XP from the recovery console, which basically means you can work in a command window to navigate the file system with admin privileges. You could also try a non-destructive repair if all else fails.
     
  13. wat0114

    wat0114 Guest

    Yes, this is another method that should work. You could try renaming the offending file from DOS, if that really is the problem. It does seem strange that safe mode doesn't work, leading me to believe the issue could be more serious than just a rogue file in SuperAntispyware, but I hope I'm wrong.
     
  14. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    If all else fails grab yourself a copy of UBCD4Win
    http://www.ubcd4win.com/

    There are a vast array of tools on there,some of which should be able to remedy your problem.

    My personal choice would be first to run 'regreswiz' located within the registry tools,this'll restore a previous registry state from System Restore.
     
    Last edited: Jun 3, 2009
  15. roark37

    roark37 Registered Member

    Joined:
    May 23, 2006
    Posts:
    190
    I was using PCLinux2007 so I am guessing that was the issue regarding not having permission to change files.

    I was finally able to solve the problem though. I went to the library and got a linux book, the Linux Bible I think it is called, that comes with many linux live cd's and I was able to rename the problem file using a live cd of Knoppix and then Windows rebooted fine and everything seems to be working normally as before. So the problem seems to be resolved and it must have been the issue I first described as that is all I changed.

    Thanks again to everyone for their help and suggestions, it is greatly appreciated.

    roark
     
  16. wat0114

    wat0114 Guest

    You are welcome roark and good work on resolving the problem! I'd have to say all the suggestions given to you regarding live CD's would work. Too bad the 2007 PCLOS CD would not readily access your files on Windows. The UBCD4Win is one I've used before. Great set of tools but creating the disk is a bit of a cumbersome process, unlike the simple burning of an iso for a Linux live cd. These CDs can be very handy as you just discovered for resolving issues similar to what you encountered.
     
  17. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    Yes that's the only downside to UBCD4Win,due to Microsoft licencing restrictions you have to compile it yourself.
     
Loading...
Thread Status:
Not open for further replies.