Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

ISASS.EXE, MDM.EXE, eating resources and freezing! [Solved]


  • This topic is locked This topic is locked

#31
Stang5Liter

Stang5Liter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
CompCav, I think you may have misunderstood me. The only time I get that particular error is when I choose to try to run the recovery console instead of booting into windows XP normally. The reason I brought it up is if/when I do ever need to use it, the files are corrupted and it would be useless to me at that point. Then I am looking at having to reimage the HDD and losing all of my info.
  • 0

Advertisements


#32
Stang5Liter

Stang5Liter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
OK, CHKDSK just finished and it said the file volume is clean and then rebooted. Does it not generate a file report or log for reference?
  • 0

#33
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Yes it does.

Click Start >> Control Panel >> Performance and Maintenance >> Administrative Tools


A window will open, click on Event Viewer >> Application

Look in the source column for and click Winlogon

A window opens and it has an up arrow, down arrow, and copy button.

Click the copy button

Paste it in your next reply!

Regards,

CompCav

  • 0

#34
Stang5Liter

Stang5Liter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
Event Type: Information
Event Source: Winlogon
Event Category: None
Event ID: 1001
Date: 3/28/2012
Time: 7:18:04 PM
User: N/A
Computer: D2WWDTJ1
Description:
Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.

A disk check has been scheduled.
Windows will now check the disk.
Cleaning up minor inconsistencies on the drive.
Cleaning up 1061 unused index entries from index $SII of file 0x9.
Cleaning up 1061 unused index entries from index $SDH of file 0x9.
Cleaning up 1061 unused security descriptors.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.
The upcase file content is incorrect.
Correcting errors in the uppercase file.
Windows has made corrections to the file system.

312472282 KB total disk space.
116075704 KB in 108403 files.
39396 KB in 19248 indexes.
0 KB in bad sectors.
243270 KB in use by the system.
65536 KB occupied by the log file.
196113912 KB available on disk.

4096 bytes in each allocation unit.
78118070 total allocation units on disk.
49028478 allocation units available on disk.

Internal Info:
10 08 02 00 ae f2 01 00 1a e8 02 00 00 00 00 00 ................
18 02 00 00 04 00 00 00 a1 08 00 00 00 00 00 00 ................
f4 d1 3c 0c 00 00 00 00 7e da e3 54 00 00 00 00 ..<.....~..T....
00 57 a6 16 00 00 00 00 88 7f a9 9c 07 00 00 00 .W..............
90 b4 ba db 06 00 00 00 da 48 60 fa 0e 00 00 00 .........H`.....
99 9e 36 00 00 00 00 00 a0 38 07 00 73 a7 01 00 ..6......8..s...
00 00 00 00 00 e0 b2 ac 1b 00 00 00 30 4b 00 00 ............0K..

Windows has finished checking your disk.
Please wait while your computer restarts.


For more information, see Help and Support Center at http://go.microsoft....ink/events.asp.
  • 0

#35
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Step 1.

Click Start > Run

Type sfc /scannow then click OK

Allow it to run, it should take several minutes. If it asks for your Windows CD then place it in your CD druve and press retry. If you do not have the CD just hit retry until it continues on.


Step 2.

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Run ESET Online Scan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
  • ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


Step 3.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 4.

Please post:

eset log
checkup.txt


Please give me an update on the computer's performance
  • 0

#36
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Are you getting the error after you select:

Microsoft Windows Recovery Console

or is it at the Dell splash screen when you press <Ctrl><F11>??

Regards,

CompCav
  • 0

#37
Stang5Liter

Stang5Liter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

Are you getting the error after you select:

Microsoft Windows Recovery Console

or is it at the Dell splash screen when you press <Ctrl><F11>??



Microsoft Windows Recovery Console
  • 0

#38
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
OK go ahead and run the tools in Post #35.

Regards,

CompCav
  • 0

#39
Stang5Liter

Stang5Liter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
[email protected] as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=80ed32c0c4d9ee46b211c57f394d9be8
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-03-29 09:54:00
# local_time=2012-03-29 04:54:00 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1280 16777175 100 0 7261797 7261797 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=108995
# found=0
# cleaned=0
# scan_time=2886
  • 0

#40
Stang5Liter

Stang5Liter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
Results of screen317's Security Check version 0.99.32
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
ESET Online Scanner v3
Kaspersky Internet Security 2012
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Spybot - Search & Destroy
SUPERAntiSpyware
Secunia PSI (2.0.0.4003)
CCleaner
Java™ 6 Update 31
Adobe Flash Player 11.1.102.63
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (11.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
JB Desktop Malware Tools SecurityCheck.exe
Kaspersky Lab Kaspersky Internet Security 2012 avp.exe
``````````End of Log````````````
  • 0

Advertisements


#41
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Thanks for the logs, I will prepare the next steps based on these results.

Regards,

CompCav
  • 0

#42
Stang5Liter

Stang5Liter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
Does it make any difference if I still have diagnostic services tab in MSCONFIG checked and not the full system services activated? I stated that in my first post and I'm not sure when to turn it back on since the computer is much more stable now.
  • 0

#43
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts

Does it make any difference if I still have diagnostic services tab in MSCONFIG checked and not the full system services activated?


Please uncheck the diagnostic services tab and reboot with full system services activated,


Step 1.

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

Uninstall all previous versions.
Download the latest version from: http://www.adobe.com.../readstep2.html

If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.


Step 2.

We need to reinstall your recovery console.

If you have the Windows XP install CD

To install the Recovery Console on your hard drive, follow these steps:

1.Insert the Windows XP CD into your CD-ROM drive.

2.Click the Start button.

3.Click the Run menu option.

4.In the Open: field type X:\i386\winnt32.exe /cmdcons , where X is the drive letter for your CD reader, and press the OK button. An image of this step can be found below:
Posted Image

5.After pressing the OK button a setup window will appear similar to the one below.
Posted Image


Simply press the Yes button to continue with the installation of the Recovery Console. The setup program will then attempt to do a Dynamic Update to make sure you have the latest files as shown below.
Posted Image


Simply allow it to continue and then when it is finished, you will be presented with a screen similar to the one below telling you so.
Posted Image






6.Press the OK button and remove the CD from your computer.
Now when you start your computer you will have an option to start the Recovery Console.


If you do not have a Windows XP CD

In many computers, there is an i386 directory in the WINDOWS directory on their WinXP partition. This folder is I identical to the i386 dir on the cd. As a result, the command D:\i386\winnt32.exe /cmdcons, which is used to install the recovery console off the CD, can simply become C:\WINDOWS\i386\winnt32.exe /cmdcons for the rest of us.

Open the RUN dialog (windows key + r) and type:

%windir%\i386\winnt32.exe /cmdcons

If you get a message that says something about not being able to upgrade before the installation started, click OK and continue.

If your i386 directory is in the root of your hard drive instead of under Windows open the Run dialogue and type:

C:\i386\winnt32.exe /cmdcons



Step 3.

Reboot your computer and enter the Recovery Console to verify the error is gone.


Please update me on this error and how the computer is running now
  • 0

#44
Stang5Liter

Stang5Liter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
So I went back into MSCONFIG and enabled all drivers and services to load and the computer locked up to the point that I could not even bring up task manager via CRTL-ALT-DELETE etc. So I powered down and booted into safe mode and got back into MSCONFIG and selective services and startup and I am back up but something nasty is going on in the start up group. Also, I haven't had Adobe 9.X for quite sometime now; at least for a year now. Been on Adobe X and running it ever since. Maybe that is where the security hole is open but there are no icons available and it is not an option in the program files. Where do we go from here? :ranting:
  • 0

#45
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Step 1.


Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under the Custom Scan box paste this in
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    C:\Windows\assembly\tmp\U\*.* /s
    C:\Program Files\Common Files\ComObjects\*.* /s
    C:\windows\*. /RP /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs


Step 2.


Please post:

OTL.txt



What issues are you experiencing?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP