One of the things about being an IT guy is that everyone asks for technical support. I have worked out a general understanding with my neighbors and friends that I will gladly help them with their technical support challenges, even making house calls, as long as they are willing to pay in the form of cookies, cakes, pastries, or other things that are probably not high on the recommended foods from the food pyramid.
Yesterday Kim called with a problem. She is running an 8 year old desktop computer. Pentium 3 with 896 MB of Ram. The operating system is Windows XP with SP3 and Kim is religious about updates and security. (To be honest I think that is how this machine has lasted as long as it has.) She explained to me that over the last week the box has been unable to complete its nightly virus scan or Windows Update checks. Each morning she is greeted with an error message about a system driver or service called LBD that is not found. This error occurs every time the machine starts up. Kim has done her research online and even figured out the basics of the event viewer to help her resolve the problem.
I headed over to her house to check it out.
I check the event viewer system logs and sure enough the culprit seems to be a missing driver that is trying to autorun during system startup. Error 7026. The driver is called lbd. I do a quick Bing check and find out that this is a know issue associated with Lavasoft’s AdAware product.
The Lavasoft forums discuss the registry location of the leftover keys when the application is uninstalled from some Windows Operating systems. I suppose I could go into the registry and simply delete them. However the OS is still looking for that driver, and more than likely other components of the now mostly uninstalled application.
This is really a combination of problems.
1. There is an application and or process in the autorun of this machine that needs to be removed.
2. The files and registry keys associated with the autorun entry are not actually in existence any longer.
Lucky for me, and Kim, and you too, there is a free tool that is second to none in providing insight, and control of the stuff that is starting on your operating system. To make matters even better the tool is free, and it runs on all Windows operating systems starting with Windows XP.
The tool is called Autoruns. While it sounds like a really bad intestinal disorder, it is one of my favorite tools to control what’s happening during that initial phase of a set of otherwise transparent Operating system operations after logon.
Autoruns is part of the Windows Sysinternals group of products. It comes in a graphical form and a command line form. When you run Autoruns it provides you a complete and filterable list of what’s automatically running on your system. The list is exhaustive and has the added benefit of a set of tools that you can use to make changes to the behavior of applications, drivers, processes etc.
I love this tool!
I loaded autoruns on to Kim’s computer and sure enough found the entries for Lavasoft. I deleted them, found the driver for lbd and deleted the reference. At this point I shut the machine down and restarted it. Clean boot! Event logs look good. I checked the antivirus schedule and made sure the Windows updates were in fact up to date.
Kim and I discussed the virtues of modern laptops and how amazing Windows 7 really is and then I headed back to the office.
The whole visit was 30 minutes and the problem was solved. The only thing pending is the payment. Perhaps pumpkin chocolate chip bread, or maybe homemade chocolate chip cookies. Whatever the form of payment the tools make the difference.
Autoruns is a must have tool for your toolbox.