Help me troubleshoot a laptop

Muzman on 2/5/2010 at 15:57

Or, you know, don't. But read a bit first at least.

I got an aquaintance's laptop to fix up. It was loop-booting and they couldn't fix it. Someone told them it was a virus (everyone's fave catch-all explanation for everything these days) and they'd need to call the doc, probably lost everything etc. I suggested it probably wasn't the case. I get to try and fix it since I'm so smart.

It's a Dell Inspiron 1525 running vista home premium. The crash/reboot actually came after log-in, which was odd. I have almost no experience with vista but it seemed like some corrupt file somewhere, so I ran some Dell diagnostic. It found nothing, but I suspect rewrote whatever log/thing was corrupt and now it boots. Yay.

I did a big virus scan with a couple of different things and it got a clean bill there too.
There's still some odd problems though. Help and support doesn't load for some bizarre reason. Various programs are also quirky too. The most glaring thing though is that all of the network related drivers don't work. Ethernet, wireless, ISATAP, 1394; everything in the networking section of device manager couldn't load.

I ran system file checker in safe mode (since I couldn't get to the command line in administrator mode normally). It says it found some stuff it couldn't fix. I don't know if that means anything.

So, what do you reckon I should do next?

I don't want to do a reinstall if I don't have to. Normally I'd delete all the offending drivers and see if they come back by themselves, but it won't let me. I'm assuming this is a privledges thing (I don't know much about that either). So next I was going to grant myself Admin status and try these things again.

If wiser folks can a see a flaw in this plan or a better method of proceeding, do tell.

bikerdude on 2/5/2010 at 20:19

Quote Posted by Muzman

I don't want to do a reinstall if I don't have to.

Something, a virus or otherwise has corrupted a number of windows system files, so unfortunatly this is going to be the best option, as trying to find exactly what is will take ages if at all and only serve to annoy... So just back up the entire contents of the hard drive and reinstall windows and any other apps your friend had installed. The total rebuild time should be about 3-4hrs.

ps. what virus checker did you use to check the laptop.?

The Gnat on 3/5/2010 at 00:08

The only other thing I would add (and I agree with Bikerdude that this smacks of virus/trojan corrutption) is run a full harddrive diagnostics. Find the make of the harddrive and utilize the manufacture's utility rather than Dell's.

lost_soul on 3/5/2010 at 01:41

You could also try using the windows system restore feature to restore things to a previous date. That might help.

If the system is infected though, the only way to be *completely* sure the malware is gone is to nuke the installation from orbit and re-install.

TBE on 3/5/2010 at 05:48

Muzman, sounds like a virus or hacked registry problem. Hard to detect if you're installing virus protection after you're already having problems.

I'd recommend you reinstall Windows Vista. If you no longer have the DVD for it, send me a PM, and I'll tell you how to deal with that.

If you want admin status, try this. When computer is first turned on, hit F8 key. This will give you option for Safe Mode. Pick that. Then there will be a logon screen which will usually have Administrator, and any other users of that PC. 99% of people don't install a password for the Administrator when they install Windows, they just hit enter. So you'll be in Admin after clicking on that link. See if you can manipulate the user accounts on the computer to be Admin for everything. This is the way to break into people's computers on XP, by the way. So if you're running Windows XP, ALWAYS HAVE A PASSWORD FOR YOUR ADMINISTRATOR ACCOUNT.

Like most people said, this is usually the long way to fix things. A new install takes a couple hours at best. A hide and seek problem like this can take weeks to fix. I have all my data on a separate hard drive from my OS, and it's also backed up on an external drive just in case. A reinstall of Windows for me is painless. Except for all my Steam games I have to re-download :(

Muzman on 3/5/2010 at 09:25

Thanks folks.

Hmm, frustrating.

Quote Posted by Bikerdude

ps. what virus checker did you use to check the laptop.?

AVG at various strengths. It only found tracking cookies when I turned everythng on. I spose now I'll hear how it's weak sauce and trojans have probably been running rampant on my machine for ages.

I just did malwarebytes as well and that did turn up some program and registry keys. Maybe that's the culprit.

Looks a little like this:
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\00625215 (Rogue.Multiple)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\00625215 (Rogue.Multiple)
C:\ProgramData\00625215 (Rogue.Multiple)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool)

I don't know if that means anything to anybody.

Another suspicious thing I've noticed is the windows firewall is off and I can't turn it on. So that's probably a bad sign too.

There's this backup partition of about 4gigs which I'm not too sure what to do with. I think that's a Dell thing. I am a bit leery about stepping back or a full rebuild or anything too drastic like that. I'm not sure what these folks' backup situation is at home. Ways of backing up externally are a bit short at the moment (what with no ethernet). I do have the Vista disk

So I was thinking this: Do an internal back up, make an admin account , attempt a repair installation.
Would that be the thing? (I haven't actually checked what reinstall options there are yet, but hey)

Vipercat on 3/5/2010 at 13:32

I have had the exact same problem but with an Asus laptop and vista, There is a registry tweak that stops Vista from automatically rebooting when it finds an error and allows you to continue to try to solve the problem (mine was a faulty battery monitor dll). I cant remeber what it was exactly but all I did was a search on vista rebooting and how to stop it
If I find where the answer was ill post it here

bikerdude on 3/5/2010 at 13:43

AVG misses a lot of stuff, which is why your friend laptop has been infected. The Malwarebites scan show a confirmed infection of some sort.

The 4Gb backup partition is where the Dell restore image is kept, to use you'll need the dell restore CD. But before you do this you shoudl make a backup of any data.

The Gnat on 4/5/2010 at 03:58

Also agree about AVG. I am on a TechForum where I read minidump files after a BSOD and we've lost count on the number of times AVG misses infections on a system let alone prevents them.

Malwarebytes and SuperAntispyware are two of the best out there and both Avast and Avira have great free antiviruses.

Muzman on 4/5/2010 at 19:52

Yeah, it's only really good for viruses and trojans I guess. It's served me fairly well, but horrid malware does get past it. There's other things for that.
AVG and Malwarebytes were my additions to the laptop, only because I'm familiar with them really. The laptop already has Windows Defender, MacAfee, Norton and Spyware doctor and apparently that wasn't enough.

Anyway, I ve hit some snags. The drive checked out ok with check disk. I used Western Digital's utils as well but the only has some basic SMART checking things which apparently aren't very good..
I would do a backup but when I try to use the vista back up it says it needs task scheduler to be running. When I try to run task scheduler it says it is unable to start. I'm unable to do a brute force mirror drive sort of back up thanks to not enough spare space and networking.
I also found that if you try to reinstall wondows it says it can't because Winsetup.dll couldn't load. So, if and when I try it it'll have to be from boot I suppose.

I'm getting that a lot lately, things not working because of no given reason or a corrupt file. That would confirm what you guys are saying about the install being shot to bits.

What I think I'll do is go back a restore point and see what happens. Then try a reinstall if no joy there. (how far ack to restore it is an interesting one. She said it had been out of action a week, but it shows restore points for a few days before I was given it. hmmm)

cheers for all the tips .