BSOD problem - 7-step removal results

Jun 7, 2011
  1. Hi I recently posted in the BSOD section requesting help. The computer had occaional BSODs and even existed after a factory default reset. I was told to do the 7step virus removal thing in this forum. I have completed and here are the results.

    Mbam log:

    Gmer file is empty. there was nothing there.


    Attachment file:

    Any help will be appreciated. Recently it has been happening a lot and now I have to run this in safe mode.
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Give me a few minutes to check your other thread, then I'll review your logs.

    BTW, in case I forget, you do not need to put the logs in quotes. It looks nice but it actually cuts down in the available space for the log.
  3. AJLEO

    AJLEO TS Rookie Topic Starter

    Yea ok thanks. I did use the quotes just to make it easy to read and differentiate lol. Anyways thanks for helping sir.
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    1. If you do a factory reset and put the same programs back on the system, you may not accomplish anything.
    2. If you do a factory reset and the problem is hardware, you will accomplish nothing.

    The point being sending a system back to 'out of the box' isn't going to do anything if everything remains the same!

    You are running both Norton Internet Security and Avira. The means 2 antivirus programs: Timeline:
    2011-05-20 19:51:34 -------- d-----w- C:\Program Files (x86)\Avira
    2011-06-03 10:24:27 -------- d-----w- C:\Program Files\Symantec
    They are both loading. But some of the Norton/Symantec files appear to be missing.
    Norton doesn't play well with any other program trying to do the same job>>>
    So either uninstall Norton>> Norton Removal Tool
    Or uninstall Avira>> To uninstall Avira:
    • Start> Settings> Control Panel> Add or Remove Programs (Windows 2000/ XP) or Start - Control Panel - Uninstall a program (Windows Vista / 7)
    • Wait for the list of installed programs to load, then click the name of the Avira program.
    • Click Remove next to the program's name (Windows 2000 / XP) or in the menu above the list (Windows Vista / 7).
    • Press Yes, to confirm the removal and then OK.
    • . Click Next until Finish. The software is removed.
    Reboot the computer when you have finished the above.
    Stop downloading and installing new programs. Stop doing factory resets. Don't do anything unless I instruct you to- including updates unless I advise. Exception is the AV program> Allow updates.
    You fist post about the BSOD problem was 2 weeks ago- that's about 5/24/ Already having an unstable system, you went on to install at least 4 new programs in addition to numerous app data.
    You are running "Partner application" by Google Inc, "Chrome aware".
    We will remove this and the accompanying Service.

    The Event Errors show multiples of this:
    In peer-to-peer environments, peers use specific name resolution systems to resolve each other's network locations (addresses, protocols, and ports) from names or other types of identifiers. In the past, peer name resolution has been complicated by the inherently transient connectivity as well as other shortcomings within the Domain Name System (DNS).
    Please read the information here to help you understand the possible consequences of failure to run:
    Sometimes it's better to start with the 'simple' first. If this fits you, consider giving it a try:
    Explain this please. What happens when you try to boot into Normal Mode?
  5. AJLEO

    AJLEO TS Rookie Topic Starter

    Before when I loaded into normal mode, after starting windows, I had the blue screen and it continued. But the last time i tried booting in normal mode, it just came up with "failed to start up windows" and gives me the option to start windows auto repair which does nothing. I have left that for a long time but it just stays stuck on searching for problem solutions.

    Also I bought this laptop which came with the windows 7 pre-installed so I don't have the disc to uninstall and reinstall windows 7. I thought factory reset would do the trick since this has occured from something I downloaded from the internet and not related to the programs that were pre-installed.

    Now I'm going to uninstall Northon since you said some files were missing and Its only a trail.

    Do you also want me to remove the Google Chrome internet browser? I thought that was safe?
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Did this computer belong to another user or was it from the manufacturer? This is a polite way of asking you if you know what was on the system when you got it!

    It appears that a network of some type was set up on it, but it isn't running correctly. Please refer to my question about the Peer Name Resolution

    As for Chrome, no, you don't have to remove the browser. But we will be removing the 'spyware' entry.
  7. AJLEO

    AJLEO TS Rookie Topic Starter

    No it was bought straight from the store and I am the first and only owner of it. There were a bunch of things on it from start like northon pre-installed with 60 day trial, microsoft office with trial, microsoft works. Everything was on it except from the browsers I have installed which are opera and chrome.

    And sorry but I don't understand that peer name resolution thing. Can you please explain a bit more. Also it doesn't allow me to remove northon for some reason. When I click on uninstall, nothing happens. Should I just remove avira instead?
  8. AJLEO

    AJLEO TS Rookie Topic Starter

    I have deactivated Northon Security. Its not running so the only one running is Avira. Whats next please?
  9. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I gave you the Norton Removal Tool> again> Click on link.
    [*]Norton Removal Tool
    IF you have trouble running the Removal Tool, once you have downloaded it and save to the desktop, boot into Safe Mode to run it:

    Boot into Safe Mode
    • Restart your computer and start pressing the F8 key on your keyboard.
    • Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
    The PeerName Resolution is part of Network Programming in the Microsoft .NET Framework . I don't know if you're using it, but you can check the Service and set it to Manual as follows:

    Click on Start> Run> type in services.msc> Enter> Double click on Peer Networking Identity Manager (it may shows as p2pimsvc)> Set the Startup type to Manual. Then exit Services and reboot the computer.

    As some point in your computer history, you either set up a Homegroup or tried to. I suspect the doing the factory resets may have messed that up. Here are questions to ask yourself:
    1. Did you "join" or make a homegroup when first installed? write down the password?
    2. Does windows report you as on a "homegroup", either pc?
    3. Have you turned ON Network Discovery? ie: advanced sharing settings, under (current profile)

    You have the SQL Server 2005 Compact Edition installed. You may need the Peer Name for that. IF you need further help with that, you may find more knowledgeable members in the networking forum.

    Stop setting the system back just because you get a BSOD. There are a lot for reasons for a BSOD and checking the Event Viewer before taking such drastic action would be a better way too go. Every time you set the system back, you undo any settings you have put in place- it's like start over-start over-start over and on and on.
    *****************Stop doing the factory resets*********************************
    Please note: If you have Combofix on the desktop already, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    Download Combofix from HERE or HERE and save to the desktop
    • Double click combofix.exe & follow the prompts.
    • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
      **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
    Re-enable your Antivirus software.

    Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    Note 2: ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    Note 3: Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    Note 4: CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    Note 5: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart computer to fix the issue.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...