Computer going kaput

PaulPool

PaulPool

New Member
My registry seems to be falling apart.

I got blue screen of deaths error code 0x0000007e and I did a lot of research to find a fix, I tried almost everything eventually I found a guy who had the problem and typed a command into the Run menu to just disable that particular part. It seemed to fix the problem.

Now it's back again, I haven't read the the error code but it's different sometimes. My task menu at the bottom is blinking in and out as I talk, the mouse jumps around and the computer would randomly restart.

It's an emachines T3256

Gotta post this quick before my computer restarts again!
 
PaulPool said:
My registry seems to be falling apart.

I got blue screen of deaths error code 0x0000007e and I did a lot of research to find a fix, I tried almost everything eventually I found a guy who had the problem and typed a command into the Run menu to just disable that particular part. It seemed to fix the problem.

Now it's back again, I haven't read the the error code but it's different sometimes. My task menu at the bottom is blinking in and out as I talk, the mouse jumps around and the computer would randomly restart.

It's an emachines T3256

Gotta post this quick before my computer restarts again!
Click to expand...


Emachines are not built of the best quality parts from what I understand.

Your best be is to try to read the blue screen (of death). It's most likely hardware or a driver. Go into device manager and have windows search for newer drivers. If any errors are on the hardware re-install the drivers etc.
 
You problem is caused by a bad driver to fix the issue you need to figure out which driver it is and update said driver is one is available or download is an update isn't available.
 
Update all the drivers. That might fix the problem. Also, bad RAM, or failing PSU. my brother got BSODs, and when he plugged the cord into his PSU correctly, they stopped for a while :P also, old hardware conflicting with newer hardware can cause this. Have you upgraded the computer?

Side note: My parents have eMachines too. Guess what? its a heap of SH**!!!
 
The auto-restarts were already disabled by me from the last time this happened.

I updated all the drivers, the problem persists. Now when the taskbar dissapears it also freezes my internet window and I noticed that for a second my window bar turned to windows 98 style.

I'll try turning down the settings and graphics but I don't know.

Please help now only the laptop in our house works and it's my dad's and between the 5 of us it's a brawl to get to it!

I only did software updates I never upgraded the hardware.

tried to run a windows update the website gave me this message:

[Error number: 0x8DDD0018]
The site cannot continue because one or more of these Windows services is not running:

Automatic Updates (allows the site to find, download and install high-priority updates for your computer)
Background Intelligent Transfer Service (BITS) (helps updates download more quickly and without problems if the download process is interrupted)
Event Log (keeps a record of updating activities to help with troubleshooting, if needed)

EDIT: Turned on my auto-updates through the services in the run menu and turn it on and now I'm updating, we'll see what it does.
 
Last edited:
Updated, it blinked a few times and I tried to update my ad-aware to the AE version, it updated and the restarted my PC.

Then I got the BSoD, here are some notes I jotted down:

Lbd.sys PAGE_FAULT_IN_NONPAGED_AREA

0x00000050 (oxP3891A2, 0X00000000, 0XF2EA40CC, 0X00000000)

Lbd.sys- Address F2EA40CC base at F2EA3000

Now I'm back on the laptop I powered the deskstop down.
 
PaulPool said:
Updated, it blinked a few times and I tried to update my ad-aware to the AE version, it updated and the restarted my PC.

Then I got the BSoD, here are some notes I jotted down:

Lbd.sys PAGE_FAULT_IN_NONPAGED_AREA

0x00000050 (oxP3891A2, 0X00000000, 0XF2EA40CC, 0X00000000)

Lbd.sys- Address F2EA40CC base at F2EA3000
Click to expand...
The problem may be you are using Lavasofts adware program that may not support certain drivers. Try to uninstall the adware program and see if it give you the error.
 
your computer is about 4 years old, true?. open the case and blow out all the dirt with a can of compressed air. Use the skinny straw like attachment, to get around the cpu & power supply. Do not use a vacuum cleaner! Pop out the ram and put it back in. Post back
 
It's old yeah, but I cleaned it out with canned air a few months ago when we moved here, shouldn't have so much dust in it soon...

I updated Ad-aware and it started a scan, found Virtumonde Malware, VirusRemover2008, Win32RootKitagent and Win32TrojanMonder. It deleted this stuff but the Virtumonde didn't get removed after a restart like it told me, it lists registry errors, picture:

http://img301.imageshack.us/my.php?image=59064303yu4.jpg

I'll try restarting again, and then removing ad-aware and re-downloading it.

EDIT: Cleaned it out with a can of air, popped the ram in and out. I tried re-downloading Adaware AE but then when it had me restart to complete the installation I got that Blue Screen of death again. So I got rid of Adaware not getting it again.

The probably persisted through-out. I'm searching for a different scanner.
 
Last edited:
Malwarebytes' Anti-Malware 1.33
Database version: 1714
Windows 5.1.2600 Service Pack 3

2/1/2009 8:37:03 PM
mbam-log-2009-02-01 (20-37-03).txt

Scan type: Quick Scan
Objects scanned: 49301
Time elapsed: 3 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 12
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 10

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\iifdedAP.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93deaaf2-0f4b-4f96-aa60-3abe5c755471} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{93deaaf2-0f4b-4f96-aa60-3abe5c755471} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{93deaaf2-0f4b-4f96-aa60-3abe5c755471} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\szyyqemk (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\szyyqemk (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\szyyqemk (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\iifdedAP.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\iifdedAP.dllbox (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\c:\windows\system32\iifdedap.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\PAdedfii.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\PAdedfii.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\prunnet.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvUnNhHy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Drivers\nqlpsuei.sys (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\geBuTJBr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvUoNHaB.dll (Trojan.Vundo) -> Quarantined and deleted successfully.


Will edit in the hijackthis log after I restart since now my desktop icons nor taskbar or anything is showing up after I started to download hijackthis, I had to use C+A+D rightclick>Bringtofront just to get back to firefox and the scanner.

EDIT: hijack this log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:40:55 PM, on 2/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AIM6\aim6.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://netscape.aol.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1192989359741
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553550000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: pmnmkhHB - pmnmkhHB.dll (file missing)

--
End of file - 5646 bytes
 
Last edited:
Update: the blinking desktop and task bar seemed to have gone away now....

if there's anything else in there let me know.
 
Please do another hijackthis scan and place a check next to this item and then click on fix checked.

O20 - Winlogon Notify: pmnmkhHB - pmnmkhHB.dll (file missing)


You have a major security flaw in your system. You are running a very old version of java. Please uninstall any and all old versions of java and install the newest version here.

Download and run combofix from here, follow the instructions and then post the log that it displays at the end along with a new hijackthis log.
 
But I already downloaded Malwarebytes Anti-malware 1.33, larryf215. (I followed the instructions posted by johnb35 at the top of this page, I just posted the log from that and hijack this) It seems to have taken care of the problem.

Right now I'm going through add/remove programs, defrag, general things like that.

EDIT:

Yeah I've had a problem for a long while now where a lot of videos won't play saying that my java is old or isn't there. I've tried everything in the book, installing new flash player and all that, downloading it and doing a manual install, nothing seemed to work. I'll do what you just posted then update back.
 
Last edited:
ComboFix 09-02-01.01 - Owner 2009-02-01 21:00:51.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.197 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SENEKA
-------\Service_seneka


((((((((((((((((((((((((( Files Created from 2009-01-02 to 2009-02-02 )))))))))))))))))))))))))))))))
.

2009-02-01 20:55 . 2009-02-01 20:55 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-01 20:55 . 2009-02-01 20:55 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-01 20:40 . 2009-02-01 20:40 <DIR> d-------- c:\program files\Trend Micro
2009-02-01 20:32 . 2009-02-01 20:32 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-01 20:32 . 2009-02-01 20:32 <DIR> d-------- c:\documents and settings\Owner\Application Data\Malwarebytes
2009-02-01 20:32 . 2009-02-01 20:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-01 20:32 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-01 20:32 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-01 20:22 . 2009-02-01 20:22 <DIR> d-------- c:\program files\CCleaner
2009-01-31 20:03 . 2009-01-31 20:03 <DIR> d-------- c:\windows\system32\XPSViewer
2009-01-31 20:03 . 2009-01-31 20:03 <DIR> d-------- c:\program files\Reference Assemblies
2009-01-31 20:03 . 2009-01-31 20:03 <DIR> d-------- c:\program files\MSBuild
2009-01-31 20:02 . 2009-01-31 20:02 <DIR> d-------- C:\1b08d0e7aba2dad2203e3ef3
2009-01-31 20:02 . 2008-07-06 07:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-01-31 20:02 . 2008-07-06 07:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-01-31 20:02 . 2008-07-06 05:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-01-31 20:02 . 2008-07-06 07:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-01-31 20:02 . 2008-07-06 07:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-01-31 20:02 . 2008-07-06 07:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-01-31 20:02 . 2008-07-06 07:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-01-31 20:02 . 2009-01-31 20:02 216 --a------ c:\windows\system32\spupdsvc.inf
2009-01-31 19:52 . 2009-01-31 19:52 118 --a------ c:\windows\system32\MRT.INI
2009-01-27 21:33 . 2009-02-01 20:39 2,816 --a------ c:\windows\szyyqemk
2009-01-20 14:47 . 2009-01-20 14:47 <DIR> dr------- c:\documents and settings\Owner\Application Data\Brother
2009-01-16 10:24 . 2009-01-16 10:24 <DIR> d-------- c:\documents and settings\Owner\Application Data\Viewpoint
2009-01-08 18:59 . 2009-01-24 13:33 54,156 --ah----- c:\windows\QTFont.qfn
2009-01-08 18:59 . 2009-01-08 18:59 1,409 --a------ c:\windows\QTFont.for

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-02 01:55 --------- d-----w c:\program files\Java
2009-02-02 01:15 --------- d-----w c:\program files\Lavasoft
2009-02-02 01:15 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-02 00:36 --------- d-----w c:\program files\Common Files\InstallShield
2009-01-27 00:33 --------- d-----w c:\documents and settings\Owner\Application Data\gtk-2.0
2009-01-19 22:10 18,636 ----a-w c:\documents and settings\Owner\Application Data\wklnhst.dat
2009-01-06 19:38 --------- d-----w c:\documents and settings\Owner\Application Data\U3
2009-01-05 18:56 --------- d-----w c:\program files\Lx_cats
2008-12-31 21:38 --------- d-----w c:\documents and settings\Owner\Application Data\Move Networks
2008-12-29 04:43 --------- d-----w c:\program files\GIMP-2.0
2008-12-27 23:30 --------- d-----w c:\documents and settings\All Users\Application Data\Launcher
2008-12-25 17:19 --------- d-----w c:\program files\Common Files\xing shared
2008-12-25 17:19 --------- d-----w c:\program files\Common Files\Real
2008-12-25 17:16 --------- d-----w c:\documents and settings\All Users\Application Data\QuickTime
2008-12-21 22:08 --------- d-----w c:\program files\Graboid
2008-12-19 15:41 --------- d-----w c:\documents and settings\Owner\Application Data\vlc
2008-12-19 15:34 --------- d-----w c:\documents and settings\Owner\Application Data\MozillaControl
2008-12-19 15:34 --------- d-----w c:\documents and settings\All Users\Application Data\Graboid Inc
2008-12-19 15:33 --------- d-----w c:\program files\Mozilla ActiveX Control v1.7.12
2008-12-19 15:32 --------- d-----w c:\program files\VideoLAN
2008-12-19 03:55 --------- d-----w c:\program files\AIM6
2008-12-19 03:55 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2008-12-19 03:55 --------- d-----w c:\documents and settings\All Users\Application Data\acccore
2008-12-19 03:54 --------- d-----w c:\documents and settings\All Users\Application Data\AOL Downloads
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-10-28 04:04 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008102820081029\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="c:\program files\AIM6\aim6.exe" [2008-10-31 50480]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-25 185872]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2003-01-03 98304]
"MSConfig"="c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-13 169984]
"LXBUCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [2004-08-20 65536]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-01 136600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
--a------ 2008-10-31 14:22 50480 c:\program files\AIM6\aim6.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-13 19:12 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
--a------ 2004-08-24 12:16 61440 c:\program files\Lexmark 6200 Series\ezprint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
--a------ 2004-08-24 13:26 299008 c:\program files\Lexmark Fax Solutions\fm3032.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxbumon.exe]
--a------ 2004-08-20 06:30 188416 c:\program files\Lexmark 6200 Series\lxbumon.exE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
--a------ 2003-06-07 05:32 50688 c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-13 19:12 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 14:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2004-03-03 12:29 2904064 c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2004-03-03 12:29 46080 c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2003-01-03 08:27 98304 c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM]
--a------ 2004-03-11 18:18 135168 c:\program files\Digital Media Reader\shwiconEM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Universal Installer]
--a------ 2008-03-18 13:50 984616 c:\program files\ComcastUI\Universal Installer\uinstaller.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
--a------ 2004-05-17 21:30 543232 c:\windows\zHotkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nForce Tray Options]
--a------ 2003-09-02 20:25 73728 c:\windows\system32\sstray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2004-03-03 12:29 782336 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShowWnd]
--a------ 2003-09-19 12:09 36864 c:\windows\ShowWnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Schedule"=2 (0x2)
"ATTRcAppSvc"=3 (0x3)
"aawservice"=2 (0x2)
"xmlprov"=3 (0x3)
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"WmiApSrv"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"WebClient"=2 (0x2)
"VSS"=3 (0x3)
"Viewpoint Manager Service"=2 (0x2)
"usprserv"=3 (0x3)
"UPS"=3 (0x3)
"upnphost"=3 (0x3)
"TrkWks"=2 (0x2)
"TermService"=3 (0x3)
"TapiSrv"=3 (0x3)
"SysmonLog"=3 (0x3)
"SwPrv"=3 (0x3)
"stisvc"=2 (0x2)
"SSDPSRV"=3 (0x3)
"srservice"=2 (0x2)
"SharedAccess"=2 (0x2)
"SENS"=2 (0x2)
"seclogon"=2 (0x2)
"SCardSvr"=3 (0x3)
"SamSs"=2 (0x2)
"RSVP"=3 (0x3)
"RDSessMgr"=3 (0x3)
"RasMan"=3 (0x3)
"RasAuto"=3 (0x3)
"ProtectedStorage"=2 (0x2)
"PolicyAgent"=2 (0x2)
"NVSvc"=2 (0x2)
"NtmsSvc"=3 (0x3)
"NtLmSsp"=3 (0x3)
"Nla"=3 (0x3)
"Netlogon"=3 (0x3)
"napagent"=3 (0x3)
"MSDTC"=3 (0x3)
"mnmsrvc"=3 (0x3)
"lxbu_device"=3 (0x3)
"LmHosts"=2 (0x2)
"lanmanworkstation"=2 (0x2)
"lanmanserver"=2 (0x2)
"ImapiService"=3 (0x3)
"HTTPFilter"=3 (0x3)
"hkmsvc"=3 (0x3)
"HidServ"=2 (0x2)
"helpsvc"=2 (0x2)
"FastUserSwitchingCompatibility"=3 (0x3)
"EventSystem"=3 (0x3)
"ERSvc"=2 (0x2)
"EapHost"=3 (0x3)
"Dot3svc"=3 (0x3)
"Dnscache"=2 (0x2)
"dmserver"=3 (0x3)
"dmadmin"=3 (0x3)
"CryptSvc"=3 (0x3)
"COMSysApp"=3 (0x3)
"clr_optimization_v2.0.50727_32"=3 (0x3)
"CiSvc"=3 (0x3)
"Browser"=2 (0x2)
"Brother XP spl Service"=2 (0x2)
"bmwebcfg"=2 (0x2)
"BITS"=2 (0x2)
"Autodesk Licensing Service"=3 (0x3)
"aspnet_state"=3 (0x3)
"AppMgmt"=3 (0x3)
"ALG"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=

S2 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [2007-10-21 26488]
S3 SWNC8U56;Sierra Wireless MUX NDIS Driver (UMTS56);c:\windows\system32\drivers\swnc8u56.sys [2007-06-27 101248]
S3 SWUMX56;Sierra Wireless USB MUX Driver (UMTS56);c:\windows\system32\drivers\swumx56.sys [2007-06-27 73856]
S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-10-21 24652]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{80aae947-8244-11dc-9f2c-0040ca854d24}]
\Shell\AutoRun\command - K:\PortableVault.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88646f80-c597-11dd-a216-0040ca854d24}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f073ca53-cd36-11dd-a23a-0040ca854d24}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder

2009-02-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []
.
- - - - ORPHANS REMOVED - - - -

Toolbar-SITEguard - (no file)
MSConfigStartUp-AT&T Communication Manager - c:\program files\AT&T\Communication Manager\ATTCM.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://netscape.aol.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} - hxxp://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ujeraeka.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?invocationType=tbff50ie7&query=
FF - prefs.js: browser.search.selectedEngine - AIM Search
FF - prefs.js: browser.startup.homepage - netscape.com
FF - prefs.js: keyword.URL - hxxp://search.aol.com/aolcom/search?invocationType=TB50TRFF;homepage=no;search=yesab&query=
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-01 21:03:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXBUCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AIM6\aolsoftware.exe
.
**************************************************************************
.
Completion time: 2009-02-01 21:05:40 - machine was rebooted
ComboFix-quarantined-files.txt 2009-02-02 02:05:30

Pre-Run: 138,587,275,264 bytes free
Post-Run: 138,550,919,168 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

267 --- E O F --- 2008-12-17 20:56:55

HIJACK this log is as followed, I clicked to fix the one you asked me to, after updating java:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:06:09 PM, on 2/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AIM6\aim6.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://netscape.aol.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1192989359741
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553550000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 5573 bytes
 
Please delete the following file:
c:\windows\szyyqemk

The only other thing showing in your log is Viewpoint Manager:
Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything bad. It is known to be intrusive, but there is some possibility that it is now being used by those companies to give them info about your habits. It is not considered spyware since this is not clear, but I would not tolerate it on my machine if I didn't install it.

I suggest you remove it. To do so, click on Start -> Control Panel -> Add or Remove Programs. Click on anything related to Viewpoint and click Remove.

Can you confirm that your error message, Lbd.sys PAGE_FAULT_IN_NONPAGED_AREA, did refer to Lbd.sys rather than Kbd.sys?

How is your system running now? If you are still receiving these BSODs, are they all referring to the same file, Lbd.sys, or does the file change each time?
 
Removed View Point Manager.

I am pretty sure it did refer to it, if the bsod said anything about a kdb.sys I would have written that down, but I only saw Lbd.sys.

Um I ran Combofix again, but it didn't give me an option to remove c:\windows\szyyqemk. I looked in c:\windows but I didn't see it in there either(it's possible I missed it), and yes I have hidden folders turned on. I don't see it in hijackthis, so how do I go about deleting it?

My system is running stable now. No more restarts, blinking desktop and taskbar, no bsod. It seemed to have taken care of the problem. I did some general clean up(removing programs, running scans, freeing up space using disk cleanup, running defrag, etc) and everything seems go. Thanks for replying.

Hopefully this emachines will last another 5 years, so we can keep it as an internet-browsing/e-mail PC and the computer I will build for everything else. The downside is that I wouldn't be able to use the monitor keyboard and mouse, but with 5 people we need an extra computer.
 
Sorry about the delay in getting back to you.

Please run Notepad and copy the contents of the codebox below into a new Notepad document. Please do not include the word Code:
Code: 
@echo off
del c:\windows\szyyqemk
dir c:\windows\szyyqemk > CFBat.txt
dir c:\windows\system32\drivers\Lbd.sys >> CFBat.txt
notepad CFBat.txt
exit

Save the file as C:\check.bat and make sure the Save as type field says All files. Navigate to your C:\ drive and double click on check.bat. This will bring up a notepad window, please copy and paste the contents into a reply post.
 
You must log in or register to reply here.
Back
Top