Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is mfc80.dll problem related to MBAM PUP Quarantine?


  • Please log in to reply
27 replies to this topic

#1 Inset irises

Inset irises

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 13 September 2016 - 02:44 AM

Hi,

 

Two nights ago MBAM quarantined PUP.Optional.DriverAgentPlus (note says something

about Registry Key).

 

The last 3 times I've tried to run Nikon Transfer, it encounters a problem

and needs to close after I click the transfer button. 

 

nkttransfer.exe

1.0.2.2003

mfc80.dll

8.050727.6195

offset 00074c1f

 

Nikon Transfer normally goes without a hitch.

After the quarantine, Event View shows a hive messenger warning

followed by a number of crypt32 errors then another hive messenger warning.

 

Is this a problem with Windows or a problem with Nikon Transfer?

In other words, will I need to fix Windows or remove Nikon Transfer and reinstall it.

If it is the latter, should I install the version I have or the update I just found but

have never tried?

 

 



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:25 PM

Posted 13 September 2016 - 07:07 AM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy taking care to post the link of the snapshot in your next post.

   Go to Piriform's website, and download the free version on the left.  Click Download from Piriform.com (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version. You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.

    After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.
 
     Once inside Speccy, it will look similar to this (with your computer's specifications, of course): p22004369.gif

     Now, at the top, click File > Publish Snapshot. You will see the following prompt:

p22004371.gif

     Click Yes > then Copy to Clipboard

p22004372.gif

Now, once you are back in the forum topic you are posting in, click the p22004370.gif button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

 

Louis



#3 Inset irises

Inset irises
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 13 September 2016 - 09:24 AM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Owner (administrator) on 13-09-2016 at 07:20:39
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Model: System Product Name Manufacturer: System manufacturer

Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/12/2016 11:23:16 PM) (Source: Application Error) (User: )
Description: Faulting application nkttransfer.exe, version 1.0.2.3003, faulting module mfc80.dll, version 8.0.50727.6195, fault address 0x00074c1f.
Processing media-specific event for [nkttransfer.exe!ws!]

Error: (09/12/2016 09:32:29 PM) (Source: Application Error) (User: )
Description: Faulting application nkttransfer.exe, version 1.0.2.3003, faulting module mfc80.dll, version 8.0.50727.6195, fault address 0x00074c1f.
Processing media-specific event for [nkttransfer.exe!ws!]

Error: (09/12/2016 09:10:09 PM) (Source: Application Error) (User: )
Description: Faulting application nkttransfer.exe, version 1.0.2.3003, faulting module mfc80.dll, version 8.0.50727.6195, fault address 0x00074c1f.
Processing media-specific event for [nkttransfer.exe!ws!]

Error: (09/12/2016 01:37:07 AM) (Source: Application Error) (User: )
Description: Faulting application nkttransfer.exe, version 1.0.2.3003, faulting module mfc80.dll, version 8.0.50727.6195, fault address 0x00074c1f.
Processing media-specific event for [nkttransfer.exe!ws!]

Error: (09/12/2016 01:20:47 AM) (Source: Application Error) (User: )
Description: Faulting application nkttransfer.exe, version 1.0.2.3003, faulting module mfc80.dll, version 8.0.50727.6195, fault address 0x00074c1f.
Processing media-specific event for [nkttransfer.exe!ws!]

Error: (09/11/2016 12:46:18 AM) (Source: YSearchUtilSvc) (User: )
Description: YSearchUtilSvc error: The operation completed successfully. (0x0)Could not stop service (1061)

Error: (09/10/2016 10:19:19 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (09/10/2016 10:19:19 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (09/10/2016 10:19:19 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (09/10/2016 10:19:19 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

System errors:
=============
Error: (09/13/2016 06:26:50 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (09/13/2016 06:26:50 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (09/13/2016 06:26:50 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (09/13/2016 06:26:50 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (09/13/2016 06:26:50 AM) (Source: Service Control Manager) (User: )
Description: The IC Recorder Driver service failed to start due to the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (09/12/2016 04:18:14 PM) (Source: Service Control Manager) (User: )
Description: The IMAPI CD-Burning COM Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (09/12/2016 04:18:14 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.

Error: (09/12/2016 04:16:27 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (09/12/2016 04:16:27 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (09/12/2016 04:16:27 PM) (Source: Service Control Manager) (User: )
Description: The IC Recorder Driver service failed to start due to the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Microsoft Office Sessions:
=========================
Error: (09/12/2016 11:23:16 PM) (Source: Application Error)(User: )
Description: nkttransfer.exe1.0.2.3003mfc80.dll8.0.50727.619500074c1f

Error: (09/12/2016 09:32:29 PM) (Source: Application Error)(User: )
Description: nkttransfer.exe1.0.2.3003mfc80.dll8.0.50727.619500074c1f

Error: (09/12/2016 09:10:09 PM) (Source: Application Error)(User: )
Description: nkttransfer.exe1.0.2.3003mfc80.dll8.0.50727.619500074c1f

Error: (09/12/2016 01:37:07 AM) (Source: Application Error)(User: )
Description: nkttransfer.exe1.0.2.3003mfc80.dll8.0.50727.619500074c1f

Error: (09/12/2016 01:20:47 AM) (Source: Application Error)(User: )
Description: nkttransfer.exe1.0.2.3003mfc80.dll8.0.50727.619500074c1f

Error: (09/11/2016 12:46:18 AM) (Source: YSearchUtilSvc)(User: )
Description: YSearchUtilSvc error: The operation completed successfully. (0x0)Could not stop service (1061)

Error: (09/10/2016 10:19:19 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (09/10/2016 10:19:19 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (09/10/2016 10:19:19 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (09/10/2016 10:19:19 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

=========================== Installed Programs ============================
ABBYY FineReader for ScanSnap ™ 5.0 (HKLM\...\{FB500000-0011-0000-0000-074957833700}) (Version: 11.0.298 - ABBYY)
Adobe Acrobat XI Standard (HKLM\...\{AC76BA86-1033-FFFF-BA7E-000000000006}) (Version: 11.0.08 - Adobe Systems)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop Elements (HKLM\...\Adobe Photoshop Elements 1.0) (Version: 1.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Adobe SVG Viewer (HKLM\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A75CA58D-DB9C-4D14-9428-E0C7B0F623DC}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft Panorama Maker 4 (HKLM\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version:  - ArcSoft)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{92a7fd6b-31e5-472f-862e-79214c5032ef}) (Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{A6634D1D-EA57-45DE-AF8F-0EDD35B912C3}) (Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG) Hidden

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon ScanGear Toolbox 3.0 (HKLM\...\Canon ScanGear Toolbox 3.0) (Version:  - )
CardMinder (HKLM\...\{D4F2AFD3-0167-4464-B92F-78AB6DA8A0AA}) (Version: V5.3L10 - PFU)
CardMinder V5.0 (HKLM\...\{C1BF1357-27D9-4187-9D5F-6904421C1908}) (Version: 5.0.10.1 - PFU) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Evernote v. 4.5.8 (HKLM\...\{DED01768-E634-11E1-AEB0-984BE15F174E}) (Version: 4.5.8.7356 - Evernote Corp.)
Family Tree Maker 2011 (HKLM\...\{3B3D2CFD-3C21-4AA0-94DE-45577B5BAB16}) (Version: 20.0.368 - Ancestry.com) Hidden
Family Tree Maker 2011 (HKLM\...\Family Tree Maker 2011) (Version: 20.0.368 - Ancestry.com)
hp deskjet 840c series (HKLM\...\hp deskjet 840c series_Driver) (Version:  - )
hp deskjet 840c series (Remove only) (HKLM\...\hp deskjet 840c series) (Version:  - )
Inspiration 9 (HKLM\...\Inspiration 9) (Version:  - )
Inspiration 9 PDF Driver (novaPDF 7.0 printer) (HKLM\...\Inspiration 9 PDF Driver_is1) (Version:  - Softland)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
iTunes (HKLM\...\{868B9974-4F23-494D-B6BC-4FAB92B2755D}) (Version: 12.1.3.6 - Apple Inc.)
Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.8.101.13 - Oracle Corporation) Hidden
MagicTune Premium (HKLM\...\{69F962F7-3761-4704-9E4B-24FF10F77111}) (Version: 4.0.22 - Samsung Electronics Co. Ltd.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft IntelliType Pro 6.2 (HKLM\...\{345112D9-0930-4A68-AB71-A831BA5DE7AA}) (Version: 6.20.182.0 - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 48.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 48.0.2 (x86 en-US)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.0.2 - Nikon)
Panasonic Office Add-in (HKLM\...\{C97AEFB5-E52F-49C8-AB51-D5F335AF8B7C}) (Version: 1.0.0 - Panasonic)
Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealSpeak_Solo_Common_for_Panasonic (HKLM\...\{C52BEBC0-4A0C-42FB-B7EC-FAD0A14DD64E}) (Version: 1.0.0 - Panasonic)
RealSpeak_Solo_English_for_Panasonic (HKLM\...\{DA12E3FF-60E1-43E0-8E64-C43890A596AE}) (Version: 1.0.0 - Panasonic)
Samsung_MonSetup (HKLM\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SAPI5_Common (HKLM\...\{50B631C6-6E91-4D7B-A4E0-81E7FA8D5B3D}) (Version: 1.0.0 - Panasonic)
SAPI5_English (HKLM\...\{4922C9E7-CD91-496A-A73B-0FDF9D54B44F}) (Version: 1.0.0 - Panasonic)
ScanSnap Manager (HKLM\...\{05C0A685-1232-48DE-A81A-A205E3075523}) (Version: 6.2.21.11.4 - PFU) Hidden
ScanSnap Manager (HKLM\...\{22BDC506-4A08-4919-B072-26A6A50D55F7}) (Version: 6.2.15.9.12 - PFU) Hidden
ScanSnap Manager (HKLM\...\{5E933F6F-A4C8-40D0-886E-91F36F3D95C7}) (Version: 6.0.11.5.07 - PFU) Hidden
ScanSnap Manager (HKLM\...\{8FAE9916-F2C5-4568-AC9A-AD51ED0B783A}) (Version: 6.1.11.2.9 - PFU) Hidden
ScanSnap Manager (HKLM\...\{9DBC01EA-2642-4538-96FB-90775E2C77E9}) (Version: 6.5.30.9.6 - PFU) Hidden
ScanSnap Manager (HKLM\...\{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}) (Version: V6.5L30 - PFU)
ScanSnap Organizer (HKLM\...\{CE4479BB-4765-4DC9-A8B1-B682325C3698}) (Version: 5.0.11.1 - PFU LIMITED) Hidden
ScanSnap Organizer (HKLM\...\{E58F3B88-3B3E-4F85-9323-04789D979C15}) (Version: V5.6L10 - PFU)
ScottradeELITE v5 (HKLM\...\{7E94DCE4-F1F3-47AF-A2D4-8A81008D9B1F}) (Version: 5.3.0.0 - Scottrade Inc.)
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Should I Remove It (HKCU\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (HKLM\...\{4E62123C-4C0D-4123-A8A2-C0103B92D7EA}) (Version: 1.0.4 - Reason Software Company Inc.) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Teen Volunteer Kit (HKLM\...\{28467F81-9198-40F9-9B1E-40E14632A84F}) (Version: 1.00.0000 - NetSmartz Workshop)
Text to Speech XP (HKLM\...\{E32661E0-A745-48A5-A9B9-073FDC6B119C}) (Version: 1.0.0 - Inspiration Software, Inc.)
TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2013 wcaiper (HKLM\...\{6B85D446-9E14-4309-BC3E-8E0940827BD3}) (Version: 013.000.1348 - Intuit Inc.) Hidden
TurboTax 2013 WinPerFedFormset (HKLM\...\{0A7DD94B-B746-4FB0-8688-8598C22793A0}) (Version: 013.000.2166 - Intuit Inc.) Hidden
TurboTax 2013 WinPerReleaseEngine (HKLM\...\{2A4EEB5C-3BA6-4299-A87F-783861B567D9}) (Version: 013.000.0492 - Intuit Inc.) Hidden
TurboTax 2013 WinPerTaxSupport (HKLM\...\{358C44FD-6943-4CDD-B947-7F7C4ADC8A8F}) (Version: 013.000.0169 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (HKLM\...\{606EB5EB-AADF-4E21-B715-1CAD291181D6}) (Version: 013.000.0135 - Intuit Inc.) Hidden
TurboTax 2014 (HKLM\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax 2014 wcaiper (HKLM\...\{1DA203D2-46E4-4B19-B7F2-72DAC2835A07}) (Version: 014.000.1306 - Intuit Inc.) Hidden
TurboTax 2014 WinPerFedFormset (HKLM\...\{35EEDA1E-9D45-4580-8554-734F45D48A73}) (Version: 014.000.1969 - Intuit Inc.) Hidden
TurboTax 2014 WinPerReleaseEngine (HKLM\...\{F2283AA1-869C-4497-8F18-09E36C67A014}) (Version: 014.000.0500 - Intuit Inc.) Hidden
TurboTax 2014 WinPerTaxSupport (HKLM\...\{5FB042CB-B08A-481E-B076-DC6D0FEB0595}) (Version: 014.000.0213 - Intuit Inc.) Hidden
TurboTax 2014 wrapper (HKLM\...\{F5890CC6-26B7-481E-A90E-ACE938AD294F}) (Version: 014.000.0109 - Intuit Inc.) Hidden
TurboTax 2015 (HKLM\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
TurboTax 2015 wcaiper (HKLM\...\{7FA6DD67-81E3-4241-83EA-8E861A41973C}) (Version: 015.000.1369 - Intuit Inc.) Hidden
TurboTax 2015 WinPerFedFormset (HKLM\...\{08D0C864-211B-4095-8C3E-2D2CAB64CDA9}) (Version: 015.000.2008 - Intuit Inc.) Hidden
TurboTax 2015 WinPerFuegoContent (HKLM\...\{B48A745E-B79A-417F-8775-421EF44C92D1}) (Version: 015.000.0417 - Intuit Inc.) Hidden
TurboTax 2015 WinPerReleaseEngine (HKLM\...\{B0119415-6743-4707-AB4D-1928F5E81FDD}) (Version: 015.000.0485 - Intuit Inc.) Hidden
TurboTax 2015 WinPerTaxSupport (HKLM\...\{BDC1955D-38D6-4747-8B0A-B2B7CFEA1E7D}) (Version: 015.000.0179 - Intuit Inc.) Hidden
TurboTax 2015 wrapper (HKLM\...\{6FF818ED-865F-4C55-A073-DD6C9CE7B6A8}) (Version: 015.000.0126 - Intuit Inc.) Hidden
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Voice Editing (HKLM\...\{44CE6902-84EA-11D6-887E-00609721D519}) (Version:  - )
VS2010MergeModule (HKLM\...\{16B1B5E5-78F7-4F6F-BF4B-3AD51E4AEA92}) (Version: 1.00.0000 - Your Company Name) Hidden
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Atheros (L1E) Net  (03/29/2010 1.0.0.22) (HKLM\...\4C78D95CBBF2ADC8EB0500594743341461C2C4FC) (Version: 03/29/2010 1.0.0.22 - Atheros)
Windows Driver Package - Atheros (L1e) Net  (06/29/2009 1.0.0.39) (HKLM\...\7B24954C4BF8513EEE6582E715754DBE4A4722A0) (Version: 06/29/2009 1.0.0.39 - Atheros)
Windows Driver Package - Atheros (L1e) Net  (12/02/2009 1.0.0.41) (HKLM\...\8F83A3232DF60EE9AB12A66CC77ACBBE5B21C073) (Version: 12/02/2009 1.0.0.41 - Atheros)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Yahoo Search Set (HKLM\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

========================= Memory info: ===================================
Percentage of memory in use: 27%
Total physical RAM: 3574.11 MB
Available physical RAM: 2607.73 MB
Total Virtual: 5456.8 MB
Available Virtual: 4042.89 MB

========================= Partitions: =====================================
2 Drive c: () (Fixed) (Total:232.88 GB) (Free:33.71 GB) NTFS

========================= Users: ========================================
User accounts for \\OWNER-6ADD8C5BC

Administrator            ASPNET                   Guest                    
HelpAssistant            Owner                    SUPPORT_388945a0         


**** End of log ****


Edited by hamluis, 13 September 2016 - 12:07 PM.


#4 Inset irises

Inset irises
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 13 September 2016 - 09:56 AM

A connection with the Speccy server could not be established, so I couldn't get a copy to publish.

I've downloaded and saved it as a text document, so will post that.

I hope that will work.


Edited by Inset irises, 13 September 2016 - 09:57 AM.


#5 hamluis

hamluis

    Moderator


  • Moderator
  • 56,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:25 PM

Posted 13 September 2016 - 11:56 AM

Do NOT post the text document.

 

Try the Speccy link later, it sometimes has problems...like any other link/website.

 

Appears to me that a check for malware may be in order.

 

Louis


Edited by hamluis, 13 September 2016 - 12:09 PM.


#6 Inset irises

Inset irises
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 13 September 2016 - 08:33 PM

http://speccy.piriform.com/results/umCaDuLLVlhivVshJjnNjJV

 

Good advice, Speccy worked on the first try. 

I will be very curious to see what, if anything, turns up.


Edited by Inset irises, 13 September 2016 - 08:49 PM.


#7 hamluis

hamluis

    Moderator


  • Moderator
  • 56,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:25 PM

Posted 14 September 2016 - 08:36 AM

I don't see anything indicating a problem...other than your Event Viewer errors, none of which involve a BSOD.  The Nikon app reflects a number of application oerrors...application errors happen all the time...sometimes due to coding, sometimes due to damaged files.  In any case, I suggest you uninstall/reinstall said app.

 

Your other errors...reflect a number of problems that might normally be associated with possible malware.  Inability to update Windows...problems with your antimalware app.

 

IMO, your topic title would indicate that you should follow my previous suggestion and have a malware check in the Am I infected forum.

 

Louis



#8 Inset irises

Inset irises
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 14 September 2016 - 10:09 AM

I will open a topic in Am I infected.  I will also uninstall and reinstall the Nikon Transfer program,

as you suggest.

Thanks for the help, and for the introduction to Speccy...lots of great information in there.

Dave



#9 hamluis

hamluis

    Moderator


  • Moderator
  • 56,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:25 PM

Posted 14 September 2016 - 10:31 AM

:thumbup2: , after the check and if you continue to have problems...just post back to this topic and we'll take a look.

 

Louis



#10 Inset irises

Inset irises
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 17 September 2016 - 11:26 PM

Hi Louis,

I ran the programs over at "Am I Infected" and have deleted or quarantined the PUPs.

 

I just tried the Nikon Transfer program and it acted the same as before,

closing immediately when I clicked on "Transfer."

 

Event Type:    Error
Event Source:    Application Error
Event Category:    None
Event ID:    1000
Date:        9/17/2016
Time:        8:51:02 PM
User:        N/A
Computer:    OWNER-6ADD8C5BC
Description:
Faulting application nkttransfer.exe, version 1.5.2.3003, faulting module mfc80.dll, version 8.0.50727.6195, fault address 0x00074c1f.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74   Applicat
0008: 69 6f 6e 20 46 61 69 6c   ion Fail
0010: 75 72 65 20 20 6e 6b 74   ure  nkt
0018: 74 72 61 6e 73 66 65 72   transfer
0020: 2e 65 78 65 20 31 2e 35   .exe 1.5
0028: 2e 32 2e 33 30 30 33 20   .2.3003
0030: 69 6e 20 6d 66 63 38 30   in mfc80
0038: 2e 64 6c 6c 20 38 2e 30   .dll 8.0
0040: 2e 35 30 37 32 37 2e 36   .50727.6
0048: 31 39 35 20 61 74 20 6f   195 at o
0050: 66 66 73 65 74 20 30 30   ffset 00
0058: 30 37 34 63 31 66 0d 0a   074c1f..

 

I've looked through Applications and see what looks like missing DLL files "may not have

necessary registry information or DLL files"

 

Also, this:Event Type:    Error
Event Source:    Windows Search Service
Event Category:    Search service
Event ID:    7040
Date:        9/4/2016
Time:        11:42:26 AM
User:        N/A
Computer:    OWNER-6ADD8C5BC
Description:
The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
     0xc0041801 (0xc0041801)


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

 

And this:

Event Type:    Information
Event Source:    Windows Search Service
Event Category:    Search service
Event ID:    4138
Date:        9/4/2016
Time:        11:42:26 AM
User:        N/A
Computer:    OWNER-6ADD8C5BC
Description:
An index corruption was detected in component IndexDirectory1 in catalog SystemIndex. Stack trace is .


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


I'm trying to figure out what kind of changes or deletions I might have made, or what I might have turned off,

that are now keeping Nikon Transfer from functioning.

 



#11 hamluis

hamluis

    Moderator


  • Moderator
  • 56,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:25 PM

Posted 18 September 2016 - 06:16 AM

Your Am I Infected topic is not complete...please pursue it to completion before reposting to this topic.  Boopme will advise you when he is done.

 

Louis



#12 Inset irises

Inset irises
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 22 September 2016 - 11:34 PM

Boopme advised me to come back to the XP forum.

 

I still have the problem with Nikon Transfer.

I wasn't able to run System File Checker as part of tweaking because I didn't have the Windows CD.

 

The only thing I have that is an Empower (PC Club brand of tower) "Microsoft Windows XP Home

Edition Product Recovery CD."

I believe it is a standard Windows XP Home install disc containing only Windows XP Home SP1.

I haven't put it in my tower as I wasn't sure if it would autorun something undesirable.

Question:

Is the disk of any use to me or anyone?

 

I also have a restore point set up on September 10 prior to downloading the Intel Driver Update Utility.

 

I don't recall whether or not I changed any drivers.  I did use the DriverAgent software up until it pulled

up the paywall, then I closed it and removed it.  This was before I first tried Nikon Transfer, so I suspect

either that or something I did with Firefox or iTunes was behind this.



#13 Inset irises

Inset irises
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 23 September 2016 - 12:01 AM

Another thing...I have 2 user accounts.

Owner (Me) and ASP.Net machine A

 

I haven't really looked at this in a long time and am wondering if the ASP.Net was on the

computer from the time it was built, or if it was put there by the techs the last time my pc was

infected and was put in the shop for repairs.


Edited by Inset irises, 23 September 2016 - 12:01 AM.


#14 hamluis

hamluis

    Moderator


  • Moderator
  • 56,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:25 PM

Posted 23 September 2016 - 08:14 AM

ASP.NET appears as a user on many systems...after install of a valid Microsoft file...nothing to worry about there.

 

http://forums.asp.net/t/758994.aspx?Why+is+there+an+ASP+NET+account+on+my+machine+

 

A recovery CD is a mechanism used by OEM manufacturers (Dell, Lenovo, Acer, etc.) in lieu of providing a Windows install disk to purchasers of their products.  It is not the same as a Windows install disk.  A recovery CD can be used to return the system to the same files condition that it was when purchased/first used by the owner.

 

Louis



#15 Inset irises

Inset irises
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:25 PM

Posted 23 September 2016 - 10:59 AM

So if I don't own that tower anymore, there is no reason to keep that CD...is that correct?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users