Stone Emissary
mccorry
Posts: 29
Registered: ‎01-06-2012
Accepted Solution

Error 7034 The Trend Micro Solution Platform service terminated unexpectedly

I have bought 3 Seagate external hard disks recently.  I noticed whenever I plugged those HDD to my USB, I will receive this error in my event log.  If I ignore it, I will soon lost my internet connection from browser.  I can still Ping all the external website but web browser always fails to load any page.  Skype will be disconnected as well.  All the 3 HDD are fresh from box and I've tried them with other PC without TrendMicro, all the 3 HDD works fine.  This problem only happens on my PC.  However, the issue will not happen if I exit from TrendMirco.  Any idea why?

 

My OS:  WinXP Professional

TrendMicro Version:  Trend Micro™ Titanium™ Internet Security

Browser: IE 8 and FireFix 9

 

Please use plain text.
Epic Talent
malwarekiller
Posts: 3,835
Registered: ‎08-08-2011

Re: Error 7034 The Trend Micro Solution Platform service terminated unexpectedly

Welcome aboard! Posted Image

 check for malware:

Download ComboFix from the any of the locations given in this website:

    • IMPORTANT !!! You need to Save ComboFix.exe to your Desktop
      • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you are still unsure on how to do this, see here
      • Double click on ComboFix.exe & follow the prompts.
      • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
      • If you already have the Recovery Console preinstalled, it will not ask for the following. If it does prompt, allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


      **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

      Posted Image

      Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

      Posted Image

      Click Yes, to continue scanning for malware. Please be patient and don't use the PC whilst it is scanning.

      When finished, it shall produce a log for you. Please copy & paste the contents of this log (also found at C:\ComboFix.txt) in your next reply at your topic.
—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
mccorry
Posts: 29
Registered: ‎01-06-2012

Re: Error 7034 The Trend Micro Solution Platform service terminated unexpectedly

ComboFix 12-01-05.04 - Jannie 06/01/2012  16:57:02.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3061.2225 [GMT 8:00]
Running from: c:\documents and settings\Jannie\Desktop\ComboFix.exe
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: Trend Micro Firewall Booster *Disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\46C.tmp
C:\55A.tmp
C:\565.tmp
C:\569.tmp
C:\570.tmp
C:\57C.tmp
C:\7F.tmp
C:\85.tmp
C:\C00.tmp
C:\C06.tmp
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Start Menu\Programs\Startup\PGPtray.exe.lnk
c:\documents and settings\Jannie\cnsload_1287645328279.tmp
c:\documents and settings\Jannie\GoToAssistDownloadHelper.exe
c:\documents and settings\Jannie\WINDOWS
c:\windows\Downloaded Installations\BMP
c:\windows\Downloaded Installations\BMP\{CF268324-B323-49B7-B60A-1184866B9462}\1033.MST
c:\windows\Downloaded Installations\BMP\{CF268324-B323-49B7-B60A-1184866B9462}\BMP.msi
c:\windows\system32\AF101DAT.dll
c:\windows\system32\AF120dat.dll
c:\windows\system32\Af15bdat.dll
c:\windows\system32\af180dat.dll
c:\windows\system32\AF201dat.dll
c:\windows\system32\af223dat.dll
c:\windows\system32\af320dat.dll
c:\windows\system32\af557dat.dll
c:\windows\system32\af800dat.dll
c:\windows\system32\af857dat.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\PowerToyReadme.htm
c:\windows\system32\SET455.tmp
c:\windows\system32\SET459.tmp
c:\windows\system32\SET461.tmp
c:\windows\system32\system32
c:\windows\system32\system32\3DAudio.ax
c:\windows\system32\system32\avrt.dll
c:\windows\system32\system32\cis-2.4.dll
c:\windows\system32\system32\issacapi_bs-2.3.dll
c:\windows\system32\system32\issacapi_pe-2.3.dll
c:\windows\system32\system32\issacapi_se-2.3.dll
c:\windows\system32\system32\MACXMLProto.dll
c:\windows\system32\system32\MaDRM.dll
c:\windows\system32\system32\MaJGUILib.dll
c:\windows\system32\system32\MAMACExtract.dll
c:\windows\system32\system32\MASetupCleaner.exe
c:\windows\system32\system32\MaXMLProto.dll
c:\windows\system32\system32\mfplat.dll
c:\windows\system32\system32\MK_Lyric.dll
c:\windows\system32\system32\MSCLib.dll
c:\windows\system32\system32\MSFLib.dll
c:\windows\system32\system32\MSLUR71.dll
c:\windows\system32\system32\msvcp60.dll
c:\windows\system32\system32\MTTELECHIP.dll
c:\windows\system32\system32\MTXSYNCICON.dll
c:\windows\system32\system32\muzaf1.dll
c:\windows\system32\system32\muzapp.dll
c:\windows\system32\system32\muzapp.exe
c:\windows\system32\system32\muzdecode.ax
c:\windows\system32\system32\muzeffect.ax
c:\windows\system32\system32\muzmp4sp.ax
c:\windows\system32\system32\muzmpgsp.ax
c:\windows\system32\system32\muzoggsp.ax
c:\windows\system32\system32\muzwmts.dll
c:\windows\system32\system32\psapi.dll
c:\windows\wc98pp.dll
H:\Autorun.inf
H:\Setup.exe
.
c:\windows\system32\drivers\i8042prt.sys . . . is missing!!
.
.
(((((((((((((((((((((((((   Files Created from 2011-12-06 to 2012-01-06  )))))))))))))))))))))))))))))))
.
.
2011-12-28 08:19 . 2011-12-28 08:19    --------    d-----w-    c:\documents and settings\Jannie\Application Data\Seagate
2011-12-28 08:18 . 2011-12-28 08:18    --------    d-----w-    c:\documents and settings\LocalService\Application Data\Seagate
2011-12-28 08:17 . 2011-12-28 08:18    --------    d-----w-    c:\program files\Seagate
2011-12-28 08:14 . 2011-12-28 08:14    --------    d-----w-    c:\documents and settings\Jannie\Application Data\Leadertech
2011-12-22 04:42 . 2011-12-22 04:42    1184    ----a-w-    c:\windows\system32\msd0870313.dll
2011-12-22 02:07 . 2011-12-21 07:24    121816    ----a-w-    c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-12-22 02:07 . 2011-12-21 07:24    97240    ----a-w-    c:\program files\Mozilla Firefox\libEGL.dll
2011-12-22 02:07 . 2011-12-21 07:24    814040    ----a-w-    c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-12-22 02:07 . 2011-12-21 07:24    486360    ----a-w-    c:\program files\Mozilla Firefox\libGLESv2.dll
2011-12-22 02:07 . 2011-12-21 07:24    43992    ----a-w-    c:\program files\Mozilla Firefox\mozutils.dll
2011-12-22 02:07 . 2011-12-21 07:24    2124760    ----a-w-    c:\program files\Mozilla Firefox\mozjs.dll
2011-12-22 02:07 . 2011-12-21 07:24    15832    ----a-w-    c:\program files\Mozilla Firefox\mozalloc.dll
2011-12-22 02:07 . 2011-12-21 04:30    1998168    ----a-w-    c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-12-22 02:07 . 2011-12-21 04:30    626688    ----a-w-    c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-22 02:07 . 2011-12-21 04:30    548864    ----a-w-    c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-22 02:07 . 2011-12-21 04:30    479232    ----a-w-    c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-22 02:07 . 2011-12-21 04:30    2106216    ----a-w-    c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-12-12 09:12 . 2008-09-26 10:01    621056    ----a-r-    c:\windows\system32\drivers\mod7700.sys
2011-12-12 09:12 . 2008-09-26 10:01    113664    ----a-r-    c:\windows\system32\drivers\ewusbnet.sys
2011-12-12 09:12 . 2008-09-26 10:01    101376    ----a-r-    c:\windows\system32\drivers\ewusbmdm.sys
2011-12-12 09:12 . 2008-09-26 10:00    24448    ----a-r-    c:\windows\system32\drivers\ewdcsc.sys
2011-12-12 09:10 . 2011-12-12 09:13    --------    d-----w-    c:\program files\DiGi Internet
2011-12-08 09:04 . 2011-12-08 09:04    1184    ----a-w-    c:\windows\system32\msd1010275.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 13:29 . 2008-04-25 16:16    1868544    ----a-w-    c:\windows\system32\win32k.sys
2011-11-16 06:07 . 2011-05-20 01:29    414368    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-04 19:20 . 2008-04-25 16:16    916992    ----a-w-    c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2008-04-25 16:16    43520    ----a-w-    c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2008-04-25 16:16    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2008-04-25 16:16    385024    ----a-w-    c:\windows\system32\html.iec
2011-11-01 16:07 . 2008-04-25 16:16    1288704    ----a-w-    c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2008-04-25 16:16    33280    ----a-w-    c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2008-04-25 16:16    2148864    ----a-w-    c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2008-04-14 00:01    2027008    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2008-04-25 16:16    186880    ----a-w-    c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2008-04-25 21:27    692736    ----a-w-    c:\windows\system32\inetcomm.dll
2011-12-21 07:24 . 2011-12-22 02:07    121816    ----a-w-    c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlayHandlerAccessible]
@="{3DBF5F01-3287-46EB-82CF-45AA5C241162}"
[HKEY_CLASSES_ROOT\CLSID\{3DBF5F01-3287-46EB-82CF-45AA5C241162}]
2009-10-09 05:53    613496    ----a-w-    c:\windows\system32\PGPfsshl.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-19 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-01-19 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-01-19 141848]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"MplSetUp"="c:\program files\RMClient\MplSetUp.exe" [2000-11-03 40960]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-06-22 1044480]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-08 1111568]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 116752]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-05 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-21 406992]
.
c:\documents and settings\Jannie\Start Menu\Programs\Startup\
Service Software.lnk - c:\program files\CAMS\srvsoft.exe [2011-12-22 45056]
Shortcut to OutlookSync.lnk - C:\OutlookSync.bat [2010-3-8 494]
Shortcut to taskmgr.lnk - c:\windows\system32\taskmgr.exe [2008-4-26 135680]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\PGPmapih.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ       scecli PGPpwflt
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jannie^Start Menu^Programs^Startup^Seagate NA0CBLFR Product Registration.lnk]
path=c:\documents and settings\Jannie\Start Menu\Programs\Startup\Seagate NA0CBLFR Product Registration.lnk
backup=c:\windows\pss\Seagate NA0CBLFR Product Registration.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seagate Dashboard]
2011-06-01 16:42    79112    ----a-w-    c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\app\\Jannie\\product\\11.2.0\\client_1\\jdk\\jre\\bin\\java.exe"=
"c:\\Program Files\\trademanager\\AliIM.exe"=
"c:\\Program Files\\WinSCP\\WinSCP.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Adobe\\Adobe Dreamweaver CS5\\Dreamweaver.exe"=
"c:\\Program Files\\Password Solutions\\Office Password Recovery PRO\\OfficePasswordRecoveryPRO.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Seagate\\Seagate Dashboard\\HipServAgent\\HipServAgent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5900:TCP"= 5900:TCP:VNC 5900
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [06/04/2010 6:32 PM 20104]
R0 pgpfs;PGP File Sharing;c:\windows\system32\drivers\PGPfsfd.sys [09/10/2009 1:53 PM 136312]
R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [28/01/2010 4:12 PM 15328]
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [08/10/2009 11:38 AM 24064]
R2 OracleOraClient11g_home1TNSListener;OracleOraClient11g_home1TNSListener;c:\app\Jannie\product\11.2.0\client_1\BIN\TNSLSNR  --> c:\app\Jannie\product\11.2.0\client_1\BIN\TNSLSNR  [?]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [02/06/2011 12:42 AM 14088]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [21/12/2010 2:41 PM 64080]
R3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet;c:\windows\system32\drivers\k57xp32.sys [08/10/2009 11:38 AM 176640]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [21/12/2010 2:58 PM 341072]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe [21/12/2010 2:40 PM 188272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 1:16 PM 130384]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys --> c:\windows\system32\Drivers\btcombus.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [06/04/2010 6:33 PM 25864]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [18/04/2011 5:43 PM 20032]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [12/12/2011 5:12 PM 113664]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [06/05/2011 4:36 PM 100736]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [06/04/2010 6:32 PM 23048]
S3 OracleOraClient11g_home1CMAdmin;OracleOraClient11g_home1CMAdmin;c:\app\Jannie\product\11.2.0\client_1\bin\CMADMIN.EXE [26/07/2010 5:03 PM 745472]
S3 OracleOraClient11g_home1CMan;OracleOraClient11g_home1CMan;c:\app\Jannie\product\11.2.0\client_1\bin\CMGW.EXE [26/07/2010 5:03 PM 229376]
S3 OraClient11g_home1_OracleSchedulerExecutionAgent;OraClient11g_home1_OracleSchedulerExecutionAgent;c:\app\Jannie\product\11.2.0\client_1\bin\jssu.exe -executionagentservice --> c:\app\Jannie\product\11.2.0\client_1\bin\jssu.exe -executionagentservice [?]
S3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys [28/01/2010 4:12 PM 32736]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 1:16 PM 753504]
S4 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [28/01/2010 4:12 PM 220128]
UnknownUnknown dsload;dsload; [x]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - dsgrab_01cb70efd120a79d
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-05 c:\windows\Tasks\backup.job
- C:\backup.bat [2010-03-08 09:32]
.
2012-01-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-772404766-1821189547-2654332125-1005Core.job
- c:\documents and settings\Jannie\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-01 04:56]
.
2012-01-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-772404766-1821189547-2654332125-1005UA.job
- c:\documents and settings\Jannie\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-01 04:56]
.
.


Please use plain text.
Stone Emissary
mccorry
Posts: 29
Registered: ‎01-06-2012

Re: Error 7034 The Trend Micro Solution Platform service terminated unexpectedly

------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.my/
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\PGPlsp.dll
Trusted Zone: loweslink.com\enroll
Trusted Zone: loweslink.com\secure
Trusted Zone: loweslink.com\secure2
Trusted Zone: loweslink.com\tplogin
TCP: Interfaces\{413DCAC7-AAD4-450E-A509-06CC39BF5867}: NameServer = 202.188.0.133,202.188.1.5
Name-Space Handler: FTP\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: HTTP\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
DPF: {00191E4B-49C2-48E2-A548-8F702D75622A} - hxxps://strtc.oracle.com/imtapp/res/jar/cnsload.cab
FF - ProfilePath - c:\documents and settings\Jannie\Application Data\Mozilla\Firefox\Profiles\lcjdgjko.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://malaysia.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\Kies\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-06 17:01
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OracleOraClient11g_home1TNSListener]
"ImagePath"="c:\app\Jannie\product\11.2.0\client_1\BIN\TNSLSNR "
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-772404766-1821189547-2654332125-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1056)
c:\windows\system32\PGPmapih.dll
.
- - - - - - - > 'lsass.exe'(1112)
c:\windows\system32\PGPmapih.dll
.
Completion time: 2012-01-06  17:03:26
ComboFix-quarantined-files.txt  2012-01-06 09:03
.
Pre-Run: 38,131,863,552 bytes free
Post-Run: 38,439,084,032 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 97453E7A48B7878F2C9D8A8CCE720E26

Please use plain text.
Epic Talent
malwarekiller
Posts: 3,835
Registered: ‎08-08-2011

Re: Error 7034 The Trend Micro Solution Platform service terminated unexpectedly

ok..u have a important windows file missing....i will find and replace it

 

Download OTL  to your Desktop.

http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
i8042prt.sys
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
C:\Windows\assembly\tmp\U\*.* /s
CREATERESTOREPOINT


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Post both logs

NEXT

 

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. 
3. Open notepad and copy/paste the text in the code box below into it:

 

File::
c:\windows\system32\msd1010275.dll
UnknownUnknown dsload;dsload;

Driver::
dsgrab_01cb70efd120a79d

 Save this as CFScript.txt, in the same location as ComboFix.exe

 

Refering to the picture above, drag CFScript into ComboFix.exe When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.


—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
mccorry
Posts: 29
Registered: ‎01-06-2012

Re: Error 7034 The Trend Micro Solution Platform service terminated unexpectedly

OTL logfile created on: 06/01/2012 5:37:31 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = D:\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy
 
2.99 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 81.90% Memory free
5.82 Gb Paging File | 5.38 Gb Available in Paging File | 92.43% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 37.75 Gb Free Space | 50.66% Space Free | Partition Type: NTFS
Drive D: | 74.45 Gb Total Space | 49.59 Gb Free Space | 66.61% Space Free | Partition Type: NTFS
Drive F: | 244.14 Gb Total Space | 11.04 Gb Free Space | 4.52% Space Free | Partition Type: NTFS
Drive G: | 221.62 Gb Total Space | 12.27 Gb Free Space | 5.54% Space Free | Partition Type: NTFS
Drive Q: | 8.46 Gb Total Space | 2.18 Gb Free Space | 25.71% Space Free | Partition Type: NTFS
Drive U: | 931.51 Gb Total Space | 498.47 Gb Free Space | 53.51% Space Free | Partition Type: NTFS
Drive V: | 78.13 Gb Total Space | 10.73 Gb Free Space | 13.73% Space Free | Partition Type: NTFS
Drive W: | 78.13 Gb Total Space | 19.63 Gb Free Space | 25.13% Space Free | Partition Type: NTFS
Drive X: | 78.13 Gb Total Space | 10.73 Gb Free Space | 13.73% Space Free | Partition Type: NTFS
Drive Y: | 78.13 Gb Total Space | 41.02 Gb Free Space | 52.50% Space Free | Partition Type: NTFS
Drive Z: | 8.46 Gb Total Space | 2.18 Gb Free Space | 25.71% Space Free | Partition Type: NTFS
 
Computer Name: IT01 | User Name: Jannie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/01/06 17:33:05 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
PRC - [2011/06/02 00:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/02/16 15:26:04 | 000,188,272 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
PRC - [2011/02/10 22:00:24 | 000,116,752 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2011/02/10 21:57:40 | 001,035,512 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2011/01/05 12:56:33 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_20\bin\jqs.exe
PRC - [2010/12/21 14:38:01 | 000,138,640 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
PRC - [2010/03/31 08:03:28 | 000,512,000 | ---- | M] (Oracle Corporation) -- C:\app\Jannie\product\11.2.0\client_1\bin\TNSLSNR.EXE
PRC - [2009/10/09 13:53:26 | 000,103,032 | ---- | M] (PGP Corporation) -- C:\WINDOWS\system32\PGPserv.exe
PRC - [2008/10/15 17:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe
PRC - [2008/04/14 20:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011/10/14 08:51:17 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/14 08:50:01 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\36bf3d5f05a40c9e3cadca5789c8a469\System.Runtime.Remoting.ni.dll
MOD - [2011/10/14 08:48:05 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/14 08:47:48 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/13 18:14:10 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/13 18:14:05 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/13 18:14:01 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/13 18:13:51 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2010/12/21 14:38:30 | 000,174,432 | ---- | M] () -- C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
MOD - [2010/12/21 14:38:06 | 000,442,368 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\sqlite3.dll
MOD - [2010/12/21 14:38:03 | 001,081,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
MOD - [2010/12/21 14:38:01 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
MOD - [2010/12/21 14:38:01 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
MOD - [2001/10/28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011/06/02 00:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/02/16 15:26:04 | 000,188,272 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV - [2011/01/05 12:56:33 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre1.6.0_20\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010/04/02 08:38:48 | 000,041,472 | ---- | M] () [On_Demand | Stopped] -- C:\app\Jannie\product\11.2.0\client_1\bin\jssu.exe -- (OraClient11g_home1_OracleSchedulerExecutionAgent)
SRV - [2010/04/01 12:39:54 | 000,069,632 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- C:\app\Jannie\product\11.2.0\client_1\bin\omtsreco.exe -- (OracleMTSRecoveryService)
SRV - [2010/03/31 08:03:28 | 000,512,000 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\app\Jannie\product\11.2.0\client_1\BIN\TNSLSNR.exe -- (OracleOraClient11g_home1TNSListener)
SRV - [2010/03/31 08:01:40 | 000,229,376 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- C:\app\Jannie\product\11.2.0\client_1\bin\CMGW.EXE -- (OracleOraClient11g_home1CMan)
SRV - [2010/03/31 08:01:30 | 000,745,472 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- C:\app\Jannie\product\11.2.0\client_1\bin\CMADMIN.EXE -- (OracleOraClient11g_home1CMAdmin)
SRV - [2010/01/28 16:12:12 | 000,220,128 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV - [2009/10/09 13:53:26 | 000,103,032 | ---- | M] (PGP Corporation) [Auto | Running] -- C:\WINDOWS\system32\PGPserv.exe -- (PGPserv)
SRV - [2008/10/15 17:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2008/09/08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/01/29 17:00:20 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010/12/21 14:38:07 | 000,341,072 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TM_CFW.sys -- (tmcfw)
DRV - [2010/12/21 14:38:07 | 000,189,520 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2010/12/21 14:38:07 | 000,092,112 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/12/21 14:38:07 | 000,080,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010/12/21 14:38:07 | 000,064,080 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010/04/06 18:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010/04/06 18:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010/04/06 18:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2010/01/28 16:12:32 | 000,015,328 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pssnap.sys -- (pssnap)
DRV - [2010/01/28 16:12:22 | 000,032,736 | ---- | M] (Macrium Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psmounter.sys -- (PSMounter)
DRV - [2009/10/12 15:21:54 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/10/09 13:53:30 | 000,246,392 | ---- | M] (PGP Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\PGPdisk.sys -- (PGPdisk)
DRV - [2009/10/09 13:53:30 | 000,041,080 | ---- | M] (PGP Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PGPsdk.sys -- (PGPsdkDriver)
DRV - [2009/10/09 13:53:26 | 000,215,672 | ---- | M] (PGP Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\PGPwded.sys -- (PGPwded)
DRV - [2009/10/09 13:53:26 | 000,136,312 | ---- | M] (PGP Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\PGPfsfd.sys -- (pgpfs)
DRV - [2008/09/26 18:01:12 | 000,113,664 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2008/09/26 18:01:00 | 000,101,376 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/07/16 12:03:18 | 000,176,640 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\k57xp32.sys -- (k57w2k) Broadcom NetLink (TM)
DRV - [2008/05/23 16:46:12 | 000,010,848 | ---- | M] (Oracle Corp.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\dsload.sys -- (dsload)
DRV - [2008/03/28 19:14:02 | 000,024,064 | ---- | M] (Sonic Focus, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfaudio.sys -- (SFAUDIO)
DRV - [2005/05/31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005/05/31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005/04/30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005/04/30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005/04/30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005/03/25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2004/12/16 16:32:54 | 000,013,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter)
DRV - [2004/10/19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 


Please use plain text.
Stone Emissary
mccorry
Posts: 29
Registered: ‎01-06-2012

Re: Error 7034 The Trend Micro Solution Platform service terminated unexpectedly

[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.my/
IE - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20111107
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.2.4rc4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {de1b245c-de57-11da-ba2d-0050c2490048}:1.0.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.99
FF - prefs.js..extensions.enabledItems: {22C7F6C6-8D67-4534-92B5-529A0EC09405}:6.8.0.1073
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://malaysia.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@alibaba.com/npwangwang;version=1.0: C:\Program Files\trademanager\npwangwang.dll ( )
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre1.6.0_20\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Jannie\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Jannie\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\{@alibaba.com/alisetup;version=1.0}: C:\Documents and Settings\Jannie\Local Settings\Application Data\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\firefoxextension\ [2011/10/18 15:12:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre1.6.0_20\lib\deploy\jqs\ff [2011/01/05 12:56:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/22 10:07:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/22 10:07:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2011/09/28 17:19:26 | 000,000,000 | ---D | M]
 
[2010/04/23 12:14:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jannie\Application Data\Mozilla\Extensions
[2012/01/06 16:45:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jannie\Application Data\Mozilla\Firefox\Profiles\lcjdgjko.default\extensions
[2010/05/06 14:37:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jannie\Application Data\Mozilla\Firefox\Profiles\lcjdgjko.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/21 13:42:42 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Jannie\Application Data\Mozilla\Firefox\Profiles\lcjdgjko.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/01/06 16:45:39 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Documents and Settings\Jannie\Application Data\Mozilla\Firefox\Profiles\lcjdgjko.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/12/22 10:12:45 | 000,000,000 | ---D | M] (MinimizeToTray revived (MinTrayR)) -- C:\Documents and Settings\Jannie\Application Data\Mozilla\Firefox\Profiles\lcjdgjko.default\extensions\mintrayr@tn123.ath.cx
[2011/12/22 10:07:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JANNIE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LCJDGJKO.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2011/12/21 15:24:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/05 12:56:36 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/07/29 21:33:40 | 000,108,480 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npwangwang.dll
[2010/03/30 19:19:50 | 000,111,960 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npww.dll
[2011/12/21 12:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/21 12:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:smileysurprised:riginalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Jannie\Local Settings\Application Data\Google\Chrome\Application\12.0.742.122\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\Jannie\Local Settings\Application Data\Google\Chrome\Application\12.0.742.122\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Jannie\Local Settings\Application Data\Google\Chrome\Application\12.0.742.122\pdf.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Documents and Settings\Jannie\Application Data\Mozilla\plugins\npatgpc.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Jannie\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2012/01/06 17:01:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.6.0_20\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre1.6.0_20\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MplSetUp] C:\Program Files\RMClient\MplSetUp.exe (RICOH CO.,LTD.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - Startup: C:\Documents and Settings\Jannie\Start Menu\Programs\Startup\Shortcut to OutlookSync.lnk = C:\OutlookSync.bat ()
O4 - Startup: C:\Documents and Settings\Jannie\Start Menu\Programs\Startup\Shortcut to PGPtray.lnk = C:\Program Files\PGP Corporation\PGP Desktop\PGPtray.exe (PGP Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 ()
O7 - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 ()
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\PGPlsp.dll (PGP Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\PGPlsp.dll (PGP Corporation)
O15 - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\..Trusted Domains: loweslink.com ([enroll] https in Trusted sites)
O15 - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\..Trusted Domains: loweslink.com ([secure] https in Trusted sites)
O15 - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\..Trusted Domains: loweslink.com ([secure2] https in Trusted sites)
O15 - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\..Trusted Domains: loweslink.com ([tplogin] https in Trusted sites)
O15 - HKU\S-1-5-21-772404766-1821189547-2654332125-1005\..Trusted Ranges: Range1 ([file] in Trusted sites)
O16 - DPF: {00191E4B-49C2-48E2-A548-8F702D75622A} https://strtc.oracle.com/imtapp/res/jar/cnsload.cab (Reg Error: Value error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{413DCAC7-AAD4-450E-A509-06CC39BF5867}: NameServer = 202.188.0.133,202.188.1.5
O18 - Protocol\Handler\ic32pp - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\PGPmapih.dll) -C:\WINDOWS\system32\PGPmapih.dll (PGP Corporation)
O20 - AppInit_DLLs: (PGPmapih.dll) -C:\WINDOWS\System32\PGPmapih.dll (PGP Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Jannie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jannie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/03/29 12:50:07 | 000,000,067 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 

Please use plain text.
Stone Emissary
mccorry
Posts: 29
Registered: ‎01-06-2012

Re: Error 7034 The Trend Micro Solution Platform service terminated unexpectedly

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/01/06 17:13:03 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/01/06 16:55:16 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/01/06 16:52:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/01/06 16:52:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/01/06 16:52:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/01/06 16:52:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/01/06 16:52:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/01/06 16:52:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/06 16:51:35 | 004,372,321 | R--- | C] (Swearware) -- C:\Documents and Settings\Jannie\Desktop\ComboFix.exe
[2011/12/28 16:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jannie\Application Data\Seagate
[2011/12/28 16:18:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2011/12/28 16:18:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate Dashboard
[2011/12/28 16:17:50 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2011/12/28 16:14:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jannie\Application Data\Leadertech
[2011/12/15 12:19:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jannie\JannieWS\Watchguard Firebox
[2011/12/12 17:12:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DiGi Internet
[2011/12/12 17:12:02 | 000,621,056 | R--- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys
[2011/12/12 17:12:02 | 000,113,664 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2011/12/12 17:12:02 | 000,101,376 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2011/12/12 17:12:02 | 000,024,448 | R--- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2011/12/12 17:10:59 | 000,000,000 | ---D | C] -- C:\Program Files\DiGi Internet
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/01/06 17:26:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/06 17:25:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/06 17:25:31 | 3209,654,272 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/06 17:24:33 | 000,000,868 | ---- | M] () -- C:\Documents and Settings\Jannie\Start Menu\Programs\Startup\Shortcut to PGPtray.lnk
[2012/01/06 17:16:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-772404766-1821189547-2654332125-1005UA.job
[2012/01/06 17:01:55 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/06 16:55:22 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/01/06 16:51:19 | 004,372,321 | R--- | M] (Swearware) -- C:\Documents and Settings\Jannie\Desktop\ComboFix.exe
[2012/01/06 14:16:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-772404766-1821189547-2654332125-1005Core.job
[2012/01/05 17:00:05 | 000,000,192 | ---- | M] () -- C:\WINDOWS\tasks\backup.job
[2011/12/30 17:14:47 | 001,333,719 | ---- | M] () -- C:\Documents and Settings\Jannie\Desktop\Incoterms 2010 poster.jpg
[2011/12/30 17:13:14 | 000,077,340 | ---- | M] () -- C:\Documents and Settings\Jannie\Desktop\bea334450b.png
[2011/12/30 17:12:03 | 000,043,220 | ---- | M] () -- C:\Documents and Settings\Jannie\Desktop\Incoterms_2010.jpg
[2011/12/28 16:18:27 | 000,000,936 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Seagate Dashboard.lnk
[2011/12/28 14:21:10 | 000,114,042 | ---- | M] () -- C:\Documents and Settings\Jannie\Desktop\Chinese email.jpg
[2011/12/23 17:39:50 | 000,028,909 | ---- | M] () -- C:\Documents and Settings\Jannie\Desktop\Rotate.jpg
[2011/12/22 12:42:21 | 000,001,184 | ---- | M] () -- C:\WINDOWS\System32\msd0870313.dll
[2011/12/22 12:22:00 | 000,604,521 | ---- | M] () -- C:\Documents and Settings\Jannie\Desktop\GreetingCard.jpg
[2011/12/22 12:12:41 | 000,139,211 | ---- | M] () -- C:\Documents and Settings\Jannie\Desktop\Peplink After unplug wan1.jpg
[2011/12/22 10:07:27 | 000,000,744 | ---- | M] () -- C:\Documents and Settings\Jannie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/19 14:42:15 | 001,131,416 | ---- | M] () -- C:\Documents and Settings\Jannie\JannieWS\Goodnight Moon - high quality.mp3
[2011/12/16 11:04:50 | 000,051,634 | ---- | M] () -- C:\Documents and Settings\Jannie\Desktop\Incoterms-2010-chart.gif
[2011/12/16 09:03:43 | 000,231,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/15 18:11:19 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/13 10:44:57 | 000,052,696 | ---- | M] () -- C:\Documents and Settings\Jannie\Desktop\Exercise.jpg
[2011/12/12 17:12:19 | 000,000,744 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DiGi Internet.lnk
[2011/12/12 16:07:41 | 000,102,146 | ---- | M] () -- C:\Documents and Settings\Jannie\Desktop\Hard disk orders.pdf
[2011/12/12 15:02:47 | 000,028,906 | ---- | M] () -- C:\Documents and Settings\Jannie\Desktop\PGP Option.jpg
[2011/12/09 09:36:04 | 000,116,205 | ---- | M] () -- C:\Documents and Settings\Jannie\Desktop\PGP Plan.jpg
[2011/12/08 17:04:57 | 000,001,184 | ---- | M] () -- C:\WINDOWS\System32\msd1010275.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/01/06 17:24:33 | 000,000,868 | ---- | C] () -- C:\Documents and Settings\Jannie\Start Menu\Programs\Startup\Shortcut to PGPtray.lnk
[2012/01/06 16:55:22 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/01/06 16:55:20 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/01/06 16:52:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/01/06 16:52:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/01/06 16:52:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/01/06 16:52:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/01/06 16:52:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/01/04 16:59:19 | 003,059,495 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\DSCF3440.JPG
[2011/12/30 17:14:46 | 001,333,719 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\Incoterms 2010 poster.jpg
[2011/12/30 17:13:13 | 000,077,340 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\bea334450b.png
[2011/12/30 17:12:02 | 000,043,220 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\Incoterms_2010.jpg
[2011/12/28 16:18:27 | 000,000,936 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Seagate Dashboard.lnk
[2011/12/28 14:21:10 | 000,114,042 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\Chinese email.jpg
[2011/12/23 17:39:42 | 000,028,909 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\Rotate.jpg
[2011/12/22 12:42:21 | 000,001,184 | ---- | C] () -- C:\WINDOWS\System32\msd0870313.dll
[2011/12/22 12:22:00 | 000,604,521 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\GreetingCard.jpg
[2011/12/22 12:12:41 | 000,139,211 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\Peplink After unplug wan1.jpg
[2011/12/22 10:07:27 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/19 14:40:17 | 001,131,416 | ---- | C] () -- C:\Documents and Settings\Jannie\JannieWS\Goodnight Moon - high quality.mp3
[2011/12/16 11:04:49 | 000,051,634 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\Incoterms-2010-chart.gif
[2011/12/13 10:44:57 | 000,052,696 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\Exercise.jpg
[2011/12/12 17:12:19 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DiGi Internet.lnk
[2011/12/12 16:07:47 | 000,102,146 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\Hard disk orders.pdf
[2011/12/12 15:02:44 | 000,028,906 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\PGP Option.jpg
[2011/12/09 09:36:04 | 000,116,205 | ---- | C] () -- C:\Documents and Settings\Jannie\Desktop\PGP Plan.jpg
[2011/12/08 17:04:57 | 000,001,184 | ---- | C] () -- C:\WINDOWS\System32\msd1010275.dll
[2011/11/18 14:32:55 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Jannie\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2011/11/14 18:10:07 | 000,234,074 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-772404766-1821189547-2654332125-1005-0.dat
[2011/11/14 18:10:06 | 000,234,074 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/09/28 17:19:23 | 000,109,216 | ---- | C] () -- C:\WINDOWS\System32\EasyHook64.dll
[2011/09/28 17:19:23 | 000,090,784 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll
[2011/09/06 12:38:17 | 000,002,048 | ---- | C] () -- C:\Documents and Settings\Jannie\Application Data\Photobook Designer Prefs
[2011/07/21 17:18:58 | 000,038,458 | ---- | C] () -- C:\Documents and Settings\Jannie\Application Data\Comma Separated Values (DOS).ADR
[2011/06/09 17:04:33 | 000,000,026 | ---- | C] () -- C:\WINDOWS\ExplorerXP.INI
[2011/04/18 18:03:55 | 000,664,912 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/04/05 09:25:14 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\XFormRes.dll
[2011/04/05 09:25:12 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\secocom.dll
[2011/01/29 17:00:24 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/01/29 17:00:22 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/01/29 17:00:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/01/29 17:00:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/01/29 17:00:22 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/01/03 16:55:50 | 000,000,015 | ---- | C] () -- C:\WINDOWS\DBLOAD.INI
[2010/12/17 12:39:07 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/11/25 07:30:33 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Jannie\Local Settings\Application Data\housecall.guid.cache
[2010/11/08 11:16:22 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Jannie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/27 15:06:59 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2010/08/13 16:53:37 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2010/08/13 15:25:06 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2010/07/26 15:57:24 | 000,049,223 | ---- | C] () -- C:\WINDOWS\System32\crtslv.dll
[2010/07/26 15:57:21 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\ExportModeller.dll
[2010/07/23 17:24:57 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010/07/23 17:09:55 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Jannie\Application Data\winscp.rnd
[2010/04/23 12:14:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/04/06 18:33:10 | 000,025,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
[2010/03/09 10:24:47 | 000,978,432 | ---- | C] () -- C:\WINDOWS\System32\Pg32.dll
[2010/03/09 10:24:46 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Implode.dll
[2010/03/09 10:08:50 | 000,000,695 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/03/08 17:22:25 | 000,003,621 | ---- | C] () -- C:\WINDOWS\System32\RC95E1A0.dat
[2010/03/08 16:58:35 | 000,000,666 | ---- | C] () -- C:\WINDOWS\SWWATER.INI
[2010/03/08 16:44:29 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\RPCS.ini
[2010/03/08 16:41:11 | 000,039,479 | ---- | C] () -- C:\WINDOWS\RicDB.ini
[2010/03/08 16:40:58 | 000,002,199 | ---- | C] () -- C:\WINDOWS\PmData.Dat
[2010/03/08 16:40:58 | 000,000,226 | ---- | C] () -- C:\WINDOWS\PMJobCli.ini
[2010/03/08 16:40:53 | 000,012,358 | ---- | C] () -- C:\WINDOWS\PMRicMb.ini
[2010/03/08 16:40:53 | 000,006,702 | ---- | C] () -- C:\WINDOWS\PMRicPMb.ini
[2010/03/08 16:40:53 | 000,005,390 | ---- | C] () -- C:\WINDOWS\PMPrtMb.ini
[2010/03/08 16:40:53 | 000,004,303 | ---- | C] () -- C:\WINDOWS\PMRicFMb.ini
[2010/03/08 16:40:53 | 000,003,005 | ---- | C] () -- C:\WINDOWS\PMDvPrn.ini
[2010/03/08 16:40:53 | 000,002,102 | ---- | C] () -- C:\WINDOWS\PMDvDev.ini
[2010/03/08 16:40:53 | 000,002,047 | ---- | C] () -- C:\WINDOWS\PMDIOMb.ini
[2010/03/08 16:40:53 | 000,002,036 | ---- | C] () -- C:\WINDOWS\PMHostMb.ini
[2010/03/08 16:40:53 | 000,001,885 | ---- | C] () -- C:\WINDOWS\PMPSIOMb.ini
[2010/03/08 16:40:53 | 000,001,727 | ---- | C] () -- C:\WINDOWS\PMRicSMb.ini
[2010/03/08 16:40:53 | 000,001,706 | ---- | C] () -- C:\WINDOWS\PMRicCMb.ini
[2010/03/08 16:40:53 | 000,001,494 | ---- | C] () -- C:\WINDOWS\PMMib2Mb.ini
[2010/03/08 16:40:53 | 000,001,143 | ---- | C] () -- C:\WINDOWS\PMDPIMb.ini
[2010/03/08 16:40:53 | 000,001,110 | ---- | C] () -- C:\WINDOWS\PMDvFax.ini
[2010/03/08 16:40:53 | 000,001,094 | ---- | C] () -- C:\WINDOWS\PMAxsMb.ini
[2010/03/08 16:40:53 | 000,000,842 | ---- | C] () -- C:\WINDOWS\PMDvScan.ini
[2010/03/08 16:40:53 | 000,000,423 | ---- | C] () -- C:\WINDOWS\PMDvCopy.ini
[2010/03/08 16:40:53 | 000,000,332 | ---- | C] () -- C:\WINDOWS\PMSnmpMb.ini
[2010/03/08 16:40:52 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\rtcpf.dll
[2010/03/08 16:40:52 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RLPR.dll
[2010/03/08 16:40:51 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\rpnv2ui.dll
[2010/03/08 16:40:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\PMObservps.dll
[2010/02/08 07:33:04 | 000,359,320 | ---- | C] () -- C:\WINDOWS\System32\vfprintpthelper.dll
[2009/10/09 13:53:26 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\PGPsdk.dll.sig
[2009/10/08 11:38:25 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4957.dll
[2009/10/08 11:38:22 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2009/10/08 11:37:44 | 000,001,163 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/10/07 20:03:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/10/06 15:16:00 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2008/12/27 22:18:20 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\lwel-manifest.dll
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/26 05:31:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/26 05:27:18 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/26 05:26:32 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/26 00:16:24 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/26 00:16:22 | 000,522,156 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/26 00:16:22 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/26 00:16:22 | 000,093,604 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/26 00:16:22 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/26 00:16:22 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/26 00:16:21 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/26 00:16:20 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/26 00:16:18 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/26 00:16:18 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/26 00:16:13 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/26 00:16:11 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/25 17:22:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/25 17:21:52 | 000,231,184 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[1999/01/22 18:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
 

Please use plain text.
Stone Emissary
mccorry
Posts: 29
Registered: ‎01-06-2012

Re: Error 7034 The Trend Micro Solution Platform service terminated unexpectedly

[color=#E56717]========== LOP Check ==========[/color]
 
[2009/10/07 19:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2010/03/09 12:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/08/13 16:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010/03/04 15:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrium
[2011/04/18 17:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/03/10 14:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PGP Corporation
[2010/09/27 12:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2011/03/29 17:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLive
[2011/11/15 14:17:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2011/04/18 17:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011/09/28 17:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2009/10/07 19:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Windows Desktop Search
[2010/03/09 12:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\BACS.exe
[2011/08/05 17:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\datafortress.eM
[2011/07/12 15:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\FileZilla
[2010/08/19 14:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\Foxit Software
[2011/06/15 11:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\IObit
[2011/12/28 16:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\Leadertech
[2011/01/05 13:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\OpenOffice.org
[2011/08/29 14:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\Password Solutions
[2011/04/18 17:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\PC Suite
[2010/03/10 15:53:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\PGP Corporation
[2011/09/06 12:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\Photobook Designer
[2011/03/29 17:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\PPLive
[2010/12/13 15:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\Quest Software
[2011/09/21 12:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\QuickScan
[2011/04/18 17:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\Samsung
[2011/12/28 16:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\Seagate
[2011/12/14 15:05:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\SQL Developer
[2011/07/18 17:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\TeamViewer
[2010/07/27 15:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\webex
[2009/10/07 19:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\Windows Desktop Search
[2010/07/26 11:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jannie\Application Data\Windows Search
[2011/12/28 16:18:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2010/07/28 09:55:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PowerUser\Application Data\pdfforge
[2010/07/28 09:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PowerUser\Application Data\PGP Corporation
[2010/07/28 09:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PowerUser\Application Data\Search Settings
[2009/10/07 19:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PowerUser\Application Data\Windows Desktop Search
[2012/01/05 17:00:05 | 000,000,192 | ---- | M] () -- C:\WINDOWS\Tasks\backup.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: I8042PRT.SYS  >[/color]
[2008/04/14 20:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\I386\sp3.cab:i8042prt.sys
[2008/04/14 20:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys
[2008/04/13 12:18:02 | 000,052,480 | ---- | M] (Microsoft Corporation) MD5=4A0B06AA8943C1E332520F7440C0AA30 -- C:\symbols\i8042prt.sys\48025C67cd00\i8042prt.sys
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >[/color]
"Type" = 1
"Start" = 1
"ErrorControl" = 1
"Tag" = 5
"ImagePath" = system32\DRIVERS\netbt.sys -- [2008/04/14 20:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBios over Tcpip
"Group" = PNP_TDI
"DependOnService" = Tcpip [binary data]
"DependOnGroup" =  [binary data]
"Description" = NetBios over Tcpip
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"NbProvider" = _tcp
"NameServerPort" = 137
"CacheTimeout" = 600000
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"Size/Small/Medium/Large" = 1
"SessionKeepAlive" = 3600000
"TransportBindName" = \Device\
"EnableLMHOSTS" = 1
"DhcpNodeType" = 8
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{413DCAC7-AAD4-450E-A509-06CC39BF5867}]
"NameServerList" =  [binary data]
"NetbiosOptions" = 0 -- [2010/08/13 16:50:48 | 000,000,032 | ---- | M] ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{64DC389E-8DC9-4E47-B8DF-8567014426A6}]
"NameServerList" =  [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{6902E4F4-6392-4FEC-BA40-560A95F51E42}]
"NameServerList" =  [binary data]
"NetbiosOptions" = 0 -- [2010/08/13 16:50:48 | 000,000,032 | ---- | M] ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{92C15F0B-06DA-4AEE-900B-AF530A622A95}]
"NameServerList" =  [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{9B1C61F2-F54D-48DD-889A-A022F2EAF91C}]
"NameServerList" =  [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{DA102E7C-003A-462E-8858-E38F3F4C4F7B}]
"NameServerList" =  [binary data]
"NetbiosOptions" = 0 -- [2010/08/13 16:50:48 | 000,000,032 | ---- | M] ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{E73E3251-C720-4328-B27E-7A348946056D}]
"NameServerList" =  [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >[/color]
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 1
"ImagePath" = system32\DRIVERS\netbios.sys -- [2008/04/14 20:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 07 01 03 01 00 00 01 00 02 00 04 00 05  [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 7
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters\Winsock]
"HelperDllName" = %SystemRoot%\System32\wshnetbs.dll -- [2008/04/14 20:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation)
"MaxSockAddrLength" = 20
"MinSockAddrLength" = 20
"Mapping" = 02 00 00 00 03 00 00 00 11 00 00 00 05 00 00 00 00 00 00 00 11 00 00 00 02 00 00 00 00 00 00 00  [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1
 
[color=#A23BEC]< C:\Windows\assembly\tmp\U\*.* /s >[/color]

< End of report >

Please use plain text.
Stone Emissary
mccorry
Posts: 29
Registered: ‎01-06-2012

Re: Error 7034 The Trend Micro Solution Platform service terminated unexpectedly

OTL Extras logfile created on: 06/01/2012 5:37:31 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = D:\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy
 
2.99 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 81.90% Memory free
5.82 Gb Paging File | 5.38 Gb Available in Paging File | 92.43% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 37.75 Gb Free Space | 50.66% Space Free | Partition Type: NTFS
Drive D: | 74.45 Gb Total Space | 49.59 Gb Free Space | 66.61% Space Free | Partition Type: NTFS
Drive F: | 244.14 Gb Total Space | 11.04 Gb Free Space | 4.52% Space Free | Partition Type: NTFS
Drive G: | 221.62 Gb Total Space | 12.27 Gb Free Space | 5.54% Space Free | Partition Type: NTFS
Drive Q: | 8.46 Gb Total Space | 2.18 Gb Free Space | 25.71% Space Free | Partition Type: NTFS
Drive U: | 931.51 Gb Total Space | 498.47 Gb Free Space | 53.51% Space Free | Partition Type: NTFS
Drive V: | 78.13 Gb Total Space | 10.73 Gb Free Space | 13.73% Space Free | Partition Type: NTFS
Drive W: | 78.13 Gb Total Space | 19.63 Gb Free Space | 25.13% Space Free | Partition Type: NTFS
Drive X: | 78.13 Gb Total Space | 10.73 Gb Free Space | 13.73% Space Free | Partition Type: NTFS
Drive Y: | 78.13 Gb Total Space | 41.02 Gb Free Space | 52.50% Space Free | Partition Type: NTFS
Drive Z: | 8.46 Gb Total Space | 2.18 Gb Free Space | 25.71% Space Free | Partition Type: NTFS
 
Computer Name: IT01 | User Name: Jannie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-772404766-1821189547-2654332125-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0 -- ()
"FirewallDisableNotify" = 0 -- ()
"UpdatesDisableNotify" = 0 -- ()
"AntiVirusOverride" = 0 -- ()
"FirewallOverride" = 0 -- ()
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0 -- ()
"DisableNotifications" = 0 -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5900:TCP" = 5900:TCP:*:Enabled:VNC 5900
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 


Please use plain text.