Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer

Adavanced SystemCare Diagnose Report: Can anyone help?


budman1

Recommended Posts

What does this all mean the errors etc? How can resolve them?

 

Advanced SystemCare Diagnose Report v1.0

Date: 2012/09/07 03:01:11

 

----------------------------------

01 - Operating System

----------------------------------

 

0101 - Operating System : Windows 7 Home Premium 32-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.120330-1504)

0102 - Language : English (Regional Setting: English)

0103 - BIOS : Default System BIOS

0104 - Processor : Intel® Pentium® 4 CPU 3.20GHz (2 CPUs), ~3.2GHz

0105 - Memory : 3072MB RAM

0106 - Available OS Memory : 3064MB RAM

0107 - Page File : 826MB used, 5296MB available

0108 - Windows Dir : C:\Windows

0109 - DirectX Version : DirectX 11

0110 - DX Setup Parameters : Not found

0111 - User DPI Setting : 96 DPI (100 percent)

0112 - System DPI Setting : 96 DPI (100 percent)

0113 - DWM DPI Scaling : Disabled

0114 - DxDiag Version : 6.01.7601.17514

 

----------------------------------

02 - Processor

----------------------------------

 

0201 - Caption : Intel® Pentium® 4 CPU 3.20GHz x2 ~3200MHz

0202 - Current Clock Speed : 3200MHz

 

----------------------------------

03 - Video Adapter

----------------------------------

 

0301 - Card Name : Standard VGA Graphics Adapter

0302 - Manufacturer : (Standard display types)

0303 - Chip Type : Intel®Grantsdale-G Graphics Chip Accelerated VGA BIOS

0304 - DAC Type : 8 bit

0305 - Device Key : Enum\PCI\VEN_8086&DEV_2582&SUBSYS_3005103C&REV_04

0306 - Display Memory : n/a

0307 - AdapterRAM : 0

0308 - Current Mode : 1024 x 768 (32 bit) (1Hz)

0309 - Monitor Name : Generic PnP Monitor

0310 - Driver Name : vga

0311 - Driver Version : 6.01.7600.16385

0312 - Driver Language : English

0313 - DDI Version : unknown

0314 - Driver Model : unknown

0315 - Driver Beta : False

0316 - Driver Debug : False

0317 - Driver Date : 7/13/2009 16:25:51

0318 - Driver Size : 10752

0319 - VDD : n/a

0320 - Mini VDD : n/a

0321 - Mini VDD Date : n/a

0322 - Mini VDD Size : 0

0323 - Device Identifier : {D7B78E66-66C2-11CF-8D33-B50DAAC2CB35}

0324 - Vendor ID : 0x8086

0325 - Device ID : 0x2582

0326 - SubSys ID : 0x3005103C

0327 - Revision ID : 0x0004

0328 - Driver Strong Name : Unknown

0329 - Rank Of Driver : Unknown

0332 - D3D9 Overlay : n/a

0333 - DXVA-HD : n/a

0334 - DDraw Status : Not Available

0335 - D3D Status : Not Available

0336 - AGP Status : Not Available

0337 - Notes : No problems found.

 

0338 - OpenGL : 6.1.7600.16385 (win7_rtm.090713-1255)

 

----------------------------------

04 - Memory

----------------------------------

 

0401 - Total Memory : 2.99 GB

0402 - Free Memory : 2.15 GB

0403 - Total Pagefile : 5.98 GB

0404 - Free Pagefile : 5.17 GB

 

0405 - Bank Label : N/A

0406 - Speed : 400 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 1.00 GB

 

0405 - Bank Label : N/A

0406 - Speed : 400 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 512.00 MB

 

0405 - Bank Label : N/A

0406 - Speed : 400 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 1.00 GB

 

0405 - Bank Label : N/A

0406 - Speed : 400 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 512.00 MB

 

0405 - Bank Label : N/A

0406 - Speed : NULL MHz

0407 - Total Width : 4 Bits

0408 - Capacity : 512.00 KB

 

----------------------------------

05 - Network

----------------------------------

 

0501 - Description : Broadcom NetXtreme Gigabit Ethernet

0502 - Driver Date : 8-24-2011

0503 - Driver Version : 15.0.0.17

 

----------------------------------

06 - Motherboard

----------------------------------

 

0601 - Model : 0968h

0602 - Manufacturer : Hewlett-Packard

 

----------------------------------

07 - Sound Device

----------------------------------

 

0701 - Description : Speakers (SoundMAX Integrated Digital Audio)

0702 - Default Sound Playback : True

0703 - Default Voice Playback : True

0704 - Hardware ID : PCI\VEN_8086&DEV_266E&SUBSYS_3005103C&REV_03

0705 - Manufacturer ID : 1

0706 - Product ID : 100

0707 - Type : WDM

0708 - Driver Name : smwdm.sys

0709 - Driver Version : 5.12.0001.4070

0710 - Driver attributes : Final Retail

0711 - Date and Size : 4/15/2004 11:20:36

0713 - Driver Provider : Analog Devices

0714 - Min/Max Sample Rate : 4642746, 4642746

0715 - Static/Strm HW Mix Bufs : 4642746, 4642746

0716 - Static/Strm HW 3D Bufs : 4642746, 4642746

0717 - HW Memory : 4642754

0718 - Voice Management : False

0719 - EAX 2.0 Listen/Src : False, False

0720 - I3DL2 Listen/Src : False, False

0721 - Notes : No problems found.

 

 

----------------------------------

08 - Hard Disk

----------------------------------

 

0801 - Model : WDC WD3200AAJS-00VWA0 ATA Device(Western Digital)

0802 - Media Type : Fixed hard disk media

0803 - Size : 298.09 GB

0804 - Interface Type : Serial ATA

0805 - Driver Date : 6-21-2006

0806 - Driver Version : 6.1.7600.16385

 

0807 - Caption : C:\

0808 - Capacity : 297.99 GB

0809 - Free Space : 270.69 GB

0810 - Drive Type : 3-Fixed

0811 - File System : NTFS

 

----------------------------------

09 - Process

----------------------------------

 

0901 - 000 Idle 0 0 0

0901 - 004 System 0 0 0

0901 - 158 smss.exe 0 0 0 normal C:\Windows\system32

0901 - 1b8 csrss.exe 0 0 0 normal C:\Windows\system32

0901 - 1dc wininit.exe 0 0 0 high C:\Windows\system32

0901 - 1e4 csrss.exe 1 174 79 normal C:\Windows\system32

0901 - 214 winlogon.exe 1 6 0 high C:\Windows\system32

0901 - 228 services.exe 0 0 0 normal C:\Windows\system32

0901 - 234 lsass.exe 0 0 0 normal C:\Windows\system32

0901 - 244 lsm.exe 0 0 0 normal C:\Windows\system32

0901 - 2c4 svchost.exe 0 0 0 normal C:\Windows\system32

0901 - 320 svchost.exe 0 0 0 normal C:\Windows\system32

0901 - 368 svchost.exe 0 0 0 normal C:\Windows\System32

0901 - 39c svchost.exe 0 0 0 normal C:\Windows\System32

0901 - 3cc svchost.exe 0 0 0 normal C:\Windows\system32

0901 - 420 audiodg.exe 0 0 0

0901 - 448 svchost.exe 0 0 0 normal C:\Windows\system32

0901 - 494 svchost.exe 0 0 0 normal C:\Windows\system32

0901 - 4d0 AvastSvc.exe 0 0 0 normal C:\Program Files\AVAST Software\Avast

0901 - 508 KSafeSvc.exe 0 0 0 normal C:\Program files\Kingsoft\PCDoctor

0901 - 5a4 spoolsv.exe 0 0 0 normal C:\Windows\System32

0901 - 5c4 svchost.exe 0 0 0 normal C:\Windows\system32

0901 - 614 taskeng.exe 1 9 3 normal C:\Windows\system32

0901 - 654 Dwm.exe 1 9 2 normal C:\Windows\system32

0901 - 674 taskeng.exe 1 9 3 normal C:\Windows\system32

0901 - 6a0 Explorer.EXE 1 290 204 normal C:\Windows

0901 - 6bc ccSvcHst.exe 0 0 0 normal C:\Program Files\Norton Internet Security\Engine\19.8.0.14

0901 - 514 AvastUI.exe 1 117 32 normal C:\Program Files\AVAST Software\Avast

0901 - 820 KSafeTray.exe 1 78 22 normal C:\Program Files\Kingsoft\PCDoctor

0901 - ac4 ccSvcHst.exe 1 51 40 normal C:\Program Files\Norton Internet Security\Engine\19.8.0.14

0901 - c8c BrcmMgmtAgent.exe 0 0 0 normal C:\Program Files\Broadcom\MgmtAgent

0901 - cdc TeaTimer.exe 1 61 35 normal C:\Program Files\Spybot - Search & Destroy

0901 - d24 armsvc.exe 0 0 0 normal C:\Program Files\Common Files\Adobe\ARM\1.0

0901 - d68 taskeng.exe 0 0 0 below normal C:\Windows\system32

0901 - eec unsecapp.exe 0 0 0 normal C:\Windows\system32\wbem

0901 - f08 wmiprvse.exe 0 0 0 normal C:\Windows\system32\wbem

0901 - f84 ASC.exe 1 1663 292 normal C:\Program Files\IObit\Advanced SystemCare 5

0901 - f98 SearchIndexer.exe 0 0 0 normal C:\Windows\system32

0901 - fd4 wmiprvse.exe 0 0 0 normal C:\Windows\system32\wbem

0901 - 4c4 ASCTray.exe 1 60 25 normal C:\Program Files\IObit\Advanced SystemCare 5

0901 - 830 SearchProtocolHost.exe 0 0 0 idle C:\Windows\system32

0901 - 994 SearchFilterHost.exe 0 0 0 idle C:\Windows\system32

0901 - c54 Sus10_SysExplorer.exe 1 101 45 normal C:\Program Files\IObit\Advanced SystemCare 5

 

 

----------------------------------

10 - Service

----------------------------------

 

1001 - Adobe Acrobat Update Service - ["C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"]

1001 - Application Information - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Windows Audio Endpoint Builder - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Windows Audio - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - avast! Antivirus - ["C:\Program Files\AVAST Software\Avast\AvastSvc.exe"]

1001 - Base Filtering Engine - [C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork]

1001 - Broadcom Management Agent - ["C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe" -service]

1001 - Cryptographic Services - [C:\Windows\system32\svchost.exe -k NetworkService]

1001 - DHCP Client - [C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - DNS Client - [C:\Windows\system32\svchost.exe -k NetworkService]

1001 - Windows Event Log - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - COM+ Event System - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - IKE and AuthIP IPsec Keying Modules - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - KSafe service - ["C:\Program files\Kingsoft\PCDoctor\KSafeSvc.exe" -svc]

1001 - Server - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Workstation - [C:\Windows\System32\svchost.exe -k NetworkService]

1001 - TCP/IP NetBIOS Helper - [C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - Multimedia Class Scheduler - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Windows Firewall - [C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork]

1001 - Network Connections - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Network List Service - [C:\Windows\System32\svchost.exe -k LocalService]

1001 - Network Location Awareness - [C:\Windows\System32\svchost.exe -k NetworkService]

1001 - Network Store Interface Service - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Program Compatibility Assistant Service - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Plug and Play - [C:\Windows\system32\svchost.exe -k DcomLaunch]

1001 - Power - [C:\Windows\system32\svchost.exe -k DcomLaunch]

1001 - User Profile Service - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Remote Access Connection Manager - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Security Accounts Manager - [C:\Windows\system32\lsass.exe]

1001 - System Event Notification Service - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Shell Hardware Detection - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Print Spooler - [C:\Windows\System32\spoolsv.exe]

1001 - Secure Socket Tunneling Protocol Service - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Superfetch - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Telephony - [C:\Windows\System32\svchost.exe -k NetworkService]

1001 - Themes - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Desktop Window Manager Session Manager - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Windows Management Instrumentation - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Security Center - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - Windows Search - [C:\Windows\system32\SearchIndexer.exe /Embedding]

1001 - Windows Update - [C:\Windows\system32\svchost.exe -k netsvcs]

 

----------------------------------

11 - Windows Express

----------------------------------

 

1104 - Graphics Score : 1

 

----------------------------------

12 - Event Log

----------------------------------

 

1201 - Time : 9/7/2012 6:00:24 PM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error troubleshooter. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 9/7/2012 6:00:07 PM

1202 - Source : Windows Search Service

1203 - Description : The index cannot be initialized. Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

 

1201 - Time : 9/7/2012 6:00:07 PM

1202 - Source : Windows Search Service

1203 - Description : The application cannot be initialized. Context: Windows Application Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

 

1201 - Time : 9/7/2012 6:00:07 PM

1202 - Source : Windows Search Service

1203 - Description : The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

 

1201 - Time : 9/7/2012 6:00:05 PM

1202 - Source : Windows Search Service

1203 - Description : The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

 

1201 - Time : 9/7/2012 6:00:05 PM

1202 - Source : Windows Search Service

1203 - Description : The search service has detected corrupted data files in the index {id=431}. The service will attempt to automatically correct this problem by rebuilding the index. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

 

1201 - Time : 9/7/2012 6:00:05 PM

1202 - Source : Windows Search Service

1203 - Description : The gatherer is unable to read the registry Path. Context: Application, SystemIndex Catalog Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

 

1201 - Time : 9/7/2012 5:50:15 PM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 9/7/2012 5:30:25 PM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 9/7/2012 11:45:13 AM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 9/7/2012 6:00:07 PM

1202 - Source : Service Control Manager

1203 - Description : The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

 

1201 - Time : 9/7/2012 6:00:07 PM

1202 - Source : Service Control Manager

1203 - Description : The Windows Search service terminated with service-specific error %%-2147218173.

 

1201 - Time : 9/7/2012 6:00:06 PM

1202 - Source : Service Control Manager

1203 - Description : The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

 

1201 - Time : 9/7/2012 5:59:56 PM

1202 - Source : Service Control Manager

1203 - Description : The following boot-start or system-start driver(s) failed to load: SymIM

 

1201 - Time : 9/7/2012 5:59:22 PM

1202 - Source : SAVRKBootTasks

1203 - Description : Warning: Sophos boot tasks driver has failed to delete its backup file. If you are a Sophos customer, please contact support.

 

1201 - Time : 9/7/2012 5:49:29 PM

1202 - Source : Service Control Manager

1203 - Description : The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error: The service has not been started.

 

1201 - Time : 9/7/2012 5:34:02 PM

1202 - Source : Service Control Manager

1203 - Description : The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

 

1201 - Time : 9/7/2012 5:33:33 PM

1202 - Source : Service Control Manager

1203 - Description : The McAfee Validation Trust Protection Service service terminated with the following error: Incorrect function.

 

1201 - Time : 9/7/2012 5:30:49 PM

1202 - Source : Service Control Manager

1203 - Description : The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

 

1201 - Time : 9/7/2012 5:29:13 PM

1202 - Source : Service Control Manager

1203 - Description : The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

 

----------------------------------

End of file - 21465 Bytes

 

 

Can anyone help?

Link to comment
Share on other sites

Adavanced SystemCare Diagnose Report: Can anyone help?

 

I need advice help on how to repair these promblems.

 

Advanced SystemCare Diagnose Report v1.0

 

Date: 2012/09/07 15:37:40

 

----------------------------------

01 - Operating System

----------------------------------

 

0101 - Operating System : Windows 7 Home Premium 32-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.120330-1504)

0102 - Language : English (Regional Setting: English)

0103 - BIOS : Default System BIOS

0104 - Processor : Intel® Pentium® 4 CPU 3.20GHz (2 CPUs), ~3.2GHz

0105 - Memory : 3072MB RAM

0106 - Available OS Memory : 3064MB RAM

0107 - Page File : 1024MB used, 5098MB available

0108 - Windows Dir : C:\Windows

0109 - DirectX Version : DirectX 11

0110 - DX Setup Parameters : Not found

0111 - User DPI Setting : 96 DPI (100 percent)

0112 - System DPI Setting : 96 DPI (100 percent)

0113 - DWM DPI Scaling : Disabled

0114 - DxDiag Version : 6.01.7601.17514

 

----------------------------------

02 - Processor

----------------------------------

 

0201 - Caption : Intel® Pentium® 4 CPU 3.20GHz x2 ~3200MHz

0202 - Current Clock Speed : 3200MHz

 

----------------------------------

03 - Video Adapter

----------------------------------

 

0301 - Card Name : Standard VGA Graphics Adapter

0302 - Manufacturer : (Standard display types)

0303 - Chip Type : Intel®Grantsdale-G Graphics Chip Accelerated VGA BIOS

0304 - DAC Type : 8 bit

0305 - Device Key : Enum\PCI\VEN_8086&DEV_2582&SUBSYS_3005103C&REV_04

0306 - Display Memory : n/a

0307 - AdapterRAM : 0

0308 - Current Mode : 1024 x 768 (32 bit) (1Hz)

0309 - Monitor Name : Generic PnP Monitor

0310 - Driver Name : vga

0311 - Driver Version : 6.01.7600.16385

0312 - Driver Language : English

0313 - DDI Version : unknown

0314 - Driver Model : unknown

0315 - Driver Beta : False

0316 - Driver Debug : False

0317 - Driver Date : 7/13/2009 16:25:51

0318 - Driver Size : 10752

0319 - VDD : n/a

0320 - Mini VDD : n/a

0321 - Mini VDD Date : n/a

0322 - Mini VDD Size : 0

0323 - Device Identifier : {D7B78E66-66C2-11CF-8D33-B50DAAC2CB35}

0324 - Vendor ID : 0x8086

0325 - Device ID : 0x2582

0326 - SubSys ID : 0x3005103C

0327 - Revision ID : 0x0004

0328 - Driver Strong Name : Unknown

0329 - Rank Of Driver : Unknown

0332 - D3D9 Overlay : n/a

0333 - DXVA-HD : n/a

0334 - DDraw Status : Not Available

0335 - D3D Status : Not Available

0336 - AGP Status : Not Available

0337 - Notes : No problems found.

 

0338 - OpenGL : 6.1.7600.16385 (win7_rtm.090713-1255)

 

----------------------------------

04 - Memory

----------------------------------

 

0401 - Total Memory : 2.99 GB

0402 - Free Memory : 1.94 GB

0403 - Total Pagefile : 5.98 GB

0404 - Free Pagefile : 4.97 GB

 

0405 - Bank Label : N/A

0406 - Speed : 400 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 1.00 GB

 

0405 - Bank Label : N/A

0406 - Speed : 400 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 512.00 MB

 

0405 - Bank Label : N/A

0406 - Speed : 400 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 1.00 GB

 

0405 - Bank Label : N/A

0406 - Speed : 400 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 512.00 MB

 

0405 - Bank Label : N/A

0406 - Speed : NULL MHz

0407 - Total Width : 4 Bits

0408 - Capacity : 512.00 KB

 

----------------------------------

05 - Network

----------------------------------

 

0501 - Description : Broadcom NetXtreme Gigabit Ethernet

0502 - Driver Date : 8-24-2011

0503 - Driver Version : 15.0.0.17

 

----------------------------------

06 - Motherboard

----------------------------------

 

0601 - Model : 0968h

0602 - Manufacturer : Hewlett-Packard

 

----------------------------------

07 - Sound Device

----------------------------------

 

0701 - Description : Speakers (SoundMAX Integrated Digital Audio)

0702 - Default Sound Playback : True

0703 - Default Voice Playback : True

0704 - Hardware ID : PCI\VEN_8086&DEV_266E&SUBSYS_3005103C&REV_03

0705 - Manufacturer ID : 1

0706 - Product ID : 100

0707 - Type : WDM

0708 - Driver Name : smwdm.sys

0709 - Driver Version : 5.12.0001.4070

0710 - Driver attributes : Final Retail

0711 - Date and Size : 4/15/2004 11:20:36

0713 - Driver Provider : Analog Devices

0714 - Min/Max Sample Rate : 4642746, 4642746

0715 - Static/Strm HW Mix Bufs : 4642746, 4642746

0716 - Static/Strm HW 3D Bufs : 4642746, 4642746

0717 - HW Memory : 4642754

0718 - Voice Management : False

0719 - EAX 2.0 Listen/Src : False, False

0720 - I3DL2 Listen/Src : False, False

0721 - Notes : No problems found.

 

 

----------------------------------

08 - Hard Disk

----------------------------------

 

0801 - Model : WDC WD3200AAJS-00VWA0 ATA Device(Western Digital)

0802 - Media Type : Fixed hard disk media

0803 - Size : 298.09 GB

0804 - Interface Type : Serial ATA

0805 - Driver Date : 6-21-2006

0806 - Driver Version : 6.1.7600.16385

 

0807 - Caption : C:\

0808 - Capacity : 297.99 GB

0809 - Free Space : 270.31 GB

0810 - Drive Type : 3-Fixed

0811 - File System : NTFS

 

----------------------------------

09 - Process

----------------------------------

 

0901 - 000 Idle 0 0 0

0901 - 004 System 0 0 0

0901 - 158 smss.exe 0 0 0 normal C:\Windows\system32

0901 - 1b4 csrss.exe 0 0 0 normal C:\Windows\system32

0901 - 1d8 wininit.exe 0 0 0 high C:\Windows\system32

0901 - 1e0 csrss.exe 1 174 79 normal C:\Windows\system32

0901 - 208 winlogon.exe 1 6 0 high C:\Windows\system32

0901 - 234 services.exe 0 0 0 normal C:\Windows\system32

0901 - 240 lsass.exe 0 0 0 normal C:\Windows\system32

0901 - 248 lsm.exe 0 0 0 normal C:\Windows\system32

0901 - 2ac svchost.exe 0 0 0 normal C:\Windows\system32

0901 - 304 svchost.exe 0 0 0 normal C:\Windows\system32

0901 - 33c svchost.exe 0 0 0 normal C:\Windows\System32

0901 - 37c svchost.exe 0 0 0 normal C:\Windows\System32

0901 - 398 svchost.exe 0 0 0 normal C:\Windows\system32

0901 - 408 svchost.exe 0 0 0 normal C:\Windows\system32

0901 - 458 svchost.exe 0 0 0 normal C:\Windows\system32

0901 - 4b0 AvastSvc.exe 0 0 0 normal C:\Program Files\AVAST Software\Avast

0901 - 534 Dwm.exe 1 9 2 normal C:\Windows\system32

0901 - 54c Explorer.EXE 1 300 199 normal C:\Windows

0901 - 5ac KSafeSvc.exe 0 0 0 normal C:\Program files\Kingsoft\PCDoctor

0901 - 62c spoolsv.exe 0 0 0 normal C:\Windows\System32

0901 - 648 svchost.exe 0 0 0 normal C:\Windows\system32

0901 - 714 ccSvcHst.exe 0 0 0 normal C:\Program Files\Norton Internet Security\Engine\19.8.0.14

0901 - 868 SearchIndexer.exe 0 0 0 normal C:\Windows\system32

0901 - 93c KSafeTray.exe 1 78 22 normal C:\Program Files\Kingsoft\PCDoctor

0901 - 97c AvastUI.exe 1 117 32 normal C:\Program Files\AVAST Software\Avast

0901 - 9e0 ccSvcHst.exe 1 35 35 normal C:\Program Files\Norton Internet Security\Engine\19.8.0.14

0901 - c58 BrcmMgmtAgent.exe 0 0 0 normal C:\Program Files\Broadcom\MgmtAgent

0901 - cdc armsvc.exe 0 0 0 normal C:\Program Files\Common Files\Adobe\ARM\1.0

0901 - e10 unsecapp.exe 0 0 0 normal C:\Windows\system32\wbem

0901 - e38 wmiprvse.exe 0 0 0 normal C:\Windows\system32\wbem

0901 - e9c TeaTimer.exe 1 61 35 normal C:\Program Files\Spybot - Search & Destroy

0901 - f84 MSASCui.exe 1 59 113 normal C:\Program Files\Windows Defender

0901 - fac svchost.exe 0 0 0 normal C:\Windows\System32

0901 - df0 svchost.exe 0 0 0 normal C:\Windows\system32

0901 - eb8 firefox.exe 1 723 48 normal C:\Program Files\Mozilla Firefox

0901 - b10 audiodg.exe 0 0 0

0901 - 448 plugin-container.exe 1 9 19 normal C:\Program Files\Mozilla Firefox

0901 - 160 FlashPlayerPlugin_11_4_402_265.exe 1 9 6 normal C:\Windows\system32\Macromed\Flash

0901 - c8c FlashPlayerPlugin_11_4_402_265.exe 1 15 9 normal C:\Windows\system32\Macromed\Flash

0901 - a38 ASC.exe 1 1662 291 normal C:\Program Files\IObit\Advanced SystemCare 5

0901 - b78 wmiprvse.exe 0 0 0 normal C:\Windows\system32\wbem

0901 - 548 ASCTray.exe 1 60 25 normal C:\Program Files\IObit\Advanced SystemCare 5

0901 - a6c Sus10_SysExplorer.exe 1 101 45 normal C:\Program Files\IObit\Advanced SystemCare 5

 

 

----------------------------------

10 - Service

----------------------------------

 

1001 - Adobe Acrobat Update Service - ["C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"]

1001 - Application Information - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Windows Audio Endpoint Builder - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Windows Audio - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - avast! Antivirus - ["C:\Program Files\AVAST Software\Avast\AvastSvc.exe"]

1001 - Base Filtering Engine - [C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork]

1001 - Background Intelligent Transfer Service - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Broadcom Management Agent - ["C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe" -service]

1001 - Cryptographic Services - [C:\Windows\system32\svchost.exe -k NetworkService]

1001 - DHCP Client - [C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - DNS Client - [C:\Windows\system32\svchost.exe -k NetworkService]

1001 - Windows Event Log - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - COM+ Event System - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Windows Font Cache Service - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]

1001 - IKE and AuthIP IPsec Keying Modules - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - KSafe service - ["C:\Program files\Kingsoft\PCDoctor\KSafeSvc.exe" -svc]

1001 - Server - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Workstation - [C:\Windows\System32\svchost.exe -k NetworkService]

1001 - TCP/IP NetBIOS Helper - [C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - Multimedia Class Scheduler - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Windows Firewall - [C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork]

1001 - Network Connections - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Network List Service - [C:\Windows\System32\svchost.exe -k LocalService]

1001 - Network Location Awareness - [C:\Windows\System32\svchost.exe -k NetworkService]

1001 - Network Store Interface Service - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Program Compatibility Assistant Service - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Plug and Play - [C:\Windows\system32\svchost.exe -k DcomLaunch]

1001 - Power - [C:\Windows\system32\svchost.exe -k DcomLaunch]

1001 - User Profile Service - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Remote Access Connection Manager - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Security Accounts Manager - [C:\Windows\system32\lsass.exe]

1001 - System Event Notification Service - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Shell Hardware Detection - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Print Spooler - [C:\Windows\System32\spoolsv.exe]

1001 - SSDP Discovery - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]

1001 - Secure Socket Tunneling Protocol Service - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Superfetch - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Telephony - [C:\Windows\System32\svchost.exe -k NetworkService]

1001 - Themes - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Distributed Link Tracking Client - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Desktop Window Manager Session Manager - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Windows Defender - [C:\Windows\System32\svchost.exe -k secsvcs]

1001 - Windows Management Instrumentation - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Security Center - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - Windows Search - [C:\Windows\system32\SearchIndexer.exe /Embedding]

1001 - Windows Update - [C:\Windows\system32\svchost.exe -k netsvcs]

 

----------------------------------

11 - Windows Express

----------------------------------

 

1104 - Graphics Score : 1

 

----------------------------------

12 - Event Log

----------------------------------

 

1201 - Time : 9/8/2012 4:31:35 AM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 9/8/2012 4:03:41 AM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 9/7/2012 6:00:24 PM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 9/7/2012 6:00:07 PM

1202 - Source : Windows Search Service

1203 - Description : The index cannot be initialized. Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

 

1201 - Time : 9/7/2012 6:00:07 PM

1202 - Source : Windows Search Service

1203 - Description : The application cannot be initialized. Context: Windows Application Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

 

1201 - Time : 9/7/2012 6:00:07 PM

1202 - Source : Windows Search Service

1203 - Description : The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

 

1201 - Time : 9/7/2012 6:00:05 PM

1202 - Source : Windows Search Service

1203 - Description : The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

 

1201 - Time : 9/7/2012 6:00:05 PM

1202 - Source : Windows Search Service

1203 - Description : The search service has detected corrupted data files in the index {id=431}. The service will attempt to automatically correct this problem by rebuilding the index. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

 

1201 - Time : 9/7/2012 6:00:05 PM

1202 - Source : Windows Search Service

1203 - Description : The gatherer is unable to read the registry Path. Context: Application, SystemIndex Catalog Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (HRESULT : 0x80040d03) (0x80040d03)

 

1201 - Time : 9/7/2012 5:50:15 PM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 9/8/2012 6:09:22 AM

1202 - Source : Service Control Manager

1203 - Description : The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

 

1201 - Time : 9/8/2012 6:09:12 AM

1202 - Source : Service Control Manager

1203 - Description : The following boot-start or system-start driver(s) failed to load: SymIM

 

1201 - Time : 9/8/2012 6:08:23 AM

1202 - Source : SAVRKBootTasks

1203 - Description : Warning: Sophos boot tasks driver has failed to delete its backup file. If you are a Sophos customer, please contact support.

 

1201 - Time : 9/8/2012 6:05:06 AM

1202 - Source : Service Control Manager

1203 - Description : The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

 

1201 - Time : 9/8/2012 5:27:17 AM

1202 - Source : Service Control Manager

1203 - Description : The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

 

1201 - Time : 9/8/2012 5:26:52 AM

1202 - Source : Service Control Manager

1203 - Description : The following boot-start or system-start driver(s) failed to load: SymIM

 

1201 - Time : 9/8/2012 5:26:17 AM

1202 - Source : SAVRKBootTasks

1203 - Description : Warning: Sophos boot tasks driver has failed to delete its backup file. If you are a Sophos customer, please contact support.

 

1201 - Time : 9/8/2012 4:31:21 AM

1202 - Source : Service Control Manager

1203 - Description : The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

 

1201 - Time : 9/8/2012 4:31:02 AM

1202 - Source : Service Control Manager

1203 - Description : The following boot-start or system-start driver(s) failed to load: SymIM

 

1201 - Time : 9/8/2012 4:30:16 AM

1202 - Source : SAVRKBootTasks

1203 - Description : Warning: Sophos boot tasks driver has failed to delete its backup file. If you are a Sophos customer, please contact support.

 

----------------------------------

End of file - 22278 Bytes

Link to comment
Share on other sites

Hi Budman... welcome to the Iobit forums!

 

You appear to be running two Anti-virus softwares. Norton and Avast. It is advisable to run only one as they do not play well together. Norton can be troublesome to remove... if you decide to remove it you may need to use the Symantec/Norton removal tool.

 

Also have you been having difficulty with your Windows... It appears to be slightly corrupted.

I would suggest you run a scannow first to check your system files. To do this simply go to the Run box on the Start Menu and type in:

 

"sfc /scannow" then press enter.

 

This will start the Windows File Protection service to scan all protected files and verify their integrity, replacing any files with which it finds a problem.

 

If your system .dll cache is corrupted it may ask for the original installation medium to restore corrupted files.

 

Sincerely,

-Mel

Live long and prosper!

 

P.S. I have combined your threads as they pertain to the same issue.

Link to comment
Share on other sites

Hi Budman.

 

Did the System File Checker ask for the original Windows installation medium? Also had you recently suddenly started having difficulties with your Windows or had you noticed no problems but were concerned because of the errors listed in your diagnose report?

 

Sincerely,

-Mel

Live long and prosper!

Link to comment
Share on other sites

Not really. I did the scan all it said was that some corrupt files could not be fixed. I also recently did a rootkitbuster scan on the computer.. Can i post the results in here? It was unable to fix the promblems it was showing. Something like the kernnel code patch was corrupt etc. That is from trend micro rootkitbuster.

Link to comment
Share on other sites

Hi budman1.

 

Feel free to Copy/paste the log into your next reply. Had you recently suddenly started having difficulties with your Windows or had you noticed no problems but were concerned because of the errors listed in your diagnose report? Are you having no noticable difficulties with your Windows at this time? Also is your Windows updated ok?

 

Sincerely,

-Mel

Live long and prosper!

Link to comment
Share on other sites

Report:

 

Nope windows update is working fine i got all my updates.. Windows seem to be running normal.. Here is the report from Trend micro.

 

 

--------------------------------------------------

| Trend Micro RootkitBuster

| Module version: 5.0.0.1061

| Computer Name: DAVIDS-PC

| OS version: 6.1-7601

| User Name: Davids

+----------------------------------------------------

 

 

--== Dump Hidden MBR, Hidden Files and Alternate Data Streams on C:\ ==--

MBR unsupported disk type

[FILE_STREAM]:

FullPath : C:\ProgramData\TEMP:0B4227B4:$DATA

FullPathLength: 0

DesiredAccess : 0x0

Options : 0x0

Attributes : 0x2030

ShareAccess : 0x0

Type : 0x0

[FILE_STREAM]:

FullPath : C:\Users\All Users\TEMP:0B4227B4:$DATA

FullPathLength: 0

DesiredAccess : 0x0

Options : 0x0

Attributes : 0x2030

ShareAccess : 0x0

Type : 0x0

[FILE_STREAM]:

FullPath : C:\Users\Davids\Documents\Scanned Documents\Welcome Scan.jpg:�3or4kl4x13tuuug3Byamue2s4b:$DATA

FullPathLength: 60

DesiredAccess : 0x0

Options : 0x0

Attributes : 0x20

ShareAccess : 0x0

Type : 0x0

[FILE_STREAM]:

FullPath : C:\Users\Davids\Documents\Scanned Documents\Welcome Scan.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}:$DATA

FullPathLength: 60

DesiredAccess : 0x0

Options : 0x0

Attributes : 0x20

ShareAccess : 0x0

Type : 0x0

4 hidden files found.

 

--== Dump Hidden Registry Value on HKLM ==--

No hidden registry entries found.

 

 

--== Dump Hidden Process ==--

No hidden processes found.

 

--== Dump Hidden Driver ==--

No hidden drivers found.

 

--== Service Win32 API Hook List ==--

[HOOKED_SERVICE_API]:

Service API : ZwAlertResumeThread

Image Path :

OriginalHandler : 0x82aec4e1

CurrentHandler : 0x860fe428

ServiceNumber : 0xd

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwAlertThread

Image Path :

OriginalHandler : 0x82a74b0f

CurrentHandler : 0x860fe508

ServiceNumber : 0xe

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwAllocateVirtualMemory

Image Path :

OriginalHandler : 0x82a21f65

CurrentHandler : 0x860e18a8

ServiceNumber : 0x13

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwAlpcConnectPort

Image Path :

OriginalHandler : 0x82a3526b

CurrentHandler : 0x8604a7d0

ServiceNumber : 0x16

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwAssignProcessToJobObject

Image Path :

OriginalHandler : 0x82a8d7b4

CurrentHandler : 0x86103510

ServiceNumber : 0x2b

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateMutant

Image Path :

OriginalHandler : 0x82a841ce

CurrentHandler : 0x86103ab8

ServiceNumber : 0x4a

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateSymbolicLinkObject

Image Path :

OriginalHandler : 0x82a03189

CurrentHandler : 0x86104e58

ServiceNumber : 0x56

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateThread

Image Path :

OriginalHandler : 0x82aea702

CurrentHandler : 0x861014f0

ServiceNumber : 0x57

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateThreadEx

Image Path :

OriginalHandler : 0x82a73801

CurrentHandler : 0x86104f28

ServiceNumber : 0x58

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwDebugActiveProcess

Image Path :

OriginalHandler : 0x82abce88

CurrentHandler : 0x861035f0

ServiceNumber : 0x60

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwDuplicateObject

Image Path :

OriginalHandler : 0x82a6f8b5

CurrentHandler : 0x860e1a78

ServiceNumber : 0x6f

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwFreeVirtualMemory

Image Path :

OriginalHandler : 0x8289532e

CurrentHandler : 0x860fc9b0

ServiceNumber : 0x83

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwImpersonateAnonymousToken

Image Path :

OriginalHandler : 0x82a68236

CurrentHandler : 0x860fe2a8

ServiceNumber : 0x91

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwImpersonateThread

Image Path :

OriginalHandler : 0x82a46252

CurrentHandler : 0x860fe348

ServiceNumber : 0x93

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwLoadDriver

Image Path :

OriginalHandler : 0x829b9442

CurrentHandler : 0x8604a608

ServiceNumber : 0x9b

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwMapViewOfSection

Image Path :

OriginalHandler : 0x82a4eb6d

CurrentHandler : 0x860fc8b0

ServiceNumber : 0xa8

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenEvent

Image Path :

OriginalHandler : 0x82a44f76

CurrentHandler : 0x861039d8

ServiceNumber : 0xb1

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenProcess

Image Path :

OriginalHandler : 0x82a30f07

CurrentHandler : 0x860e1c38

ServiceNumber : 0xbe

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenProcessToken

Image Path :

OriginalHandler : 0x82a6e25d

CurrentHandler : 0x860e1998

ServiceNumber : 0xbf

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenSection

Image Path :

OriginalHandler : 0x82a7d9f0

CurrentHandler : 0x86103818

ServiceNumber : 0xc2

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenThread

Image Path :

OriginalHandler : 0x82a86af8

CurrentHandler : 0x860e1b68

ServiceNumber : 0xc6

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwProtectVirtualMemory

Image Path :

OriginalHandler : 0x82a55483

CurrentHandler : 0x86104008

ServiceNumber : 0xd7

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwResumeThread

Image Path :

OriginalHandler : 0x82a40ef5

CurrentHandler : 0x860fe5e8

ServiceNumber : 0x130

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwSetContextThread

Image Path :

OriginalHandler : 0x82aebf8d

CurrentHandler : 0x860fe888

ServiceNumber : 0x13c

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwSetInformationProcess

Image Path :

OriginalHandler : 0x82a1f28f

CurrentHandler : 0x860fc6e0

ServiceNumber : 0x14d

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwSetSystemInformation

Image Path :

OriginalHandler : 0x829fc618

CurrentHandler : 0x861036d0

ServiceNumber : 0x15e

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwSuspendProcess

Image Path :

OriginalHandler : 0x82aec41b

CurrentHandler : 0x861038f8

ServiceNumber : 0x16e

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwSuspendThread

Image Path :

OriginalHandler : 0x82aa6333

CurrentHandler : 0x860fe6c8

ServiceNumber : 0x16f

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwTerminateProcess

Image Path :

OriginalHandler : 0x82a313e6

CurrentHandler : 0x86102458

ServiceNumber : 0x172

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwTerminateThread

Image Path :

OriginalHandler : 0x82a48936

CurrentHandler : 0x860fe7a8

ServiceNumber : 0x173

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwUnmapViewOfSection

Image Path :

OriginalHandler : 0x82a71508

CurrentHandler : 0x860fc7d0

ServiceNumber : 0x181

ModuleName :

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwWriteVirtualMemory

Image Path :

OriginalHandler : 0x82a61295

CurrentHandler : 0x860fcaa0

ServiceNumber : 0x18f

ModuleName :

SDTType : 0x0

No hidden operating system service hooks found.

 

--== Dump Hidden Port ==--

No hidden ports found.

 

--== Dump Kernel Code Patching ==--

[KERNEL_CODE][DEVICE_OBJECT]:

Driver Name : vga

DeviceObject at : 020E4080

1 Kernel code patching found.

 

--== Dump Hidden Services ==--

No hidden services found.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...