[ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys 3408 StarOpen - ok
staropen.sys is a Kernel-level I/O operations helper driver from Rocket Division Software, which from my understanding, allows you to bypass windows system permissions, which are required by some CD/DVD writer software so to be able to burn without being administrator/domain admin/power user.
If you want more details, check this: http://www.rocketdivision.com/forum/...light=staropen
Do note that it is NOT a spyware.
anyway, it seems that this driver is incompatible with Vista x64 bits (it seems that it's 32 bits)...
just search your registry for all "StarOpen.sys" entrances, and delete them. Finally, delete the file from "C:\Windows\SysWOW64\drivers". Reboot and check your event log again...should be clean.
Error: Service Control Manager  - The following boot-start or system-start driver(s) failed to load: StarOpen
4/23/2010 11:24:29 PM, Error: Application Popup  - \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
regarding the StarOpen error: StarOpen
DRV - [2010-05-20 15:14:52 | 000,028,184 | ---- | M] (Colasoft Co., Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\CSN5PDTS82.sys -- (CSN5PDTS82)
DRV - [2009-11-12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
StarOpen.sys file informationThe process known as StarOpen or Samsung New PC Studio belongs to software RPS Burn or VideoNow Media Wizard by Verizon (www.verizon.com) or AT&T (www.att.com) or TELUS (www.telus.com) or Virgin Broadband (www.virginmedia.com) or Hasbro (www.hasbro.com).
Description: The file StarOpen.sys is located in the folder C:\Windows\System32\drivers. Known file sizes on Windows 7/XP are 5,632 bytes (78% of all occurrences), 5,504 bytes, 7,168 bytes or 4,224 bytes.
The driver can be started or stopped from Services in the Control Panel or by other programs. File StarOpen.sys is a file without information about the developer of this file. The program has no visible window. The service has no detailed description. File StarOpen.sys is not a Windows system file. StarOpen.sys seems to be a compressed file. Therefore the technical security rating is 51% dangerous, however also read the users reviews.
You could uninstall RPS Burn or AquaSoft DiaShow XP five software via Windows Control Panel/Add or Remove Programs (Windows XP) or Programs and Features (Windows 7/Vista).
What is staropen.sys?
AT&T, Verizon, and/or Virgin mobile phone driver file.
Is staropen.sys safe?
This staropen.sys file is safe and should not be considered threat to your computer.
Overall threat: No
How do I prevent staropen.sys from loading?
What is the role of the Service Control Manager?
Event ID 7026 — Basic Service Control Manager Operations
Possible solution: Update driversThe specified drivers did not load correctly because the drivers might not be in the expected location. To resolve this issue, verify that the most current versions of the drivers are installed and update the drivers, if needed.
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To update a driver:
- Use Windows Update. See article 323166 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=105083).
- Use Device Manager. See Update or Change a Device Driver (http://go.microsoft.com/fwlink/?LinkId=105084).
Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.
NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
Download BTKR_RunBox to your desktop.
Double click on downloaded BTKR_RunBox.exe file.
Small RunBox DOS window will open.
Press any key to continue.
Press "1" to select "Run a scan with Bootkit Remover" option.
Press "Enter" one more time to generate log.
Click OK, IF any "Warning" message pops up.
Notepad will open with Bootkit Remover log.
Copy the content and post it in your next reply.
In RunBox press "4" then Enter to exit it.
NOTE. In case you lost the log it's also located on your desktop as "scan.txt"
The following steps helped me to remove a driver, which was causing the issue:
1. Open regedit (e.g. click Start, key regedit and press Enter)
2. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers
3. Under this key, there will be the keys Version-2 and Version-3 (one or the other of these may be absent - not a problem). The sub-keys under these contain the printer driver configuration information
4. Delete all the sub-keys inside Version-2 and Version-3, but not these keys themselves. M312052 lists some other registry entries to delete, but this is not usually necessary.
5. Open a Command Prompt window
6. Key the commands
net stop spooler
net start spooler
See EV100284 for the complete article.
The Registry value for "Start" in the HKLM\System\CurrentControlSet\Services\
See this KB for Reference:
(excerpt from the above KB Link)
Start REG_DWORD Start constant
Specifies the starting values for the service as follows:
START TYPE LOADER MEANING
0x0 Kernel Represents a part of the
(Boot) driver stack for the boot
(startup) volume and must
therefore be loaded by the
0x1 I/O Represents a driver to be loaded
(System) subsystem at Kernel initialization.
0x2 Service To be loaded or started
(Auto load) Control automatically for all startups,
Manager regardless of service type.
0x3 Service Available, regardless of type,
(Load on Control but will not be started until
demand) Manager the user starts it (for example,
by using the Devices icon in
0x4 Service NOT TO BE STARTED UNDER ANY
(disabled) Control CONDITIONS.