Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow to boot, Firefox Crashing Frequently, OTL Freezes and will not co


  • Please log in to reply

#61
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
I deleted it from Task but couldn't find it under Plain or Tree
  • 0

Advertisements


#62
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Did you see these:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RAC

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RAC\RACAgent

Let's get an updated dump of the registry entries:

Copy the next 2 lines:

dir C:\Windows\Tasks\*.job > \junk.txt
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule" /s >> \junk.txt


Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Close the command window. Attach or copy and paste the file C:\junk.txt.
  • 0

#63
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Found and deleted the Rac registry under the tree

Junk file

Volume in drive C is Vista
Volume Serial Number is 2894-9318

Directory of C:\Windows\Tasks


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule
CacheCleanupCompleted REG_DWORD 0x1
HashingCompleted REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Aliases
AtServiceAccount REG_MULTI_SZ NT AUTHORITY\System

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration
DataVersion REG_DWORD 0x3
TasksInMemoryQueue REG_DWORD 0x64
TasksPerHighestPrivEngine REG_DWORD 0x64
TasksPerLeastPrivEngine REG_DWORD 0x32
MissedTasksStartupDelay REG_DWORD 0x258

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CredWom
(Default) REG_SZ Completed

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Handlers

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Handshake

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{1C0EBB1F-54BC-4A55-B31B-FC280B897DF8}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{44980BEE-7809-44A9-AC24-D6E578A3B7DF}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7D6040AE-2D30-49F3-9E48-FC8AF6F1AC75}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{A1868F64-ED08-49A9-9F86-F62ED855AFFD}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{11893D5E-54A0-4C6B-AB0D-D9FA527334A9}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1CC81347-6204-4B83-900C-01E02F50F067}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E576951-3A41-43AE-84EA-623F02F80E79}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{22D8F25D-E642-4533-A015-DF42E1E7CA33}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24AEC961-850F-4439-ABCC-E9E95905F28D}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{382A66B5-81CF-460E-ABF5-76A4281A7D68}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3BB5D87B-C851-4325-97B6-95E4EA1CBC61}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{445B8115-F062-4F14-8CF6-71132C02F9A7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{48909068-64F9-4B29-8C14-6957F35923C3}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B91DF4F-7E1F-4AE8-820A-2FB331567D67}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{74D1CC51-F3BA-47F2-A5B0-2D669FA07C6F}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{77367E09-0898-4B2A-A724-5961373F8950}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{77EA1F70-8B2C-4BDA-8E82-3C597D8C7A00}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{792493DE-3878-4323-B44D-F6F0C3562126}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9AE7DB43-4463-4AA1-B081-B686DD130E83}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D14A7BE-839F-471A-AF97-EBC9587648EA}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0284D75-8800-4DD4-A7F0-C7375D77B57A}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A61555D3-7840-45C1-A5A9-0D49851DE37A}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C6CBFEC8-EF47-4B48-9718-3A4170F99600}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DCF8CA49-10FE-40EA-A5B8-504B864BC698}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C3AF200-FADC-49E5-880E-DEE192C8B79A}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FDBDC47-7148-49DB-9D32-32E6A003C996}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CD7BF6C-F120-476E-AF84-851D43BDDEEE}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FA53AD9-B8FA-4454-B10A-BBB9D7869580}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D7BC85C-5A41-4963-8CDD-6D9D55F757DB}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{561375CB-FF5A-417B-B297-BA73DE149581}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{563F9E71-B031-464D-ADEB-763521504163}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57030356-4699-4E1F-9939-F9D4460CD4DA}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5936C79A-731F-4716-BE59-35B58194ECE5}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FC0DB27-AB18-46F8-968D-0510176E655F}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63A5B73B-0C43-4C7B-8B08-34C8E01A264D}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C041448-C69A-4D8B-A774-4F3948997407}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75B002DC-1295-4A52-B31E-936AD92CE95F}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{858BD5FB-61C3-4D83-8392-B9855BE4DF1D}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89194558-47E7-4A9E-B507-6C91CE4E6504}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99B9521C-F109-4B7B-BDDF-99CF656525E0}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A9F4EA3-C8E4-44F6-9B36-2DE854B7D0ED}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF336F90-33F0-441D-9F1B-941AA64D246D}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3BF2515-443F-456C-8485-F2B9A9142897}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E59437C6-816A-4941-AE55-EA5B2E449EB7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F55F85D3-8FDE-479E-82E0-A9BB339AA8E2}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8D6E476-24FE-4649-A4D7-985706B29128}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C3AF200-FADC-49E5-880E-DEE192C8B79A}
Path REG_SZ \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask
Triggers REG_BINARY 1500000000000000003A817360B601110000000000000000003A817360B60111FFFFFFFFFFFFFFFF2811C2014848484860E6BF55484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848482C0000004848484858020000100E000080F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848CCCC000000000000003A817360B601110000000000000000003A817360B60111FFFFFFFFFFFFFFFF0F000000FFFFFFFF000000000000000000000000008B827301006F00770073002F003200C8CF3971A5000000000000003C00510075006500720079004C006900730074003E003C00510075006500720079002000490064003D00220030002200200050006100740068003D002200530079007300740065006D0022003E003C00530065006C00650063007400200050006100740068003D002200530079007300740065006D0022003E002A005B00530079007300740065006D005B00500072006F00760069006400650072005B0040004E0061006D0065003D0027004D006900630072006F0073006F00660074002D00570069006E0064006F00770073002D00470072006F007500700050006F006C0069006300790027005D00200061006E00640020004500760065006E007400490044003D0031003500300032005D005D003C002F00530065006C006500630074003E003C002F00510075006500720079003E003C002F00510075006500720079004C006900730074003E000000484848480000000000000000000000000000000000000000000000008888000000000000003A817360B601110000000000000000003A817360B60111FFFFFFFFFFFFFFFF00000000FFFFFFFF000000000000000000000000008A8273012020203C726567697374727956616C
DynamicInfo REG_BINARY 03000000FB55560F7FFEC6016939F4A2455BC9010000000000000000
Hash REG_BINARY 4E1D1A9AE95603E293AF115AF6E5B29D61F221F28C9D822B72FFA0C1E448FEA7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11893D5E-54A0-4C6B-AB0D-D9FA527334A9}
Path REG_SZ \Microsoft\Windows\Windows Error Reporting\QueueReporting
Triggers REG_BINARY 1500000000000000003A8173B8690A0A0000000000000000003A8173B8690A0AFFFFFFFFFFFFFFFF4085400048484848D9CEAE534848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848482C0000004848484800000000FFFFFFFF80F40300FFFFFFFF0500000000000000000000000000000000000000000000000000000048484848AAAA000000000000003A8173B8690A0A0000000000000000003A8173B8690A0AFFFFFFFFFFFFFFFF0C030000FFFFFFFF008D2700000000000000000000888273010058003B003B003B005700440029000148484848484848
DynamicInfo REG_BINARY 03000000166F4A0F7FFEC601F1ADD3440AEBCD010000000000000000
Hash REG_BINARY F1E43E301393C048622563D225BA95F64D60A9B1DB8BF2A93E09778A8C693468

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C0EBB1F-54BC-4A55-B31B-FC280B897DF8}
Path REG_SZ \Microsoft\Windows\MUI\LPRemove
Triggers REG_BINARY 150000000000000001E315020AB52B7400D748295281C8010000000000000000FFFFFFFFFFFFFFFF38214201484848484D47E0EB484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848482C0000004848484858020000100E000080F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848FFFF00000000000001E315020AB52B7400D748295281C8010000000000000000FFFFFFFFFFFFFFFF84030000907E000000000000000000000000000000E41502010076006500720074004C006F006700DDDD00000000000001E315020AB52B7400D748295281C80100000000000000000000000000000000000000000000000000000000000000000000000000000000907E000000000000000000000000000000011502010000000000000019000000
DynamicInfo REG_BINARY 030000009AD012DA6F80C801D1C9ABA809EBCD010000000000000000
Hash REG_BINARY 03E24259A5CAB73201193232A30DE66932E60B37FCE15162F5E2CF71586B7234

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CC81347-6204-4B83-900C-01E02F50F067}
Path REG_SZ \Microsoft\Windows\MobilePC\TMM
Triggers REG_BINARY 1500000000000000003A81733083A4100000000000000000003A81733083A410FFFFFFFFFFFFFFFF4087400048484848DB9FB2EE484848480048484848484848004848484848484805000000484848480C0000004848484801010000000000050B0000004848484800000000484848482C0000004848484800000000FFFFFFFF00000000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000003A81733083A4100000000000000000003A81733083A410FFFFFFFFFFFFFFFF02000000FFFFFFFF000000000000000000000000008B827301000000000000004C4D454D480000000148484848484848
DynamicInfo REG_BINARY 03000000166F4A0F7FFEC60161DC897408EBCD010113040000000000
Hash REG_BINARY 73FC71C9E74A8781444B4A2C97C1421B3850250987E60BC02206A5417E931604

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E576951-3A41-43AE-84EA-623F02F80E79}
Path REG_SZ \SONY\VAIO Update\VAIO Update
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF48854001484848487F96AA9B4848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848482C0000004848484858020000100E000000000000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF05000000FFFFFFFF00000000000000000000000000E96B020100730043006F006E0066006C0069000148484848484848
DynamicInfo REG_BINARY 03000000978302E2E627C8011109567608EBCD010113040000000000
Hash REG_BINARY 6D693E8B1D4380A9FEAB9670BC50AB643A5B38FE2A4DCCDEA2579C757D8F8E0D

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24AEC961-850F-4439-ABCC-E9E95905F28D}
Path REG_SZ \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF0085800148484848CBD654634848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848480000000048484848AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000E5ED000100730043006F006E0066006C0069000148484848484848
Hash REG_BINARY 1534331A3DB8B8514050FB6EF242FDCAA836228E4CE7384D76A133489D104530

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FDBDC47-7148-49DB-9D32-32E6A003C996}
Path REG_SZ \Microsoft\Windows\Tcpip\IpAddressConflict2
Triggers REG_BINARY 150000000000000001D31D000AB5AA7480294E129638C601003A817388711108FFFFFFFFFFFFFFFF38A1400148484848581D84C54848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848482C0000004848484858020000100E000080F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848CCCC00000000000001D31D000AB5AA7480294E129638C601003A817388711108FFFFFFFFFFFFFFFF00000000FFFFFFFF000000000000000000000000008E8273010075007200720065006E00740056008D000000000000003C00510075006500720079004C006900730074003E003C00510075006500720079002000490064003D00220030002200200050006100740068003D002200530079007300740065006D0022003E003C00530065006C00650063007400200050006100740068003D002200530079007300740065006D0022003E002A005B00530079007300740065006D005B00500072006F00760069006400650072005B0040004E0061006D0065003D0027005400630070006900700027005D00200061006E00640020004500760065006E007400490044003D0034003100390039005D005D003C002F00530065006C006500630074003E003C002F00510075006500720079003E003C002F00510075006500720079004C006900730074003E00000048484848000000000000000000000000000000000000000000000000
DynamicInfo REG_BINARY 030000005CB7580F7FFEC60100000000000000000000000000000000
Hash REG_BINARY F4957EB476E2848D287F7164E07EA69AE15C4E87B965412F6327C6EF922ACCA1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{382A66B5-81CF-460E-ABF5-76A4281A7D68}
Path REG_SZ \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
Triggers REG_BINARY 15000000000000000000000000000000000000000000000000000000B8D4E700FFFFFFFFFFFFFFFFF885000048484848937F9E14484848480048484848484848004848484848484805000000484848480C000000484848480101000000000001000000004848484800000000484848482C0000004848484858020000100E0000100E0000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848DDDD00000000000001000000B8D4E70000781825AB03C70100000000000000000000000000000000000000000000000000000000000000000000000000000000100E00000100000001000000000000000001ED0001000000100E000027000000AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF100E0000FFFFFFFF00000000000000000000000000E5ED000100730043006F006E0066006C0069000148484848484848
Hash REG_BINARY 2CDB7ABD6DF5A627B27D6E6AA6C360AB0C06C3A838A3EDF42D788797B68E35E8

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BB5D87B-C851-4325-97B6-95E4EA1CBC61}
Path REG_SZ \Microsoft\Windows\SideShow\SystemDataProviders
Triggers REG_BINARY 1500000000000000003A8173C82A6A0E0000000000000000003A8173C82A6A0EFFFFFFFFFFFFFFFF00210200484848486282377A484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005130000004848484800000000484848482C0000004848484800000000FFFFFFFF00000000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF1E000000FFFFFFFF00000000000000000000000000EBB501010020005500740069006C00690074000148484848484848AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF1E000000FFFFFFFF00000000000000000000000000EE290101006F006E004100670065006E0074000148484848484848
DynamicInfo REG_BINARY 03000000166F4A0F7FFEC6010D9E5F8AE573C8018F04078000000000
Hash REG_BINARY 7976938439D70BD27B044FF57F8589D0D0684315CA756EA9F9E0297412C3074A

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93}
Path REG_SZ \Microsoft\Windows\Shell\CrawlStartPages
Triggers REG_BINARY 1500000000000000003A8173D871620C0000000000000000003A8173D871620CFFFFFFFFFFFFFFFF3021420048484848EBC7C3A6484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005130000004848484800000000484848482C00000048484848100E0000FFFFFFFF80F40300FFFFFFFF0A00000000000000000000000000000000000000000000000000000048484848EEEE000000000000003A8173D871620C0000000000000000003A8173D871620CFFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000D21D0001000000000000000000000000000000
DynamicInfo REG_BINARY 030000005CB7580F7FFEC6012160BDDFE3EBCD010000000000000000
Hash REG_BINARY FB61EA68890B11161767C7822D85CFF91477F7852614EF9AB390F172D6608024

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CD7BF6C-F120-476E-AF84-851D43BDDEEE}
Path REG_SZ \Microsoft\Windows\WDI\ResolutionHost
Triggers REG_BINARY 150000000000000000D91D00E8E68073FFFFFFFFFFFFFFFF00D91D00E8E6807300000000000000000085C00148484848227178E2484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005040000004848484800000000484848482C0000004848484800000000FFFFFFFF00000000FFFFFFFF0A00000000000000000000000000000000000000000000000000000048484848
DynamicInfo REG_BINARY 0300000000000000000000009F5B9C9F78EACD012B04078000000000
Hash REG_BINARY FD03A51788E0AD34E943ACFCF54AD73A26BF1C3E8D2B5836DCF4831F28D16D35

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FA53AD9-B8FA-4454-B10A-BBB9D7869580}
Path REG_SZ \{6277BBC7-0687-4823-A4F1-863F60EFA2E2}
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF38214100484848487758ACC4484848480048484848484848004848484848484801000000484848481C0000004848484801050000000000051500000089E04F8B5DF69156E0CD1ED1E8030000484848482400000048484848460075006E005F00430065006E007400650072005C004300680065007200690065000000484848482C0000004848484858020000100E000080F40300FFFFFFFF07000000000000000000000000000000000000000000000000000000484848488888000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000E9CB02010048006F0073007400000020003C00
DynamicInfo REG_BINARY 030000003037DD53EA84C901405EDD53EA84C9010000000000000000
Hash REG_BINARY 2A1E6961AE510E698E4B191D0E85122833F5D8D1F390C0E6E660AEEFAB816617

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{445B8115-F062-4F14-8CF6-71132C02F9A7}
Path REG_SZ \VAIO Service Utility
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF68A1400148484848B0B9E4874848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002002000000000000484848482C0000004848484858020000100E000080F40300000000000700000000000000000000000000000000000000000000000000000048484848DDDD00000000000001E86B020AB59973009898F6DED5C70101E86B020AB599730098BF73586BC901000000000000000000000000000000000000000000000000FFFFFFFF02000000010002000000000000016B02010000000000000027000000AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000E96B020100730043006F006E0066006C0069000148484848484848
DynamicInfo REG_BINARY 0300000077D9D6C8E627C801B13CD274C0E9CD010000000000000000
Hash REG_BINARY 7B37A2B8443E2ECCE2DE778DB24AE8D9EE870B3EE3071BF0385C400A60E2E143

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48909068-64F9-4B29-8C14-6957F35923C3}
Path REG_SZ \Microsoft\Windows\MobilePC\HotStart
Triggers REG_BINARY 1500000000000000003A8173C8080E0F0000000000000000003A8173C8080E0FFFFFFFFFFFFFFFFF4085400048484848E4C941FC484848480048484848484848004848484848484805000000484848480C0000004848484801010000000000050B0000004848484800000000484848482C0000004848484800000000FFFFFFFF00000000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000003A8173C8080E0F0000000000000000003A8173C8080E0FFFFFFFFFFFFFFFFF00000000FFFFFFFF000000000000000000000000008A827301000000000000004C4D454D480000000148484848484848
DynamicInfo REG_BINARY 03000000166F4A0F7FFEC601A1976375C0E9CD010000000000000000
Hash REG_BINARY B1F2AA490305894BF294311E67D445A11F2F6CC2D32F4D809D60180A102424F7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D7BC85C-5A41-4963-8CDD-6D9D55F757DB}
Path REG_SZ \Microsoft\Windows\Bluetooth\UninstallDeviceTask
Triggers REG_BINARY 150000000000000000D91D00E8E68073FFFFFFFFFFFFFFFF00D91D00E8E6807300000000000000001005420048484848E2A91A23484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848
DynamicInfo REG_BINARY 0300000000000000000000000FC6748C79EACD010000000000000000
Hash REG_BINARY F05995CD0C376EC2A9A295259B32C4774B49ABFCFF49F9F732BD9A31C3452993

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{561375CB-FF5A-417B-B297-BA73DE149581}
Path REG_SZ \Microsoft\Windows\Wired\GatherWiredInfo
Triggers REG_BINARY 150000000000000000D91D00E8E68073FFFFFFFFFFFFFFFF00D91D00E8E68073000000000000000000854001484848489C5812604848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848480000000048484848
Hash REG_BINARY 5589567BE1AB168A7807442E4763AE796B1541CFE519EEFC9A0D55D65F54C8C6

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{563F9E71-B031-464D-ADEB-763521504163}
Path REG_SZ \RealCreateProcessScheduledTask474599018S-1-5-21-2337267849-1452406365-3508456928-1000
Hash REG_BINARY 2362A40F86866230F1C3EADBD943B533A9D80390DC59EF93AA8EC71AF2CF4786
Triggers REG_BINARY 150000000000000001040000E8A3230200000000000000000000000000000000FFFFFFFFFFFFFFFF3821410048484848A92D25E5484848480048484848484848004848484848484801000000484848481C0000004848484801050000000000051500000089E04F8B5DF69156E0CD1ED1E80300004848484820000000484848484300480045005200490045005C004300680065007200690065000000720000002C0000004848484858020000100E000080F40300FFFFFFFF0400000000000000000000000000000000000000000000000000000048484848888800000000000001040000E8A3230200000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000E7B3020100380035003800390031007D000000
DynamicInfo REG_BINARY 03000000F01855E22971CD01709E5EE22971CD010000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57030356-4699-4E1F-9939-F9D4460CD4DA}
Path REG_SZ \Microsoft\Windows\Media Center\OCURDiscovery
Triggers REG_BINARY 150000000000000000D71D00E8E68073FFFFFFFFFFFFFFFF00D71D00E8E6807300000000000000000021420048484848FA8981F4484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848
Hash REG_BINARY 8E93F7001C1116402BDBD65B6E092681D93F9E7899759A0C238583C9CF199115

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5936C79A-731F-4716-BE59-35B58194ECE5}
Path REG_SZ \Microsoft\Windows\Media Center\OCURActivate
Triggers REG_BINARY 150000000000000000D71D00E8E68073FFFFFFFFFFFFFFFF00D71D00E8E68073000000000000000000214200484848485178B7EF484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848
Hash REG_BINARY 9A2B85472C0B137789D7C5F5EB2D866023C4A1619AF5960C15D9DFB28CC26940

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FC0DB27-AB18-46F8-968D-0510176E655F}
Path REG_SZ \Microsoft\Windows\Tcpip\WSHReset
Hash REG_BINARY 8020FABA32CAFC6297649E0C0F1FC58B0979C5E4F6A77A40E40969B5D3997BF2
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF0020C200484848484446E5D9484848480048484848484848004848484848484805000000484848480C0000004848484801010000000000051300000048484848000000004848484800000000484848488888000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000E4D70001000A00200020002000200020002000
DynamicInfo REG_BINARY 0300000091C22ED9B2E6CD01D113AEFAB2E6CD010100000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63A5B73B-0C43-4C7B-8B08-34C8E01A264D}
Path REG_SZ \Microsoft\Windows\Defrag\ManualDefrag
Triggers REG_BINARY 150000000000000000E6A20258963A73FFFFFFFFFFFFFFFF00E6A20258963A7300000000000000007821420148484848834B2E7A484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848482C0000004848484858020000100E000080F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848
DynamicInfo REG_BINARY 030000000000000000000000F0292191D7C8CD010000000000000000
Hash REG_BINARY 8578C409BECCC7C713C6EAFC37CD5BB924720B4FE82745FDC3588F12EC493D12

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B91DF4F-7E1F-4AE8-820A-2FB331567D67}
Path REG_SZ \Microsoft\Windows\SideShow\GadgetManager
Triggers REG_BINARY 1500000000000000003A8173C82A6A0E0000000000000000003A8173C82A6A0EFFFFFFFFFFFFFFFF0091400048484848533D3C394848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848482C0000004848484800000000FFFFFFFF80F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000003A8173C82A6A0E0000000000000000003A8173C82A6A0EFFFFFFFFFFFFFFFF00000000FFFFFFFF000000000000000000000000008A827300000000000000004C4D454D480000000148484848484848
Hash REG_BINARY BCCC71F60BEF402EAFBBBFE6931225F44B077261FA1375CFCF22310939BB0C9A

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C041448-C69A-4D8B-A774-4F3948997407}
Path REG_SZ \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
Triggers REG_BINARY 1500000000000000003A8173207011080000000000000000003A817320701108FFFFFFFFFFFFFFFF908540004848484857A6E567484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005040000004848484800000000484848482C0000004848484800000000FFFFFFFF00000000FFFFFFFF070000003C0000000500000000000000000000000000000000000000484848487777000000000000003A8173207011080000000000000000003A817320701108FFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000928273011C18083C1C18080000000000000000010000005000000001484848484848487777000000000000003A8173207011080000000000000000003A817320701108FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000092827301231808F42318080000000000000000020000005000000001484848484848487777000000000000003A8173207011080000000000000000003A817320701108FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000092827301006F006E0042006500680061007600030000007200000001484848484848487777000000000000003A8173207011080000000000000000003A817320701108FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000092827301006D0075006C006100740069006F00040000006F00640001484848484848487777000000000000003A8173207011080000000000000000003A817320701108FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000092827301007500720065007300000069006F00070000006F00640001484848484848487777000000000000003A8173207011080000000000000000003A817320701108FFFFFFFFFFFFFFFF00000000FFFFFFFF000000000000000000000000009282730100740053007500700070006F00720008000000320000000148484848484848
DynamicInfo REG_BINARY 030000005CB7580F7FFEC601A0F70983C15ECD010000000000000000
Hash REG_BINARY 6AB98F83CFC626A2ED328731AD0CB0EA7A52C24D7DA9FE60354B9C71FE3F90BA

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74D1CC51-F3BA-47F2-A5B0-2D669FA07C6F}
Path REG_SZ \Microsoft\Windows\SideShow\SessionAgent
Triggers REG_BINARY 1500000000000000003A8173C82A6A0E0000000000000000003A8173C82A6A0EFFFFFFFFFFFFFFFF0085000048484848738379644848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848482C0000004848484800000000FFFFFFFF00000000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF0F000000FFFFFFFF00000000000000000000000000EBB50101006F006E004100670065006E0074000148484848484848AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF0F000000FFFFFFFF00000000000000000000000000EE290101006F006E004100670065006E0074000148484848484848
DynamicInfo REG_BINARY 03000000166F4A0F7FFEC6018DCC6E81E573C8018F04078000000000
Hash REG_BINARY 4C8B1247B536825863B3955A076FC854FE794F32354C1B4F1E57165D35558B7A

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75B002DC-1295-4A52-B31E-936AD92CE95F}
Path REG_SZ \ScanSoft Background Update
Hash REG_BINARY EF2564B0F16D4D9D1B7D0B7C4EC319AA11C3C892C9F4F8099C9CBF4D817F994D
Triggers REG_BINARY 15000000000000000104000000E22802005053B5F76BC9010004000000E22802FFFFFFFFFFFFFFFF78A1400048484848346CE7E54848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848482C0000004848484858020000100E0000100E0000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848DDDD0000000000000104000000E22802005053B5F76BC90100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF0200000001000200000000000001A603010000000000000027000000
DynamicInfo REG_BINARY 03000000B056B0A1D3E6CC01AFD593BD71E7CD012513040000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77367E09-0898-4B2A-A724-5961373F8950}
Path REG_SZ \Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00854000484848481961F8254848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848482C0000004848484800000000FFFFFFFF03000000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF05000000FFFFFFFF00000000000000000000000000E5ED000100730043006F006E0066006C0069000148484848484848CCCC000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000E5ED000100690065006E00630065002000490023030000000000003C00510075006500720079004C006900730074003E000A002000200020002000200020002000200020002000200020002000200020002000200020002000200020003C00510075006500720079002000490064003D002200310022003E000A0020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020003C0021002D002D002000720065007300740072006900630074006500640020002D002D003E00200020000A0020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020003C00530065006C00650063007400200050006100740068003D0022004D006900630072006F0073006F00660074002D00570069006E0064006F00770073002D004E006500740077006F0072006B00410063006300650073007300500072006F00740065006300740069006F006E002F004F007000650072006100740069006F006E0061006C0022003E000A00200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002A005B00530079007300740065006D002F004500760065006E007400490044003D002700310038002700200061006E0064002000530079007300740065006D002F00500072006F00760069006400650072005B0040004E0061006D0065003D0027004D006900630072006F0073006F00660074002D00570069006E0064006F00770073002D004E006500740077006F0072006B00410063006300650073007300500072006F00740065006300740069006F006E0027005D00200061006E0064002000550073006500720044006100740061002F002A002F00430075007200720065006E007400490073006F006C006100740069006F006E00530074006100740065004E0075006D0065007200690063003D002700330027005D000A0020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020003C002F00530065006C006500630074003E000A0020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020003C0021002D002D002000700072006F0062006100740069006F006E0020002D002D003E00200020000A0020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020003C00530065006C00650063007400200050006100740068003D0022004D006900630072006F0073006F00660074002D00570069006E0064006F00770073002D004E006500740077006F0072006B00410063006300650073007300500072006F00740065006300740069006F006E002F004F007000650072006100740069006F006E0061006C0022003E000A00200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002A005B00530079007300740065006D002F004500760065006E007400490044003D002700310038002700200061006E0064002000530079007300740065006D002F00500072006F00760069006400650072005B0040004E0061006D0065003D0027004D006900630072006F0073006F00660074002D00570069006E0064006F00770073002D004E006500740077006F0072006B00410063006300650073007300500072006F00740065006300740069006F006E0027005D00200061006E0064002000550073006500720044006100740061002F002A002F00430075007200720065006E007400490073006F006C006100740069006F006E00530074006100740065004E0075006D0065007200690063003D002700320027005D000A0020002000200020002000200020002000200020002000200020002000200020002000200020002000200020002000200020003C002F00530065006C006500630074003E000A002000200020002000200020002000200020002000200020002000200020002000200020002000200020003C002F00510075006500720079003E000A002000200020002000200020002000200020002000200020002000200020002000200020003C002F00510075006500720079004C006900730074003E000000000000000000000000000000000000000000000000000000
DynamicInfo REG_BINARY 030000004B413E25898CC901E1F24D77C0E9CD010613040000000000
Hash REG_BINARY 6D8E6AD7FFDBD0DD04CCEBA5461CEE4185CD0E4110525BDA5BA72DDFD1D4C4F6

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77EA1F70-8B2C-4BDA-8E82-3C597D8C7A00}
Path REG_SZ \Microsoft\Windows\Multimedia\SystemSoundsService
Triggers REG_BINARY 1500000000000000003A8173C8680A0A0000000000000000003A8173C8680A0AFFFFFFFFFFFFFFFF0085400048484848A2329E2C4848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848482C0000004848484800000000FFFFFFFF00000000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000003A8173C8680A0A0000000000000000003A8173C8680A0AFFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000D51D0001000000000000004C4D454D480000000148484848484848
DynamicInfo REG_BINARY 03000000166F4A0F7FFEC601817E6F75C0E9CD012B04078000000000
Hash REG_BINARY E8C52245D9FAC6434FB7CE1E79A896390B6697B733C945C36837D32E64777287

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{792493DE-3878-4323-B44D-F6F0C3562126}
Path REG_SZ \Microsoft\Windows\CertificateServicesClient\UserTask
Triggers REG_BINARY 1500000000000000003A8173007211080000000000000000003A817300721108FFFFFFFFFFFFFFFFC085400048484848FFE1043D484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005040000004848484800000000484848482C0000004848484800000000FFFFFFFF00000000FFFFFFFF070000003C0000000500000000000000000000000000000000000000484848488888000000000000003A8173007211080000000000000000003A817300721108FFFFFFFFFFFFFFFF00000000FFFFFFFF000000000000000000000000008A82730100000000000000E40B000000000000AAAA000000000000003A8173007211080000000000000000003A817300721108FFFFFFFFFFFFFFFF00000000FFFFFFFF807000000000000000000000008A827301000000000000004C4D454D480000000148484848484848
DynamicInfo REG_BINARY 03000000166F4A0F7FFEC60141417475C0E9CD012B04078000000000
Hash REG_BINARY 7AE6E170F2942252E7EE1ADE947C597862AE77C01B41845BCA21E1F339377E7E

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D6040AE-2D30-49F3-9E48-FC8AF6F1AC75}
Path REG_SZ \Microsoft\Windows\CertificateServicesClient\SystemTask
Triggers REG_BINARY 1500000000000000003A8173007211080000000000000000003A817300721108FFFFFFFFFFFFFFFFC005420048484848FA4BEB02484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848482C0000004848484800000000FFFFFFFF00000000FFFFFFFF070000003C0000000500000000000000000000000000000000000000484848488888000000000000003A8173007211080000000000000000003A817300721108FFFFFFFFFFFFFFFF00000000FFFFFFFF000000000000000000000000008A827301005000540000006E00730000000000FFFF000000000000003A8173007211080000000000000000003A817300721108FFFFFFFFFFFFFFFF0A000000FFFFFFFF807000000000000000000000008A82730100000043006F0075006E0074000000
DynamicInfo REG_BINARY 03000000166F4A0F7FFEC601D13BD4D013ECCD010000000000000000
Hash REG_BINARY 1B59F1150BD5015145F6136D7456F78F68AA12987EAA452FF2D0432B0A8EA8A5

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{858BD5FB-61C3-4D83-8392-B9855BE4DF1D}
Path REG_SZ \Microsoft\Windows\Media Center\mcupdate
Triggers REG_BINARY 150000000000000000D71D00E8E68073FFFFFFFFFFFFFFFF00D71D00E8E6807300000000000000006005420048484848D0ACBAC1484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005140000004848484800000000484848480000000048484848
Hash REG_BINARY 65546C66346A86C62602CB87F3DE8C4A6CE4467C92F7890CF11758883493F919

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89194558-47E7-4A9E-B507-6C91CE4E6504}
Path REG_SZ \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
Triggers REG_BINARY 1500000000000000012F640D00E2280200C05B5DC3D0C301002F640D00E22802FFFFFFFFFFFFFFFF4821420048484848A4700D82484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848482C0000004848484858020000100E000080F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848DDDD000000000000012F640D00E2280200C05B5DC3D0C3010000000000000000000000000000000000000000000000000000000000000000300B010000000000FFFFFFFF00000000000000000000000000006003010000000000000019000000
DynamicInfo REG_BINARY 030000005CB7580F7FFEC601D0EDE12E59E6CC010111008000000000
Hash REG_BINARY 9885502AAA82CEAD395CA4ED57D61753BB64298CE47175B7BCA74A47864CBE2A

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99B9521C-F109-4B7B-BDDF-99CF656525E0}
Path REG_SZ \Microsoft\Windows\Defrag\ScheduledDefrag
Triggers REG_BINARY 150000000000000001D03F0D284802020030F7DA3D87CD0100D03F0D28480202FFFFFFFFFFFFFFFF7E21020148484848CD6C3110484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848482C00000048484848B40000008033E10180F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848DDDD00000000000001D03F0D284802020030F7DA3D87CD0100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF02000000010008000000000000019D03010000000000000027000000
DynamicInfo REG_BINARY 030000005CB7580F7FFEC6012D94E028E227C8012513040000000000
Hash REG_BINARY 3FD581C2E57C4033D9F8A57CF6755C599B86D03F3D9CD45A14E7B52982256ECC

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A9F4EA3-C8E4-44F6-9B36-2DE854B7D0ED}
Path REG_SZ \Scheduled Update for Ask Toolbar
Hash REG_BINARY BF839A9032962110907DF08725B2D02CA245BFCB6B312A8B8EA31DB6F6C29537
Triggers REG_BINARY 1500000000000000015B3A041008510100DA62A0A7E7CD01010851011008510100BE06F43A56E1013821410148484848B5D2EEED484848480048484848484848004848484848484801000000484848481C0000004848484801050000000000051500000089E04F8B5DF69156E0CD1ED1E8030000484848481C000000484848484300480045005200490045005C004300680065007200690065000000484848482C0000004848484858020000100E000080F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848DDDD000000000000015B3A041008510100DA62A0A7E7CD01010851011008510100BE06F43A56E101000000000000000000000000000000002C01000080510100FFFFFFFF01000000010000000000000000011C02010000000000000027000000
DynamicInfo REG_BINARY 03000000BEE8F8AAA7E7CD019173340334ECCD010000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AE7DB43-4463-4AA1-B081-B686DD130E83}
Path REG_SZ \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFFF88540004848484817991E01484848480048484848484848004848484848484805000000484848480C000000484848480101000000000001000000004848484800000000484848482C0000004848484858020000100E0000100E0000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF100E0000FFFFFFFF00000000000000000000000000E5ED000000730043006F006E0066006C0069000148484848484848
Hash REG_BINARY 99F255B7EAB58358E04FB86BD1245D3CBD8108DD8143C61234072E3169B0379F

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D14A7BE-839F-471A-AF97-EBC9587648EA}
Path REG_SZ \SONY\WSSU\WSSU
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF488540014848484830AAE7404848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848482C0000004848484858020000100E000000000000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF05000000FFFFFFFF00000000000000000000000000E82B01010065003A00530065007200760069000148484848484848
DynamicInfo REG_BINARY 03000000FDB64FE2E973C80101175577C0E9CD010400014000000000
Hash REG_BINARY 53012B08475315025E9F34AA97955F9FF8FF1A59BFA40F73E9E48542F19EDAE5

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0284D75-8800-4DD4-A7F0-C7375D77B57A}
Path REG_SZ \avast! Emergency Update
Hash REG_BINARY BEAB1CEDE46B377AE3B0E268F115A9B6B7DB908BE3C4055820F890B39E5023A1
Triggers REG_BINARY 15000000000000000030F50768578D028000922258E9CD010030F50768578D02FFFFFFFFFFFFFFFF3821C20048484848121F70FC484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848482C0000004848484858020000100E000080F40300FFFFFFFF0A00000000000000000000000000000000000000000000000000000048484848DDDD0000000000000030F50768578D028000922258E9CD010000000000000000000000000000000000000000000000000000000000000000C0A8000080510100FFFFFFFF01000000010000000000000000016A03010000000000000027000000AAAA0000000000000081831F68578D028000922258E9CD010000000000000000FFFFFFFFFFFFFFFF78000000FFFFFFFF00000000000000000000000000E66A0301006900630065004100700069002E000148484848484848
DynamicInfo REG_BINARY 03000000C93E908FF3E8CD01B1EDC0BBC0E9CD010000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1868F64-ED08-49A9-9F86-F62ED855AFFD}
Path REG_SZ \Microsoft\Windows\SystemRestore\SR
Triggers REG_BINARY 1500000000000000003A8173D0690E0F000000000000000000D11D000AB5AA74FFFFFFFFFFFFFFFF522142004848484881E66A02484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848482C00000048484848580200008033E10180F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848DDDD00000000000001D11D000AB5AA740080E1017470C50100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF0100000001000000000000000001590A0100000000000000E0D21D00FFFF000000000000003A8173D0690E0F0000000000000000003A8173D0690E0FFFFFFFFFFFFFFFFF08070000FFFFFFFF000000000000000000000000008A827301000000FFFFFFFF0600000007000000
DynamicInfo REG_BINARY 03000000166F4A0F7FFEC60161ABD60FD3EBCD010000000000000000
Hash REG_BINARY 9AF79112528B52600BA69033396D42217B61F06CB73C7FDD403BDDA61EF1BC52

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A61555D3-7840-45C1-A5A9-0D49851DE37A}
Path REG_SZ \Microsoft\Windows\Customer Experience Improvement Program\OptinNotification
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF48A140004848484863FB2F534848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002002000000000000484848482C0000004848484858020000100E000080F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF58020000FFFFFFFF00000000000000000000000000EA600300002E006500780065002C002D0031000148484848484848
DynamicInfo REG_BINARY 03000000FB55560F7FFEC6019297595ACAE4CC010000000000000000
Hash REG_BINARY B498F3BC63C735A64FAB1094FF9433D5B156E168C1B34D4FDF56F2D68C8CD4F3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF336F90-33F0-441D-9F1B-941AA64D246D}
Path REG_SZ \{80DCF3C4-5E9E-41D2-A8CC-C1C2FDD85891}
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF38214100484848488255E4D6484848480048484848484848004848484848484801000000484848481C0000004848484801050000000000051500000089E04F8B5DF69156E0CD1ED1E8030000484848482400000048484848460075006E005F00430065006E007400650072005C004300680065007200690065000000484848482C0000004848484858020000100E000080F40300FFFFFFFF07000000000000000000000000000000000000000000000000000000484848488888000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000E8F902010048006F0073007400000000000000
DynamicInfo REG_BINARY 030000008096935404B3CA0190BD935404B3CA010000000000000000
Hash REG_BINARY 7318B40C381DF54327D8F8E426D86B43B8D68FEDBD15E1AB697664835C76974C

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91}
Path REG_SZ \Microsoft\Windows\Media Center\UpdateRecordPath
Triggers REG_BINARY 150000000000000000D71D00E8E68073FFFFFFFFFFFFFFFF00D71D00E8E6807300000000000000000021420048484848F339BDC1484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848
Hash REG_BINARY 8464C23775EDCE8970C1B0E87A376008217DD618CE0E182B2CA495E63D7FBA7A

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6CBFEC8-EF47-4B48-9718-3A4170F99600}
Path REG_SZ \Microsoft\Windows\SideShow\AutoWake
Triggers REG_BINARY 1500000000000000003A8173C82A6A0E0000000000000000003A8173C82A6A0EFFFFFFFFFFFFFFFF00210200484848486101296A484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005130000004848484800000000484848482C0000004848484800000000FFFFFFFF00000000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000003A8173C82A6A0E0000000000000000003A8173C82A6A0EFFFFFFFFFFFFFFFF3C000000FFFFFFFF000000000000000000000000008B827301000000000000004C4D454D480000000148484848484848
Hash REG_BINARY 971FE3C0D3316333530CF59CCA82A1DEB58568AC1D49056394AC778131BB5E4A

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCF8CA49-10FE-40EA-A5B8-504B864BC698}
Path REG_SZ \Microsoft\Windows\TextServicesFramework\MsCtfMonitor
Triggers REG_BINARY 1500000000000000003A8173306A0A0A0000000000000000003A8173306A0A0AFFFFFFFFFFFFFFFF0085C00048484848AC49C9D54848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848482C0000004848484800000000FFFFFFFF00000000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848AAAA000000000000003A8173306A0A0A0000000000000000003A8173306A0A0AFFFFFFFFFFFFFFFF00000000FFFFFFFF000000000000000000000000008A827301000000000000004C4D454D480000000148484848484848
DynamicInfo REG_BINARY 03000000FB55560F7FFEC60101047975C0E9CD012B04078000000000
Hash REG_BINARY D1A96C5A02025DCC66E7CB38BBDE768E15B8DFB54AB1D8E79DEA7E6E0CCDF2DF

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3BF2515-443F-456C-8485-F2B9A9142897}
Path REG_SZ \WPD\SqmUpload_S-1-5-21-2337267849-1452406365-3508456928-1000
Hash REG_BINARY 88A33A13B63A34D6EC5BB9A25D1A6B2E678D7FAB7BB366254BCE91C3AA354924
Triggers REG_BINARY 150000000000000001FD79156867910100A0ABD56D4CC80101679101686791010080D8FCAD84D001D221C100484848485BE60E05484848480048484848484848004848484848484801000000484848481C0000004848484801050000000000051500000089E04F8B5DF69156E0CD1ED1E8030000484848481C000000484848484300480045005200490045005C004300680065007200690065000000484848482C00000048484848580200007043010084030000FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848DDDD00000000000001FD79156867910100A0ABD56D4CC80101679101686791010080D8FCAD84D001000000000000000000000000000000000000000000000000FFFFFFFF0100000001000000000000000001090101000000100E000027000000
DynamicInfo REG_BINARY 03000000784CB4E075E7CD01D14BA40172EBCD010000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8}
Path REG_SZ \Microsoft\Windows\Wireless\GatherWirelessInfo
Triggers REG_BINARY 150000000000000000D71D00E8E68073FFFFFFFFFFFFFFFF00D71D00E8E6807300000000000000000085400148484848C03091C34848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848480000000048484848
Hash REG_BINARY 4020AA015560A7F9A0EE8FA4A0BFA77191FCEF8DB03C05FE3B8993A584F9FAD8

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E59437C6-816A-4941-AE55-EA5B2E449EB7}
Path REG_SZ \User_Feed_Synchronization-{FE9BFD1C-B6B7-4535-9A5B-B532EEFE9733}
Hash REG_BINARY 1DF0DFC1223603E5DC5807920C75B0646041B4542AD475A6B185DEE8E4C026D6
Triggers REG_BINARY 15000000000000000004000078C00B02009FF47535ECCD0100C00B0278C00B02009F8B82F621D901C821C10048484848629993B0484848480048484848484848004848484848484801000000484848481C0000004848484801050000000000051500000089E04F8B5DF69156E0CD1ED1E8030000484848481C000000484848484300480045005200490045005C004300680065007200690065000000484848482C0000004848484858020000100E000080F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848DDDD0000000000000004000078C00B02009FF47535ECCD0100C00B0278C00B02009F8B82F621D901000000000000000000000000000000000000000000000000FFFFFFFF01000000010000000000000000013703010000000000000027000000
DynamicInfo REG_BINARY 03000000489AA26576E7CD01910DFA5333ECCD010000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F55F85D3-8FDE-479E-82E0-A9BB339AA8E2}
Path REG_SZ \Microsoft\Windows\UPnP\UPnPHostConfig
Triggers REG_BINARY 150000000000000000D91D00E8E68073FFFFFFFFFFFFFFFF00D91D00E8E6807300000000000000001021420048484848D13F5283484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848
Hash REG_BINARY D9CD3D0C615501058A11A3DF41188C1F8AAACBB3AA2979BB6EF10907E7748875

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8D6E476-24FE-4649-A4D7-985706B29128}
Path REG_SZ \Microsoft\Windows\Tcpip\IpAddressConflict1
Triggers REG_BINARY 1500000000000000003A8173107111080000000000000000003A817310711108FFFFFFFFFFFFFFFF38A1400148484848075A2FC34848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848482C0000004848484858020000100E000080F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848CCCC000000000000003A8173107111080000000000000000003A817310711108FFFFFFFFFFFFFFFF00000000FFFFFFFF000000000000000000000000008E8273010045005400550050002E00450076008D000000000000003C00510075006500720079004C006900730074003E003C00510075006500720079002000490064003D00220030002200200050006100740068003D002200530079007300740065006D0022003E003C00530065006C00650063007400200050006100740068003D002200530079007300740065006D0022003E002A005B00530079007300740065006D005B00500072006F00760069006400650072005B0040004E0061006D0065003D0027005400630070006900700027005D00200061006E00640020004500760065006E007400490044003D0034003100390038005D005D003C002F00530065006C006500630074003E003C002F00510075006500720079003E003C002F00510075006500720079004C006900730074003E00000048484848000000000000000000000000000000000000000000000000
DynamicInfo REG_BINARY 030000002685700F7FFEC60100000000000000000000000000000000
Hash REG_BINARY 1D14988B744D688596184E4E0C1CEBA5434DA67341FEB85EBB2ACAA129CB94BC

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Emergency Update
Id REG_SZ {A0284D75-8800-4DD4-A7F0-C7375D77B57A}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
Id REG_SZ {382A66B5-81CF-460E-ABF5-76A4281A7D68}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
Id REG_SZ {9AE7DB43-4463-4AA1-B081-B686DD130E83}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Bluetooth

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Bluetooth\UninstallDeviceTask
Id REG_SZ {4D7BC85C-5A41-4963-8CDD-6D9D55F757DB}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\SystemTask
Id REG_SZ {7D6040AE-2D30-49F3-9E48-FC8AF6F1AC75}
Index REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\UserTask
Id REG_SZ {792493DE-3878-4323-B44D-F6F0C3562126}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\UserTask-Roam
Id REG_SZ {6C041448-C69A-4D8B-A774-4F3948997407}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\Consolidator
Id REG_SZ {89194558-47E7-4A9E-B507-6C91CE4E6504}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification
Id REG_SZ {A61555D3-7840-45C1-A5A9-0D49851DE37A}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag\ManualDefrag
Id REG_SZ {63A5B73B-0C43-4C7B-8B08-34C8E01A264D}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag\ScheduledDefrag
Id REG_SZ {99B9521C-F109-4B7B-BDDF-99CF656525E0}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
Id REG_SZ {24AEC961-850F-4439-ABCC-E9E95905F28D}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate
Id REG_SZ {858BD5FB-61C3-4D83-8392-B9855BE4DF1D}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate
Id REG_SZ {5936C79A-731F-4716-BE59-35B58194ECE5}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery
Id REG_SZ {57030356-4699-4E1F-9939-F9D4460CD4DA}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath
Id REG_SZ {B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\HotStart
Id REG_SZ {48909068-64F9-4B29-8C14-6957F35923C3}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\TMM
Id REG_SZ {1CC81347-6204-4B83-900C-01E02F50F067}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove
Id REG_SZ {1C0EBB1F-54BC-4A55-B31B-FC280B897DF8}
Index REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SystemSoundsService
Id REG_SZ {77EA1F70-8B2C-4BDA-8E82-3C597D8C7A00}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetworkAccessProtection

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Id REG_SZ {77367E09-0898-4B2A-A724-5961373F8950}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PLA

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PLA\System

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemoteAssistance

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask
Id REG_SZ {0C3AF200-FADC-49E5-880E-DEE192C8B79A}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RestartManager

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\CrawlStartPages
Id REG_SZ {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\AutoWake
Id REG_SZ {C6CBFEC8-EF47-4B48-9718-3A4170F99600}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager
Id REG_SZ {6B91DF4F-7E1F-4AE8-820A-2FB331567D67}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SessionAgent
Id REG_SZ {74D1CC51-F3BA-47F2-A5B0-2D669FA07C6F}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SystemDataProviders
Id REG_SZ {3BB5D87B-C851-4325-97B6-95E4EA1CBC61}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SystemRestore

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SystemRestore\SR
Id REG_SZ {A1868F64-ED08-49A9-9F86-F62ED855AFFD}
Index REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict1
Id REG_SZ {F8D6E476-24FE-4649-A4D7-985706B29128}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict2
Id REG_SZ {2FDBDC47-7148-49DB-9D32-32E6A003C996}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\WSHReset
Id REG_SZ {5FC0DB27-AB18-46F8-968D-0510176E655F}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TextServicesFramework

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TextServicesFramework\MsCtfMonitor
Id REG_SZ {DCF8CA49-10FE-40EA-A5B8-504B864BC698}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\UPnPHostConfig
Id REG_SZ {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\ResolutionHost
Id REG_SZ {3CD7BF6C-F120-476E-AF84-851D43BDDEEE}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\QueueReporting
Id REG_SZ {11893D5E-54A0-4C6B-AB0D-D9FA527334A9}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Wired

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Wired\GatherWiredInfo
Id REG_SZ {561375CB-FF5A-417B-B297-BA73DE149581}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Wireless

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Wireless\GatherWirelessInfo
Id REG_SZ {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Defender

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealCreateProcessScheduledTask474599018S-1-5-21-2337267849-1452406365-3508456928-1000
Id REG_SZ {563F9E71-B031-464D-ADEB-763521504163}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScanSoft Background Update
Id REG_SZ {75B002DC-1295-4A52-B31E-936AD92CE95F}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Id REG_SZ {9A9F4EA3-C8E4-44F6-9B36-2DE854B7D0ED}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SONY

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SONY\VAIO Update

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SONY\VAIO Update\VAIO Update
Id REG_SZ {1E576951-3A41-43AE-84EA-623F02F80E79}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SONY\WSSU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SONY\WSSU\WSSU
Id REG_SZ {9D14A7BE-839F-471A-AF97-EBC9587648EA}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\User_Feed_Synchronization-{FE9BFD1C-B6B7-4535-9A5B-B532EEFE9733}
Id REG_SZ {E59437C6-816A-4941-AE55-EA5B2E449EB7}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VAIO Service Utility
Id REG_SZ {445B8115-F062-4F14-8CF6-71132C02F9A7}
Index REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-2337267849-1452406365-3508456928-1000
Id REG_SZ {E3BF2515-443F-456C-8485-F2B9A9142897}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6277BBC7-0687-4823-A4F1-863F60EFA2E2}
Id REG_SZ {3FA53AD9-B8FA-4454-B10A-BBB9D7869580}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{80DCF3C4-5E9E-41D2-A8CC-C1C2FDD85891}
Id REG_SZ {AF336F90-33F0-441D-9F1B-941AA64D246D}
Index REG_DWORD 0x3
  • 0

#64
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{44980BEE-7809-44A9-AC24-D6E578A3B7DF} is still there. Delete it and then Clear the alarms and reboot and run VEW (system only) and let's see if that was the task it can't do. Are we still at 6 minutes?
  • 0

#65
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Deleted, clear logs, restart...Still 6 min boot


Vino's Event Viewer v01c run on Windows Vista in English
Report run at 06/01/2013 12:16:53 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 06/01/2013 6:10:04 PM
Type: Error Category: 403
Event: 412 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147942402. User Action: restart task scheduler service.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 06/01/2013 6:07:38 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
  • 0

#66
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
See if you can see anything about which task is failing in the event logs:

http://www.addictive...y-in-windows-7/
  • 0

#67
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
This log is LONG (24,486 events)and I'm not sure what it is I'm looking for in the events logs.
There are multiple lines that give Errors or Warning but not sure what it is I'm looking for.
Can I clear the log and then reboot to maybe narrow down the events?
  • 0

#68
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Sure. We only care about current problems.
  • 0

#69
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Ok cleared the log and rebooted. There were 3 errors and 3 warnings so I screen print the description of each. Screen prints 1-5 are in this response and I will add another with the last since there is an upload limit.

Attached Thumbnails

  • Event viewer 1.jpg
  • Event viewer 2.jpg
  • Event viewer 3.jpg
  • Event viewer 4.jpg
  • Event viewer 5.jpg

  • 0

#70
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Last one

Attached Thumbnails

  • Event viewer 6.jpg

  • 0

Advertisements


#71
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Haven't gotten a response in a couple days so just making sure I didn't miss something.
  • 0

#72
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Good call. Somehow I forgot you.

We want to delete:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A9F4EA3-C8E4-44F6-9B36-2DE854B7D0ED}
Path REG_SZ \Scheduled Update for Ask Toolbar
Hash REG_BINARY BF839A9032962110907DF08725B2D02CA245BFCB6B312A8B8EA31DB6F6C29537
Triggers REG_BINARY 1500000000000000015B3A041008510100DA62A0A7E7CD01010851011008510100BE06F43A56E1013821410148484848B5D2EEED484848480048484848484848004848484848484801000000484848481C0000004848484801050000000000051500000089E04F8B5DF69156E0CD1ED1E8030000484848481C000000484848484300480045005200490045005C004300680065007200690065000000484848482C0000004848484858020000100E000080F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000048484848DDDD000000000000015B3A041008510100DA62A0A7E7CD01010851011008510100BE06F43A56E101000000000000000000000000000000002C01000080510100FFFFFFFF01000000010000000000000000011C02010000000000000027000000
DynamicInfo REG_BINARY 03000000BEE8F8AAA7E7CD01E1C1FEB0E3E9CD010000000000000000


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Id REG_SZ {9A9F4EA3-C8E4-44F6-9B36-2DE854B7D0ED}
Index REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A9F4EA3-C8E4-44F6-9B36-2DE854B7D0ED}

Then clear the history and event alarms and reboot. Are we still getting the task scheduler error in VEW?
  • 0

#73
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
It actually had a different code at the end {2E4F3386-...} so i deleted all of those in each folder. Clearing history and rebooting now.
  • 0

#74
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
When starting up now the computer has a black screen for several minutes 2-3 before the windows logo comes up and then still 6 min to login screen.
Here is the latest VEW

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 09/01/2013 11:26:39 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/01/2013 5:13:04 PM
Type: Error Category: 403
Event: 412 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147942402. User Action: restart task scheduler service.

Log: 'System' Date/Time: 09/01/2013 5:13:03 PM
Type: Error Category: 0
Event: 1002 Source: Microsoft-Windows-Dhcp-Client
The IP address lease 192.168.1.2 for the Network Card with network address 001DE099BE4D has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/01/2013 5:13:03 PM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
The event description cannot be found.

Log: 'System' Date/Time: 09/01/2013 5:10:39 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.




Vino's Event Viewer v01c run on Windows Vista in English
Report run at 09/01/2013 11:28:36 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 09/01/2013 5:10:13 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-2337267849-1452406365-3508456928-1000:
Process 1128 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2337267849-1452406365-3508456928-1000
Process 1128 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2337267849-1452406365-3508456928-1000\Software\Policies\Microsoft\SystemCertificates
Process 1128 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2337267849-1452406365-3508456928-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1128 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2337267849-1452406365-3508456928-1000\Software\Microsoft\SystemCertificates\trust
Process 1128 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2337267849-1452406365-3508456928-1000\Software\Microsoft\SystemCertificates\Root
  • 0

#75
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Go through the Task Scheduler History as you did before and let's see what is still complaining.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP