|
|||||||
| Windows Vista Problem solving for the Windows Vista Operating System. Please remember to state which edition of Vista you are using - Home Basic, Home Premium, Business, Ultimate etc. and whether you are using the 32-bit or 64-bit version if you know. |
 |
|
|
Topic Tools |
|
#61
May 3rd, 2008, 10:14 AM
|
|||
|
|||
|
Never mind. I found it. took a lot of searching. Either that program sucks, or Vista sucks, or both, because it was a nightmare to find even using the search function!
 Here's what I got: "Silent Runners.vbs", revision 56, http://www.silentrunners.org/ Operating System: Windows Vista Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run \ {++} "Sidebar" = "C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [MS] "ehTray.exe" = "C:\Windows\ehome\ehTray.exe" [MS] "WMPNSCFG" = "C:\Program Files\Windows Media Player\WMPNSCFG.exe" [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run \ {++} "Windows Defender" = "C:\Program Files\Windows Defender\MSASCui.exe -hide" "hpsysdrv" = "c:\hp\support\hpsysdrv.exe" ["Hewlett-Packard Company"] "KBD" = "C:\HP\KBD\KbdStub.EXE" [null data] "OsdMaestro" = ""C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"" ["OsdMaestro"] "IAAnotif" = ""C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"" ["Intel Corporation"] "RtHDVCpl" = "RtHDVCpl.exe" ["Realtek Semiconductor"] "(Default)" = (empty string) [file not found] "HP Health Check Scheduler" = "c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [null data] "HP Software Update" = "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" ["Hewlett-Packard Co."] "Adobe Photo Downloader" = ""C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"" ["Adobe Systems Incorporated"] "QuickTime Task" = ""C:\Program Files\QuickTime\QTTask.exe" -atboottime" ["Apple Inc."] "Adobe Reader Speed Launcher" = ""C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"" ["Adobe Systems Incorporated"] "Symantec PIF AlertEng" = ""C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"" ["Symantec Corporation"] "avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" ["ALWIL Software"] "SunJavaUpdateReg" = ""C:\Windows\system32\jureg.exe"" ["Sun Microsystems, Inc."] "IgfxTray" = "C:\Windows\system32\igfxtray.exe" ["Intel Corporation"] "HotKeysCmds" = "C:\Windows\system32\hkcmd.exe" ["Intel Corporation"] "Persistence" = "C:\Windows\system32\igfxpers.exe" ["Intel Corporation"] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Once\ {++} "Launcher" = "C:\Windows\SMINST\launcher.exe" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\ {02478D38-C3F9-4efb-9B51-7695ECA05670}\(Default) = (no title provided) -> {HKLM...CLSID} = "&Yahoo! Toolbar Helper" \InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" ["Yahoo! Inc."] {053F9267-DC04-4294-A72C-58F732D338C0}\(Default) = (no title provided) -> {HKLM...CLSID} = "HP Print Clips" \InProcServer32\(Default) = "C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll" ["Hewlett-Packard Co."] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll" ["Sun Microsystems, Inc."] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved\ "{7F67036B-66F1-411A-AD85-759FB9C5B0DB}" = "ShellViewRTF" -> {HKLM...CLSID} = "ShellViewRTF" \InProcServer32\(Default) = "C:\Windows\System32\ShellvRTF.dll" ["XSS"] "{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}" = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" -> {HKLM...CLSID} = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL" [MS] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\msohevi.dll" [MS] "{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler" -> {HKLM...CLSID} = "Microsoft Office Metadata Handler" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.d ll" [MS] "{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler" -> {HKLM...CLSID} = "Microsoft Office Thumbnail Handler" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.d ll" [MS] "{39DD67E0-73B6-4a11-AF55-49E1EBBF72BE}" = "SmartFTP Favorites Namespace" -> {HKLM...CLSID} = "SmartFTP FavoritesShellFolder Class" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfFavoritesShellExtension.dll" ["SmartSoft Ltd."] "{F87DED31-303F-4ED1-9BCE-D360FBC74E0A}" = "SmartFTP ContextMenu" -> {HKLM...CLSID} = "SmartFTP ContextMenu Shell Extension" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfShellTools.dll" ["SmartSoft Ltd"] "{40FDFA48-5F4E-4627-A78E-6A49A3D4492F}" = "SmartFTP ShellDropHandler" -> {HKLM...CLSID} = "SmartFTP ShellDropHandler Class" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfShellTools.dll" ["SmartSoft Ltd"] "{EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD}" = "SmartFTP Drop ShellIconOverlayHandler" -> {HKLM...CLSID} = "SmartFTP Drop ShellIconOverlayHandler" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfShellTools.dll" ["SmartSoft Ltd"] "{472083B0-C522-11CF-8763-00608CC02F24}" = "avast" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] "{82AA9188-44E0-40B9-B956-43A10C315B4F}" = "SmartFTP Shell Namespace Extension" -> {HKLM...CLSID} = "RootShellFolder Class" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfFTPShellExtension.dll" ["SmartSoft Ltd."] "{2ED7FD81-CBA6-45E5-A49A-5E84889A94E2}" = "SmartFTP Drop Handler" -> {HKLM...CLSID} = "ShellFolderDragDropHandler Class" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfFTPShellExtension.dll" ["SmartSoft Ltd."] "{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] "{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] "{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] "{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = "{807563E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = "Microsoft Office InfoPath XML Mime Filter" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.D LL" [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandler s\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandler s\ avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] SmartFTP\(Default) = "{F87DED31-303F-4ED1-9BCE-D360FBC74E0A}" -> {HKLM...CLSID} = "SmartFTP ContextMenu Shell Extension" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfShellTools.dll" ["SmartSoft Ltd"] WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMen uHandlers\ SmartFTP\(Default) = "{F87DED31-303F-4ED1-9BCE-D360FBC74E0A}" -> {HKLM...CLSID} = "SmartFTP ContextMenu Shell Extension" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfShellTools.dll" ["SmartSoft Ltd"] WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] 
|
|
#62
May 3rd, 2008, 10:16 AM
|
|||
|
|||
|
"Silent Runners.vbs", revision 56, http://www.silentrunners.org/
Operating System: Windows Vista Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run \ {++} "Sidebar" = "C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [MS] "ehTray.exe" = "C:\Windows\ehome\ehTray.exe" [MS] "WMPNSCFG" = "C:\Program Files\Windows Media Player\WMPNSCFG.exe" [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run \ {++} "Windows Defender" = "C:\Program Files\Windows Defender\MSASCui.exe -hide" "hpsysdrv" = "c:\hp\support\hpsysdrv.exe" ["Hewlett-Packard Company"] "KBD" = "C:\HP\KBD\KbdStub.EXE" [null data] "OsdMaestro" = ""C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"" ["OsdMaestro"] "IAAnotif" = ""C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"" ["Intel Corporation"] "RtHDVCpl" = "RtHDVCpl.exe" ["Realtek Semiconductor"] "(Default)" = (empty string) [file not found] "HP Health Check Scheduler" = "c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [null data] "HP Software Update" = "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" ["Hewlett-Packard Co."] "Adobe Photo Downloader" = ""C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"" ["Adobe Systems Incorporated"] "QuickTime Task" = ""C:\Program Files\QuickTime\QTTask.exe" -atboottime" ["Apple Inc."] "Adobe Reader Speed Launcher" = ""C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"" ["Adobe Systems Incorporated"] "Symantec PIF AlertEng" = ""C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"" ["Symantec Corporation"] "avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" ["ALWIL Software"] "SunJavaUpdateReg" = ""C:\Windows\system32\jureg.exe"" ["Sun Microsystems, Inc."] "IgfxTray" = "C:\Windows\system32\igfxtray.exe" ["Intel Corporation"] "HotKeysCmds" = "C:\Windows\system32\hkcmd.exe" ["Intel Corporation"] "Persistence" = "C:\Windows\system32\igfxpers.exe" ["Intel Corporation"] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Once\ {++} "Launcher" = "C:\Windows\SMINST\launcher.exe" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\ {02478D38-C3F9-4efb-9B51-7695ECA05670}\(Default) = (no title provided) -> {HKLM...CLSID} = "&Yahoo! Toolbar Helper" \InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" ["Yahoo! Inc."] {053F9267-DC04-4294-A72C-58F732D338C0}\(Default) = (no title provided) -> {HKLM...CLSID} = "HP Print Clips" \InProcServer32\(Default) = "C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll" ["Hewlett-Packard Co."] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll" ["Sun Microsystems, Inc."] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved\ "{7F67036B-66F1-411A-AD85-759FB9C5B0DB}" = "ShellViewRTF" -> {HKLM...CLSID} = "ShellViewRTF" \InProcServer32\(Default) = "C:\Windows\System32\ShellvRTF.dll" ["XSS"] "{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}" = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" -> {HKLM...CLSID} = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL" [MS] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\msohevi.dll" [MS] "{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler" -> {HKLM...CLSID} = "Microsoft Office Metadata Handler" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.d ll" [MS] "{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler" -> {HKLM...CLSID} = "Microsoft Office Thumbnail Handler" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.d ll" [MS] "{39DD67E0-73B6-4a11-AF55-49E1EBBF72BE}" = "SmartFTP Favorites Namespace" -> {HKLM...CLSID} = "SmartFTP FavoritesShellFolder Class" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfFavoritesShellExtension.dll" ["SmartSoft Ltd."] "{F87DED31-303F-4ED1-9BCE-D360FBC74E0A}" = "SmartFTP ContextMenu" -> {HKLM...CLSID} = "SmartFTP ContextMenu Shell Extension" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfShellTools.dll" ["SmartSoft Ltd"] "{40FDFA48-5F4E-4627-A78E-6A49A3D4492F}" = "SmartFTP ShellDropHandler" -> {HKLM...CLSID} = "SmartFTP ShellDropHandler Class" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfShellTools.dll" ["SmartSoft Ltd"] "{EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD}" = "SmartFTP Drop ShellIconOverlayHandler" -> {HKLM...CLSID} = "SmartFTP Drop ShellIconOverlayHandler" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfShellTools.dll" ["SmartSoft Ltd"] "{472083B0-C522-11CF-8763-00608CC02F24}" = "avast" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] "{82AA9188-44E0-40B9-B956-43A10C315B4F}" = "SmartFTP Shell Namespace Extension" -> {HKLM...CLSID} = "RootShellFolder Class" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfFTPShellExtension.dll" ["SmartSoft Ltd."] "{2ED7FD81-CBA6-45E5-A49A-5E84889A94E2}" = "SmartFTP Drop Handler" -> {HKLM...CLSID} = "ShellFolderDragDropHandler Class" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfFTPShellExtension.dll" ["SmartSoft Ltd."] "{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] "{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] "{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] "{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = "{807563E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = "Microsoft Office InfoPath XML Mime Filter" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.D LL" [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandler s\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandler s\ avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] SmartFTP\(Default) = "{F87DED31-303F-4ED1-9BCE-D360FBC74E0A}" -> {HKLM...CLSID} = "SmartFTP ContextMenu Shell Extension" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfShellTools.dll" ["SmartSoft Ltd"] WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMen uHandlers\ SmartFTP\(Default) = "{F87DED31-303F-4ED1-9BCE-D360FBC74E0A}" -> {HKLM...CLSID} = "SmartFTP ContextMenu Shell Extension" \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client\sfShellTools.dll" ["SmartSoft Ltd"] WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHa ndlers\ avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System\ "ConsentPromptBehaviorAdmin" = (REG_DWORD) dword:0x00000002 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Behavior Of The Elevation Prompt For Administrators In Admin Approval Mode} "ConsentPromptBehaviorUser" = (REG_DWORD) dword:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Behavior Of The Elevation Prompt For Standard Users} "EnableInstallerDetection" = (REG_DWORD) dword:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Detect Application Installations And Prompt For Elevation} "EnableLUA" = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Run All Administrators In Admin Approval Mode} "EnableSecureUIAPaths" = (REG_DWORD) dword:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Only elevate UIAccess applications that are installed in secure locations} "EnableVirtualization" = (REG_DWORD) dword:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Virtualize file and registry write failures to per-user locations} "PromptOnSecureDesktop" = (REG_DWORD) dword:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Switch to the secure desktop when prompting for elevation} "shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) dword:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} "FilterAdministratorToken" = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Admin Approval Mode for the Built-in Administrator Account} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ "Wallpaper" = "C:\Windows\system32\config\systemprofile\AppData\ Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Users\Nobody\AppData\Roaming\XnView\\xnview_wa llpaper_20080410.bmp" Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ "SCRNSAVE.EXE" = "C:\Windows\system32\Bubbles.scr" [MS] Startup items in "Nobody" & "All Users" startup folders: -------------------------------------------------------- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup "HP Digital Imaging Monitor" -> shortcut to: "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" ["Hewlett-Packard Co."] "Snapfish Media Detector" -> shortcut to: "C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe" [null data] Non-disabled Scheduled Tasks: ----------------------------- C:\Windows\System32\Tasks "HP Health Check" -> launches: "c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe /Scan" [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Blueto oth "UninstallDeviceTask" -> launches: "BthUdTask.exe $(Arg0)" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Certif icateServicesClient "SystemTask" -> launches: "{58fb76b9-ac85-4e55-ac04-427593b1d060}" -> {HKLM...CLSID} = "Certificate Services Client Task Handler" \InProcServer32\(Default) = "C:\Windows\system32\dimsjob.dll" [MS] "UserTask" -> launches: "{58fb76b9-ac85-4e55-ac04-427593b1d060}" -> {HKLM...CLSID} = "Certificate Services Client Task Handler" \InProcServer32\(Default) = "C:\Windows\system32\dimsjob.dll" [MS] "UserTask-Roam" -> launches: "{58fb76b9-ac85-4e55-ac04-427593b1d060}" -> {HKLM...CLSID} = "Certificate Services Client Task Handler" \InProcServer32\(Default) = "C:\Windows\system32\dimsjob.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Custom er Experience Improvement Program "Consolidator" -> launches: "%SystemRoot%\System32\wsqmcons.exe" [MS] "OptinNotification" -> launches: "%SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag "ManualDefrag" -> launches: "%windir%\system32\defrag.exe -c" [MS] "ScheduledDefrag" -> launches: "%windir%\system32\defrag.exe -c -i" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\DiskDi agnostic "Microsoft-Windows-DiskDiagnosticDataCollector" -> (HIDDEN!) launches: "%windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Media Center "ehDRMInit" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DRMInit" [MS] "mcupdate" -> launches: "%SystemRoot%\ehome\mcupdate $(Arg0) -gc" [MS] "OCURActivate" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate" [MS] "OCURDiscovery" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery" [MS] "UpdateRecordPath" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Mobile PC "HotStart" -> launches: "{06DA0625-9701-43da-BFD7-FBEEA2180A1E}" -> {HKLM...CLSID} = "HotStart User Agent" \InProcServer32\(Default) = "C:\Windows\System32\HotStartUserAgent.dll" [MS] "TMM" -> launches: "{35EF4182-F900-4632-B072-8639E4478A61}" -> {HKLM...CLSID} = "Transient Multi-Monitor Manager" \InProcServer32\(Default) = "C:\Windows\System32\TMM.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MUI "LPRemove" -> launches: "%windir%\system32\lpremove.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multim edia "SystemSoundsService" -> launches: "{2DEA658F-54C1-4227-AF9B-260AB5FC3543}" -> {HKLM...CLSID} = "Microsoft PlaySoundService Class" \InProcServer32\(Default) = "C:\Windows\System32\PlaySndSrv.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Networ kAccessProtection "NAPStatus UI" -> launches: "{f09878a1-4652-4292-aa63-8c7d4fd7648f}" -> {HKLM...CLSID} = "Nap ITask Handler Implementation" \InProcServer32\(Default) = "C:\Windows\System32\QAgent.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\PLA\Sy stem "ConvertLogEntries" -> (HIDDEN!) launches: "%windir%\system32\rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC "RACAgent" -> (HIDDEN!) launches: "%windir%\system32\RacAgent.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Remote Assistance "RemoteAssistanceTask" -> (HIDDEN!) launches: "%windir%\system32\RAServer.exe /offerraupdate" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Shell "CrawlStartPages" -> launches: "{51653423-e62d-4ff7-894a-dabb2b8e21e2}" -> {HKLM...CLSID} = "CrawlStartPages Task Handler" \InProcServer32\(Default) = "C:\Windows\System32\srchadmin.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideSh ow "GadgetManager" -> launches: "{FF87090D-4A9A-4f47-879B-29A80C355D61}" -> {HKLM...CLSID} = "GadgetsManager Class" \InProcServer32\(Default) = "C:\Windows\System32\AuxiliaryDisplayServices. dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\System Restore "SR" -> launches: "%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip "IpAddressConflict1" -> launches: "rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem" [MS] "IpAddressConflict2" -> launches: "rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextSe rvicesFramework "MsCtfMonitor" -> (HIDDEN!) launches: "{01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}" -> {HKLM...CLSID} = "MsCtfMonitor task handler" \InProcServer32\(Default) = "C:\Windows\system32\MsCtfMonitor.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP "UPnPHostConfig" -> launches: "sc.exe config upnphost start= auto" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI "ResolutionHost" -> (HIDDEN!) launches: "{900be39d-6be8-461a-bc4d-b0fa71f5ecb1}" -> {HKLM...CLSID} = "DiagnosticInfrastructureCustomHandler" \InProcServer32\(Default) = "C:\Windows\System32\wdi.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Window s Error Reporting "QueueReporting" -> launches: "%windir%\system32\wermgr.exe -queuereporting" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wired "GatherWiredInfo" -> launches: "%windir%\system32\gatherWiredInfo.vbs" [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Wirele ss "GatherWirelessInfo" -> launches: "%windir%\system32\gatherWirelessInfo.vbs" [null data] C:\Windows\System32\Tasks\Microsoft\Windows Defender "MP Scheduled Scan" -> (HIDDEN!) launches: "c:\program files\windows defender\MpCmdRun.exe Scan -RestrictPrivileges" [MS]
|
|
#63
May 3rd, 2008, 10:18 AM
|
|||
|
|||
|
Non-disabled Scheduled Tasks:
----------------------------- C:\Windows\System32\Tasks "HP Health Check" -> launches: "c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe /Scan" [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Blueto oth "UninstallDeviceTask" -> launches: "BthUdTask.exe $(Arg0)" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Certif icateServicesClient "SystemTask" -> launches: "{58fb76b9-ac85-4e55-ac04-427593b1d060}" -> {HKLM...CLSID} = "Certificate Services Client Task Handler" \InProcServer32\(Default) = "C:\Windows\system32\dimsjob.dll" [MS] "UserTask" -> launches: "{58fb76b9-ac85-4e55-ac04-427593b1d060}" -> {HKLM...CLSID} = "Certificate Services Client Task Handler" \InProcServer32\(Default) = "C:\Windows\system32\dimsjob.dll" [MS] "UserTask-Roam" -> launches: "{58fb76b9-ac85-4e55-ac04-427593b1d060}" -> {HKLM...CLSID} = "Certificate Services Client Task Handler" \InProcServer32\(Default) = "C:\Windows\system32\dimsjob.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Custom er Experience Improvement Program "Consolidator" -> launches: "%SystemRoot%\System32\wsqmcons.exe" [MS] "OptinNotification" -> launches: "%SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag "ManualDefrag" -> launches: "%windir%\system32\defrag.exe -c" [MS] "ScheduledDefrag" -> launches: "%windir%\system32\defrag.exe -c -i" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\DiskDi agnostic "Microsoft-Windows-DiskDiagnosticDataCollector" -> (HIDDEN!) launches: "%windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Media Center "ehDRMInit" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DRMInit" [MS] "mcupdate" -> launches: "%SystemRoot%\ehome\mcupdate $(Arg0) -gc" [MS] "OCURActivate" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate" [MS] "OCURDiscovery" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery" [MS] "UpdateRecordPath" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Mobile PC "HotStart" -> launches: "{06DA0625-9701-43da-BFD7-FBEEA2180A1E}" -> {HKLM...CLSID} = "HotStart User Agent" \InProcServer32\(Default) = "C:\Windows\System32\HotStartUserAgent.dll" [MS] "TMM" -> launches: "{35EF4182-F900-4632-B072-8639E4478A61}" -> {HKLM...CLSID} = "Transient Multi-Monitor Manager" \InProcServer32\(Default) = "C:\Windows\System32\TMM.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MUI "LPRemove" -> launches: "%windir%\system32\lpremove.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multim edia "SystemSoundsService" -> launches: "{2DEA658F-54C1-4227-AF9B-260AB5FC3543}" -> {HKLM...CLSID} = "Microsoft PlaySoundService Class" \InProcServer32\(Default) = "C:\Windows\System32\PlaySndSrv.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Networ kAccessProtection "NAPStatus UI" -> launches: "{f09878a1-4652-4292-aa63-8c7d4fd7648f}" -> {HKLM...CLSID} = "Nap ITask Handler Implementation" \InProcServer32\(Default) = "C:\Windows\System32\QAgent.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\PLA\Sy stem "ConvertLogEntries" -> (HIDDEN!) launches: "%windir%\system32\rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC "RACAgent" -> (HIDDEN!) launches: "%windir%\system32\RacAgent.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Remote Assistance "RemoteAssistanceTask" -> (HIDDEN!) launches: "%windir%\system32\RAServer.exe /offerraupdate" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Shell "CrawlStartPages" -> launches: "{51653423-e62d-4ff7-894a-dabb2b8e21e2}" -> {HKLM...CLSID} = "CrawlStartPages Task Handler" \InProcServer32\(Default) = "C:\Windows\System32\srchadmin.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideSh ow "GadgetManager" -> launches: "{FF87090D-4A9A-4f47-879B-29A80C355D61}" -> {HKLM...CLSID} = "GadgetsManager Class" \InProcServer32\(Default) = "C:\Windows\System32\AuxiliaryDisplayServices. dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\System Restore "SR" -> launches: "%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip "IpAddressConflict1" -> launches: "rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem" [MS] "IpAddressConflict2" -> launches: "rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextSe rvicesFramework "MsCtfMonitor" -> (HIDDEN!) launches: "{01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}" -> {HKLM...CLSID} = "MsCtfMonitor task handler" \InProcServer32\(Default) = "C:\Windows\system32\MsCtfMonitor.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP "UPnPHostConfig" -> launches: "sc.exe config upnphost start= auto" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI "ResolutionHost" -> (HIDDEN!) launches: "{900be39d-6be8-461a-bc4d-b0fa71f5ecb1}" -> {HKLM...CLSID} = "DiagnosticInfrastructureCustomHandler" \InProcServer32\(Default) = "C:\Windows\System32\wdi.dll" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Window s Error Reporting "QueueReporting" -> launches: "%windir%\system32\wermgr.exe -queuereporting" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wired "GatherWiredInfo" -> launches: "%windir%\system32\gatherWiredInfo.vbs" [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Wirele ss "GatherWirelessInfo" -> launches: "%windir%\system32\gatherWirelessInfo.vbs" [null data] C:\Windows\System32\Tasks\Microsoft\Windows Defender "MP Scheduled Scan" -> (HIDDEN!) launches: "c:\program files\windows defender\MpCmdRun.exe Scan -RestrictPrivileges" [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Pa rameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\system32\NLAapi.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000004\LibraryPath = "%SystemRoot%\system32\napinsp.dll" [MS] 000000000005\LibraryPath = "%SystemRoot%\system32\pnrpnsp.dll" [MS] 000000000006\LibraryPath = "%SystemRoot%\system32\pnrpnsp.dll" [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Pa rameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 14 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = (no title provided) -> {HKLM...CLSID} = "Yahoo! Toolbar" \InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" ["Yahoo! Inc."] Explorer Bars HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Research" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL" [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ "MenuText" = "Sun Java Console" "CLSIDExtension" = "{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}" -> {HKLM...CLSID} = "Java Plug-in 1.6.0_05" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll" ["Sun Microsystems, Inc."] {2670000A-7350-4F3C-8081-5663EE0C6C49}\ "ButtonText" = "Send to OneNote" "MenuText" = "S&end to OneNote" "CLSIDExtension" = "{48E73304-E1D6-4330-914C-F5F514E3486C}" -> {HKLM...CLSID} = "Send to OneNote from Internet Explorer button" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll" [MS] {58ECB495-38F0-49CB-A538-10282ABF65E7}\ "ButtonText" = "HP Clipbook" "CLSIDExtension" = "{E763472E-A716-4CD9-89BD-DBDA6122F741}" -> {HKLM...CLSID} = "ClipBookBtn Class" \InProcServer32\(Default) = "C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll" ["Hewlett-Packard Co."] {700259D7-1666-479A-93B1-3250410481E8}\ "ButtonText" = "HP Smart Select" "CLSIDExtension" = "{A93C41D8-01F8-4F8B-B14C-DE20B117E636}" -> {HKLM...CLSID} = "EnhSelectionBtn Class" \InProcServer32\(Default) = "C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll" ["Hewlett-Packard Co."] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ "ButtonText" = "Research" Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Automatic LiveUpdate Scheduler, Automatic LiveUpdate Scheduler, ""C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"" ["Symantec Corporation"] avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast4\ashServ.exe"" ["ALWIL Software"] avast! iAVS4 Control Service, aswUpdSv, ""C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" ["ALWIL Software"] avast! Mail Scanner, avast! Mail Scanner, ""C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service" ["ALWIL Software"] avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"] Certificate Propagation, CertPropSvc, "C:\Windows\system32\svchost.exe -k netsvcs" {"C:\Windows\System32\certprop.dll" [MS]} HP CUE DeviceDiscovery Service, hpqddsvc, "C:\Windows\system32\svchost.exe -k hpdevmgmt" {"C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll" ["Hewlett-Packard Co."]} HP Health Check Service, HP Health Check Service, ""c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe"" [null data] hpqcxs08, hpqcxs08, "C:\Windows\system32\svchost.exe -k hpdevmgmt" {"C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll" ["Hewlett-Packard Co."]} Intel(R) Matrix Storage Event Monitor, IAANTMON, "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe" ["Intel Corporation"] LightScribeService Direct Disc Labeling Service, LightScribeService, ""c:\Program Files\Common Files\LightScribe\LSSrvc.exe"" ["Hewlett-Packard Company"] LiveUpdate Notice Service, LiveUpdate Notice Service, ""C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll"" ["Symantec Corporation"] Net Driver HPZ12, Net Driver HPZ12, "C:\Windows\System32\svchost.exe -k HPZ12" {"C:\Windows\system32\HPZinw12.dll" ["Hewlett-Packard"]} Pml Driver HPZ12, Pml Driver HPZ12, "C:\Windows\System32\svchost.exe -k HPZ12" {"C:\Windows\system32\HPZipm12.dll" ["Hewlett-Packard"]} Terminal Services Configuration, SessionEnv, "C:\Windows\System32\svchost.exe -k netsvcs" {"C:\Windows\system32\sessenv.dll" [MS]} Windows Driver Foundation - User-mode Driver Framework, wudfsvc, "C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted" {"C:\Windows\System32\WUDFSvc.dll" [MS]} Windows Image Acquisition (WIA), stisvc, "C:\Windows\system32\svchost.exe -k imgsvc" {"C:\Windows\System32\wiaservc.dll" [MS]} Windows Media Player Network Sharing Service, WMPNetworkSvc, ""C:\Program Files\Windows Media Player\wmpnetwk.exe"" [MS] XAudioService, XAudioService, "C:\Windows\system32\DRIVERS\xaudio.exe" ["Conexant Systems, Inc."] Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monito rs\ PCL Language Monitor\Driver = "hpz3l5ha.dll" ["Hewlett-Packard Company"] Send To Microsoft OneNote Monitor\Driver = "msonpmon.dll" [MS] ---------- (launch time: 2008-05-03 04:02:11) <<!>>: Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer "No" at the first message box and "Yes" at the second message box. ---------- (total run time: 61 seconds, including 15 seconds for message boxes)
|
|
#64
May 3rd, 2008, 10:20 AM
|
|||
|
|||
|
I think that's the entire thing! Whew!
|
|
#65
May 4th, 2008, 01:30 AM
|
||||
|
||||
|
Quote:
Quote:
The success of any fix posted on this board depends on the member being able to follow instruction to the letter and asking for help if there is anything they dont understand. In view of how such a simple task went awry, I am reluctant to go any further with this unless you assure that you will do exactly as I suggest, also assure me there will be no creative input from you and you will ASK if there is anything you dont understand.
|
|
#66
May 5th, 2008, 09:18 AM
|
|||
|
|||
|
Ann Marie, I did precisely what you said, and it didn't indicate where the file was stored. Vista is a lot more confusing than Windows98, which is what I had prior to Vista. It's very hard to find stuff, and a lot has changed, especially for people like me who are not tech-oriented with computers. So yes, I had problems figuring it out, and it's frustrating.
And the reason I did not want to call HP was proven once again as my call was routed to India, and I literally could not understand the person I was speaking with. Needless to say, they did not help. When I finally got someone who actually spoke understandable English, all they had me do was disable the task, which of course did not help. That being said, yes, I'll follow your directions to the letter with no more "creative commentary".  So what is my next step? And thanks for being patient. 
|
|
#67
May 5th, 2008, 10:46 PM
|
||||
|
||||
|
Ok.
 Click on Start and type cmd in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as Administrator". Copy and paste the following command in the Code box after the prompt > and hit Enter.SCHTASKS /Query /FO LIST /V > c:\find.txt & start notepad c:\find.txt Your drive will be scanned and when finished, Notepad will pop up with some information. Copy and paste it in this thread.
|
|
#68
May 6th, 2008, 10:08 AM
|
|||
|
|||
|
Well that part was a lot easier!
Here's what came up: Folder: \ HostName: NOBODY-PC TaskName: \HP Health Check Next Run Time: 5/12/2008 7:09:00 PM Status: Ready Logon Mode: Interactive only Last Run Time: 5/5/2008 7:09:00 PM Last Result: 0 Author: SYSTEM Task To Run: c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe /Scan Start In: N/A Comment: N/A Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: Nobody Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: Weekly Start Time: 7:09:00 PM Start Date: 5/5/2008 End Date: N/A Days: MON Months: Every 1 week(s) Repeat: Every: Disabled Repeat: Until: Time: Disabled Repeat: Until: Duration: Disabled Repeat: Stop If Still Running: Disabled HostName: NOBODY-PC TaskName: \JavaUpdateNobody Next Run Time: Disabled Status: Logon Mode: Interactive only Last Run Time: 5/1/2008 7:48:09 PM Last Result: 0 Author: Nobody Task To Run: C:\Windows\System32\jusched.exe Start In: N/A Comment: N/A Scheduled Task State: Disabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: Nobody-PC\Nobody Delete Task If Not Rescheduled: Disabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: One Time Only Start Time: 7:47:00 PM Start Date: 5/1/2008 End Date: N/A Days: N/A Months: N/A Repeat: Every: Disabled Repeat: Until: Time: Disabled Repeat: Until: Duration: Disabled Repeat: Stop If Still Running: Disabled Folder: \Microsoft INFO: There are no scheduled tasks presently available at your access level. Folder: \Microsoft\Windows INFO: There are no scheduled tasks presently available at your access level. Folder: \Microsoft\Windows\Bluetooth HostName: NOBODY-PC TaskName: \Microsoft\Windows\Bluetooth\UninstallDeviceTask Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Task To Run: BthUdTask.exe $(Arg0) Start In: N/A Comment: Uninstalls the PnP device associated with the specified Bluetooth service ID Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: On demand only Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\CertificateServicesClient HostName: NOBODY-PC TaskName: \Microsoft\Windows\CertificateServicesClient\Syste mTask Next Run Time: N/A Status: Running Logon Mode: Interactive/Background Last Run Time: 5/5/2008 9:53:05 PM Last Result: 0 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Certificate Services Client automatically manages digital identities such as Certificates, Keys and Credentials for the users and the machine, enabling enrollment, roaming and other services. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: At system start up Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\CertificateServicesClient\Syste mTask Next Run Time: N/A Status: Running Logon Mode: Interactive/Background Last Run Time: 5/5/2008 9:53:05 PM Last Result: 0 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Certificate Services Client automatically manages digital identities such as Certificates, Keys and Credentials for the users and the machine, enabling enrollment, roaming and other services. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: At system start up Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\CertificateServicesClient\UserT ask Next Run Time: N/A Status: Running Logon Mode: Interactive/Background Last Run Time: 5/5/2008 9:52:51 PM Last Result: 0 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Certificate Services Client automatically manages digital identities such as Certificates, Keys and Credentials for the users and the machine, enabling enrollment, roaming and other services. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode Run As User: INTERACTIVE Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: At system start up Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\CertificateServicesClient\UserT ask Next Run Time: N/A Status: Running Logon Mode: Interactive/Background Last Run Time: 5/5/2008 9:52:51 PM Last Result: 0 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Certificate Services Client automatically manages digital identities such as Certificates, Keys and Credentials for the users and the machine, enabling enrollment, roaming and other services. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode Run As User: INTERACTIVE Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: At logon time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\CertificateServicesClient\UserT ask-Roam Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Certificate Services Client automatically manages digital identities such as Certificates, Keys and Credentials for the users and the machine, enabling enrollment, roaming and other services. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: INTERACTIVE Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: When an event occurs Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\CertificateServicesClient\UserT ask-Roam Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Certificate Services Client automatically manages digital identities such as Certificates, Keys and Credentials for the users and the machine, enabling enrollment, roaming and other services. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: INTERACTIVE Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: When an event occurs Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A
|
|
#69
May 6th, 2008, 10:09 AM
|
|||
|
|||
|
HostName: NOBODY-PC
TaskName: \Microsoft\Windows\CertificateServicesClient\UserT ask-Roam Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Certificate Services Client automatically manages digital identities such as Certificates, Keys and Credentials for the users and the machine, enabling enrollment, roaming and other services. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: INTERACTIVE Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: When an event occurs Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\CertificateServicesClient\UserT ask-Roam Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Certificate Services Client automatically manages digital identities such as Certificates, Keys and Credentials for the users and the machine, enabling enrollment, roaming and other services. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: INTERACTIVE Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: When an event occurs Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\CertificateServicesClient\UserT ask-Roam Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Certificate Services Client automatically manages digital identities such as Certificates, Keys and Credentials for the users and the machine, enabling enrollment, roaming and other services. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: INTERACTIVE Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: When an event occurs Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\Customer Experience Improvement Program HostName: NOBODY-PC TaskName: \Microsoft\Windows\Customer Experience Improvement Program\Consolidator Next Run Time: 5/6/2008 12:00:00 PM Status: Could not start Logon Mode: Interactive/Background Last Run Time: 5/5/2008 4:59:59 PM Last Result: -2147479295 Author: Microsoft Corporation Task To Run: %SystemRoot%\System32\wsqmcons.exe Start In: N/A Comment: If the user has consented to participate in the Windows Customer Experience Improvement Program, this job collects and sends usage data to Microsoft. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: One Time Only, Hourly Start Time: 12:00:00 AM Start Date: 1/2/2004 End Date: N/A Days: N/A Months: N/A Repeat: Every: 19 Hour(s), 0 Minute(s) Repeat: Until: Time: None Repeat: Until: Duration: Disabled Repeat: Stop If Still Running: Disabled HostName: NOBODY-PC TaskName: \Microsoft\Windows\Customer Experience Improvement Program\OptinNotification Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: 5/5/2008 2:02:49 PM Last Result: 0 Author: Microsoft Corporation Task To Run: %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0 Start In: N/A Comment: Microsoft Windows Software Quality Metrics Optin Notification. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: Administrators Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: At logon time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\Defrag HostName: NOBODY-PC TaskName: \Microsoft\Windows\Defrag\ManualDefrag Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Corporation Task To Run: %windir%\system32\defrag.exe -c Start In: N/A Comment: This task defragments the computers hard disk drives. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: On demand only Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\Defrag\ScheduledDefrag Next Run Time: 5/7/2008 1:00:00 AM Status: Ready Logon Mode: Interactive/Background Last Run Time: 4/30/2008 2:48:06 AM Last Result: 267045 Author: Microsoft Corporation Task To Run: %windir%\system32\defrag.exe -c -i Start In: N/A Comment: This task defragments the computers hard disk drives. Scheduled Task State: Enabled Idle Time: Only Start If Idle for 3 minutes, If Not Idle Retry For 525600 minutes Stop the task if Idle State end Power Management: Stop On Battery Mode, No Start On Batteries Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: Weekly Start Time: 1:00:00 AM Start Date: 1/1/2005 End Date: N/A Days: WED Months: Every 1 week(s) Repeat: Every: Disabled Repeat: Until: Time: Disabled Repeat: Until: Duration: Disabled Repeat: Stop If Still Running: Disabled Folder: \Microsoft\Windows\DiskDiagnostic HostName: NOBODY-PC TaskName: \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector Next Run Time: 5/18/2008 1:00:00 AM Status: Ready Logon Mode: Interactive/Background Last Run Time: 5/4/2008 4:21:17 AM Last Result: 267045 Author: Microsoft Corporation Task To Run: %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART Start In: N/A Comment: The Windows Diagnostic Infrastructure Resolution host enables interactive resolutions for system problems detected by the Diagnostic Policy Service. It is triggered when necessary by the Diagnostic Policy Service in the appropriate user session. If the Scheduled Task State: Enabled Idle Time: Only Start If Idle for 10 minutes, If Not Idle Retry For 60 minutes Power Management: No Start On Batteries Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: Weekly Start Time: 1:00:00 AM Start Date: 1/1/2004 End Date: N/A Days: SUN Months: Every 2 week(s) Repeat: Every: Disabled Repeat: Until: Time: Disabled Repeat: Until: Duration: Disabled Repeat: Stop If Still Running: Disabled Folder: \Microsoft\Windows\Media Center HostName: NOBODY-PC TaskName: \Microsoft\Windows\Media Center\ehDRMInit Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: 1/20/2008 9:51:54 PM Last Result: 0 Author: N/A Task To Run: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit Start In: N/A Comment: Privileged Media Center DRM initialization job Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: On demand only Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\Media Center\mcupdate Next Run Time: 5/6/2008 5:07:47 AM Status: Ready Logon Mode: Interactive/Background Last Run Time: 5/5/2008 9:51:18 PM Last Result: 0 Author: N/A Task To Run: %SystemRoot%\ehome\mcupdate $(Arg0) -gc Start In: N/A Comment: Check for Media Center updates. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode Run As User: NETWORK SERVICE Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: Daily Start Time: N/A Start Date: N/A End Date: N/A Days: Every 1 day(s) Months: N/A Repeat: Every: Disabled Repeat: Until: Time: Disabled Repeat: Until: Duration: Disabled Repeat: Stop If Still Running: Disabled HostName: NOBODY-PC TaskName: \Microsoft\Windows\Media Center\OCURActivate Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: N/A Task To Run: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate Start In: N/A Comment: Privileged Media Center OCUR activation job Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: On demand only Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A
|
|
#70
May 6th, 2008, 10:12 AM
|
|||
|
|||
|
HostName: NOBODY-PC
TaskName: \Microsoft\Windows\Media Center\OCURDiscovery Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: N/A Task To Run: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery Start In: N/A Comment: Privileged Media Center OCUR discovery job Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: On demand only Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\Media Center\UpdateRecordPath Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: 12/19/2007 10:12:44 PM Last Result: 0 Author: N/A Task To Run: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) Start In: N/A Comment: Privileged Media Center Recorder Permission setting job Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: On demand only Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\MobilePC HostName: NOBODY-PC TaskName: \Microsoft\Windows\MobilePC\HotStart Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: 5/5/2008 1:52:49 PM Last Result: 0 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Launches applications configured for Windows HotStart Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: Authenticated Users Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: At logon time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\MobilePC\TMM Next Run Time: N/A Status: Running Logon Mode: Interactive/Background Last Run Time: 5/5/2008 1:53:04 PM Last Result: 267009 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Microsoft Transient Multi-Monitor Manager Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: Authenticated Users Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: At logon time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\MUI HostName: NOBODY-PC TaskName: \Microsoft\Windows\MUI\LPRemove Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: 5/5/2008 2:07:49 PM Last Result: 0 Author: Microsoft Corporation Task To Run: %windir%\system32\lpremove.exe Start In: N/A Comment: N/A Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: At system start up Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\MUI\LPRemove Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: 5/5/2008 2:07:49 PM Last Result: 0 Author: Microsoft Corporation Task To Run: %windir%\system32\lpremove.exe Start In: N/A Comment: N/A Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: One Time Only Start Time: 2:48:10 PM Start Date: 12/20/2007 End Date: N/A Days: N/A Months: N/A Repeat: Every: Disabled Repeat: Until: Time: Disabled Repeat: Until: Duration: Disabled Repeat: Stop If Still Running: Disabled Folder: \Microsoft\Windows\Multimedia HostName: NOBODY-PC TaskName: \Microsoft\Windows\Multimedia\SystemSoundsService Next Run Time: N/A Status: Running Logon Mode: Interactive/Background Last Run Time: 5/5/2008 1:52:51 PM Last Result: 267009 Author: N/A Task To Run: COM handler Start In: N/A Comment: System Sounds User Mode Agent Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: Users Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: At logon time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\NetworkAccessProtection HostName: NOBODY-PC TaskName: \Microsoft\Windows\NetworkAccessProtection\NAPStat us UI Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: 5/5/2008 1:53:04 PM Last Result: 267014 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Launches the Network Access Protection Status UI Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: Users Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: At logon time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\NetworkAccessProtection\NAPStat us UI Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: 5/5/2008 1:53:04 PM Last Result: 267014 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Launches the Network Access Protection Status UI Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: Users Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: When an event occurs Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\PLA INFO: There are no scheduled tasks presently available at your access level. Folder: \Microsoft\Windows\PLA\System HostName: NOBODY-PC TaskName: \Microsoft\Windows\PLA\System\ConvertLogEntries Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: 5/6/2008 3:25:17 AM Last Result: 0 Author: N/A Task To Run: %windir%\system32\rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries Start In: N/A Comment: N/A Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: When an event occurs Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\RAC HostName: NOBODY-PC TaskName: \Microsoft\Windows\RAC\RACAgent Next Run Time: N/A Status: Unknown Logon Mode: Interactive/Background Last Run Time: 5/6/2008 3:07:55 AM Last Result: 0 Author: Microsoft Corporation Task To Run: %windir%\system32\RacAgent.exe Start In: N/A Comment: Microsoft Reliability Analysis task started periodically to process system reliability data. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: LOCAL SERVICE Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: At system start up Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\RAC\RACAgent Next Run Time: N/A Status: Unknown Logon Mode: Interactive/Background Last Run Time: 5/6/2008 3:07:55 AM Last Result: 0 Author: Microsoft Corporation Task To Run: %windir%\system32\RacAgent.exe Start In: N/A Comment: Microsoft Reliability Analysis task started periodically to process system reliability data. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: LOCAL SERVICE Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: At system start up Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\RemoteAssistance HostName: NOBODY-PC TaskName: \Microsoft\Windows\RemoteAssistance\RemoteAssistan ceTask Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Task To Run: %windir%\system32\RAServer.exe /offerraupdate Start In: %windir% Comment: Checks group policy for changes relevant to Remote Assistance Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: When an event occurs Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A
|
|
#71
May 6th, 2008, 10:13 AM
|
|||
|
|||
|
HostName: NOBODY-PC
TaskName: \Microsoft\Windows\RemoteAssistance\RemoteAssistan ceTask Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Task To Run: %windir%\system32\RAServer.exe /offerraupdate Start In: %windir% Comment: Checks group policy for changes relevant to Remote Assistance Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: At system start up Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\Shell HostName: NOBODY-PC TaskName: \Microsoft\Windows\Shell\CrawlStartPages Next Run Time: N/A Status: Unknown Logon Mode: Interactive/Background Last Run Time: 5/6/2008 3:25:15 AM Last Result: -2147216604 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: Index all crawl type start addresses. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: LOCAL SERVICE Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: At idle time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\SideShow HostName: NOBODY-PC TaskName: \Microsoft\Windows\SideShow\AutoWake Next Run Time: Disabled Status: Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: This task automatically wakes the computer and then puts it to sleep when automatic wake is turned on for a Windows SideShow-compatible device. Scheduled Task State: Disabled Idle Time: Disabled Power Management: Run As User: LOCAL SERVICE Delete Task If Not Rescheduled: Disabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: At logon time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\SideShow\GadgetManager Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: This task manages and synchronizes metadata for the installed gadgets on a Windows SideShow-compatible device. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: Users Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: At logon time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\SideShow\SessionAgent Next Run Time: Disabled Status: Could not start Logon Mode: Interactive/Background Last Run Time: 10/16/2007 12:49:25 AM Last Result: -2147023729 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: This task manages the session behavior when multiple user accounts exist on a Windows SideShow-compatible device. Scheduled Task State: Disabled Idle Time: Disabled Power Management: Run As User: Users Delete Task If Not Rescheduled: Disabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: At logon time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\SideShow\SystemDataProviders Next Run Time: Disabled Status: Could not start Logon Mode: Interactive/Background Last Run Time: 10/16/2007 12:49:40 AM Last Result: -2147023729 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: This task provides system data for the clock, power source, wireless network strength, and volume on a Windows SideShow-compatible device. Scheduled Task State: Disabled Idle Time: Disabled Power Management: Run As User: LOCAL SERVICE Delete Task If Not Rescheduled: Disabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: At logon time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\SystemRestore HostName: NOBODY-PC TaskName: \Microsoft\Windows\SystemRestore\SR Next Run Time: 5/7/2008 12:00:00 AM Status: Ready Logon Mode: Interactive/Background Last Run Time: 5/6/2008 12:23:15 AM Last Result: 0 Author: Microsoft Corporation Task To Run: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation Start In: N/A Comment: This task creates regular system protection points. Scheduled Task State: Enabled Idle Time: Only Start If Idle for 10 minutes, If Not Idle Retry For 525600 minutes Power Management: No Start On Batteries Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: Daily Start Time: 12:00:00 AM Start Date: 6/14/2005 End Date: N/A Days: Every 1 day(s) Months: N/A Repeat: Every: Disabled Repeat: Until: Time: Disabled Repeat: Until: Duration: Disabled Repeat: Stop If Still Running: Disabled HostName: NOBODY-PC TaskName: \Microsoft\Windows\SystemRestore\SR Next Run Time: 5/7/2008 12:00:00 AM Status: Ready Logon Mode: Interactive/Background Last Run Time: 5/6/2008 12:23:15 AM Last Result: 0 Author: Microsoft Corporation Task To Run: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation Start In: N/A Comment: This task creates regular system protection points. Scheduled Task State: Enabled Idle Time: Only Start If Idle for 10 minutes, If Not Idle Retry For 525600 minutes Power Management: No Start On Batteries Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: At system start up Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\Tcpip HostName: NOBODY-PC TaskName: \Microsoft\Windows\Tcpip\IpAddressConflict1 Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Corporation Task To Run: rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem Start In: N/A Comment: N/A Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: Users Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: When an event occurs Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A HostName: NOBODY-PC TaskName: \Microsoft\Windows\Tcpip\IpAddressConflict2 Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Corporation Task To Run: rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem Start In: N/A Comment: N/A Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: Users Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: When an event occurs Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\TextServicesFramework HostName: NOBODY-PC TaskName: \Microsoft\Windows\TextServicesFramework\MsCtfMoni tor Next Run Time: N/A Status: Running Logon Mode: Interactive/Background Last Run Time: 5/5/2008 1:53:04 PM Last Result: 267009 Author: N/A Task To Run: COM handler Start In: N/A Comment: TextServicesFramework monitor task Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: Users Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: At logon time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\UPnP HostName: NOBODY-PC TaskName: \Microsoft\Windows\UPnP\UPnPHostConfig Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Task To Run: sc.exe config upnphost start= auto Start In: N/A Comment: Set UPnPHost service to Auto-Start Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode, No Start On Batteries Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: On demand only Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A
|
|
#72
May 6th, 2008, 10:13 AM
|
|||
|
|||
|
Folder: \Microsoft\Windows\WDI
HostName: NOBODY-PC TaskName: \Microsoft\Windows\WDI\ResolutionHost Next Run Time: N/A Status: Could not start Logon Mode: Interactive/Background Last Run Time: 4/29/2008 8:17:14 PM Last Result: -2147023829 Author: Microsoft Corporation Task To Run: COM handler Start In: N/A Comment: The Windows Diagnostic Infrastructure Resolution host enables interactive resolutions for system problems detected by the Diagnostic Policy Service. It is triggered when necessary by the Diagnostic Policy Service in the appropriate user session. If the Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: INTERACTIVE Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Disabled Schedule: Scheduling data is not available in this format. Schedule Type: On demand only Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\Windows Error Reporting HostName: NOBODY-PC TaskName: \Microsoft\Windows\Windows Error Reporting\QueueReporting Next Run Time: N/A Status: Unknown Logon Mode: Interactive/Background Last Run Time: 5/5/2008 2:05:49 PM Last Result: 0 Author: Microsoft Corporation Task To Run: %windir%\system32\wermgr.exe -queuereporting Start In: N/A Comment: Windows Error Reporting task to process queued reports. Scheduled Task State: Enabled Idle Time: Disabled Power Management: Run As User: Users Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: At logon time Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\Wired HostName: NOBODY-PC TaskName: \Microsoft\Windows\Wired\GatherWiredInfo Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Task To Run: %windir%\system32\gatherWiredInfo.vbs Start In: $(Arg1) Comment: Wired information collector Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode Run As User: Users Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: On demand only Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows\Wireless HostName: NOBODY-PC TaskName: \Microsoft\Windows\Wireless\GatherWirelessInfo Next Run Time: N/A Status: Ready Logon Mode: Interactive/Background Last Run Time: N/A Last Result: 1 Author: Microsoft Task To Run: %windir%\system32\gatherWirelessInfo.vbs Start In: $(Arg1) Comment: Wireless information collector Scheduled Task State: Enabled Idle Time: Disabled Power Management: Stop On Battery Mode Run As User: Users Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: On demand only Start Time: N/A Start Date: N/A End Date: N/A Days: N/A Months: N/A Repeat: Every: N/A Repeat: Until: Time: N/A Repeat: Until: Duration: N/A Repeat: Stop If Still Running: N/A Folder: \Microsoft\Windows Defender HostName: NOBODY-PC TaskName: \Microsoft\Windows Defender\MP Scheduled Scan Next Run Time: 5/7/2008 1:35:00 AM Status: Ready Logon Mode: Interactive/Background Last Run Time: 5/6/2008 1:35:00 AM Last Result: 0 Author: N/A Task To Run: c:\program files\windows defender\MpCmdRun.exe Scan -RestrictPrivileges Start In: N/A Comment: Scheduled Scan Scheduled Task State: Enabled Idle Time: Disabled Power Management: No Start On Batteries Run As User: SYSTEM Delete Task If Not Rescheduled: Enabled Stop Task If Runs X Hours and X Mins: Schedule: Scheduling data is not available in this format. Schedule Type: Daily Start Time: 1:35:00 AM Start Date: 1/1/2000 End Date: 1/1/2100 Days: Every 1 day(s) Months: N/A Repeat: Every: Disabled Repeat: Until: Time: Disabled Repeat: Until: Duration: Disabled Repeat: Stop If Still Running: Disabled Whew! And I thought the last cut and paste was long!
|
|
#73
May 6th, 2008, 10:37 PM
|
||||
|
||||
|
Click on Start and type cmd in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as Administrator". Copy and paste the following command in the Code box after the prompt > and hit Enter.
Copy and paste the following command in the Code box after the prompt > and hit Enter. SCHTASKS /Delete /TN "JavaUpdateNobody" If you are asked if you want to delete this task, type Y. Close the command prompt after the command has run please. If you get an error message, please post it here. Next go to Add/Remove Programs in Control Panel and uninstall all versions of Sun Java/JRE (Sun Java Runtime Environment/J2SE Runtime Environment) and reboot. When you have done that, go here and download and install the latest version of Sun Java (Java Runtime Environment (JRE) 6 Update 6 - offline version). When you have done this, open Notepad and copy and paste the below text in it: Code:
@echo off cd C:\WINDOWS\system32 del jureg.exe del jusched.exe del jucheck.exe Shutdown please. Wait a few minutes and then restart your computer and post a new Silent Runners log. Also tell me if you still get the error when you shut down.
|
|
#74
May 14th, 2008, 12:32 AM
|
|||
|
|||
|
Thanks AnnMarie!
I didn't get to this yet as I've been out of town. I'll work on it this week once I get settled back in, and we'll see how it goes. Thanks again. I hope this ends up solving the problem.
|
|
| Bookmarks |
«
Previous Topic
|
Next Topic
»
|
|
Similar Topics
|
||||
| Topic | Topic Starter | Forum | Replies | Last Post |
| MSN email logging in error | G8888 | Windows XP | 2 | November 26th, 2005 06:32 PM |
| Run Time Error Logging on | dthormahlen | Malware Removal | 14 | July 18th, 2005 06:17 PM |
| AUTOEXEC.NT error when logging in | arch2004 | Windows NT, 2000, 2003, 2008, 2012 | 4 | October 17th, 2004 02:56 AM |
| .dll error when logging in | RHouston | Windows 98 | 2 | September 18th, 2004 07:11 AM |
| Msoobe error when logging on to IE | BigSexy | Windows 98 | 3 | July 21st, 2004 10:22 PM |
All times are GMT +1. The time now is 05:59 AM.