Author Topic: [Resolved] A/V Scans hanging up  (Read 7773 times)

Offline PGB

  • Bronze Member
  • Posts: 381
Re: [In Progress] A/V Scans hanging up
« Reply #15 on: September 02, 2015, 06:49:04 PM »
Had never heard of it before.  Will check it out.

"Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/
Operating System: Microsoft Windows 7 Professional Service Pack 1 (64-bit)
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
SUPERAntiSpyware = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [SUPERAntiSpyware]
RESTART_STICKY_NOTES = C:\Windows\System32\StikyNot.exe [MS]
Dropbox Update = "C:\Users\Phyllis\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c [Dropbox, Inc.]

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\ {++}
Application Restart #4 = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --win-jumplist-action=recently-closed --flag-switches-begin --flag-switches-end --restore-last-session https://www.topproducer8i.com/14.7000.07.00/Calendar/CalendarLanding.aspx?view_id=1&plDate=2015-04-29&assigned_to_id={01829190-3b47-4637-ad7c-4d1c1cbec748} [Google Inc.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
RTHDVCPL = "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [Realtek Semiconductor]
RtHDVBg_DTS = "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P [Realtek Semiconductor]
Persistence = "C:\Windows\system32\igfxpers.exe" [Intel Corporation]
MSC = "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [MS]
LogMeIn GUI = "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" [LogMeIn, Inc.]
IgfxTray = "C:\Windows\system32\igfxtray.exe" [Intel Corporation]
IAStorIcon = "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [Intel Corporation]
HotKeysCmds = "C:\Windows\system32\hkcmd.exe" [Intel Corporation]
Acronis Scheduler2 Service = "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [Acronis]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++}
(Default) = (empty string) [file not found]
USB3MON = "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [Intel Corporation]
TrueImageMonitor.exe = "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [Acronis]
TkBellExe = "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot [RealNetworks, Inc.]
SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Oracle Corporation]
StartCCC = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [Advanced Micro Devices, Inc.]
RoxWatchTray = "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [Sonic Solutions]
RealDownloader = C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [null data]
DivXUpdate = "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [null data]
DivXMediaServer = C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [DivX, LLC]
BrStsMon00 = C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN [Brother Industries, Ltd.]
AcronisTibMounterMonitor = C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [Acronis International GmbH]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{3049C3E9-B461-4BC5-8870-4C09146192CA}\(Default) = (no title provided)
  -> {HKLM...CLSID} = RealNetworks Download and Record Plugin for Internet Explorer
                   \InProcServer32\(Default) = C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [RealDownloader]
  -> {HKLM...Wow...CLSID} = RealNetworks Download and Record Plugin for Internet Explorer
                         \InProcServer32\(Default) = C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [RealDownloader]

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO
  -> {HKLM...CLSID} = Skype Click to Call for Internet Explorer
                   \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [MS]
  -> {HKLM...Wow...CLSID} = Skype Click to Call for Internet Explorer
                         \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [MS]

{B4F3A835-0E21-4959-BA22-42B3008E02FF}\(Default) = URLRedirectionBHO
  -> {HKLM...CLSID} = Office Document Cache Handler
                   \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [MS]
  -> {HKLM...Wow...CLSID} = Office Document Cache Handler
                         \InProcServer32\(Default) = C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [MS]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{3049C3E9-B461-4BC5-8870-4C09146192CA}\(Default) = (no title provided)
  -> {HKLM...CLSID} = RealNetworks Download and Record Plugin for Internet Explorer
                   \InProcServer32\(Default) = C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [RealDownloader]
  -> {HKLM...Wow...CLSID} = RealNetworks Download and Record Plugin for Internet Explorer
                         \InProcServer32\(Default) = C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [RealDownloader]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
  -> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper
                         \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [Oracle Corporation]

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO
  -> {HKLM...CLSID} = Skype Click to Call for Internet Explorer
                   \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [MS]
  -> {HKLM...Wow...CLSID} = Skype Click to Call for Internet Explorer
                         \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [MS]

{B4F3A835-0E21-4959-BA22-42B3008E02FF}\(Default) = URLRedirectionBHO
  -> {HKLM...CLSID} = Office Document Cache Handler
                   \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [MS]
  -> {HKLM...Wow...CLSID} = Office Document Cache Handler
                         \InProcServer32\(Default) = C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [MS]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
  -> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper
                         \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [Oracle Corporation]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

 DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...CLSID} = DropboxExt1 Class
                   \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [Dropbox, Inc.]

 DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...CLSID} = DropboxExt2 Class
                   \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [Dropbox, Inc.]

 DropboxExt3\(Default) = {FB314EDD-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...CLSID} = DropboxExt5 Class
                   \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [Dropbox, Inc.]

 DropboxExt4\(Default) = {FB314EDE-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...CLSID} = DropboxExt6 Class
                   \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [Dropbox, Inc.]

 DropboxExt5\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...CLSID} = DropboxExt3 Class
                   \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [Dropbox, Inc.]

 DropboxExt6\(Default) = {FB314EDF-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...CLSID} = DropboxExt7 Class
                   \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [Dropbox, Inc.]

 DropboxExt7\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...CLSID} = DropboxExt4 Class
                   \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [Dropbox, Inc.]

 DropboxExt8\(Default) = {FB314EE0-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...CLSID} = DropboxExt8 Class
                   \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [Dropbox, Inc.]

AcronisSyncError\(Default) = {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [Acronis]

AcronisSyncInProgress\(Default) = {00F848DC-B1D4-4892-9C25-CAADC86A215D}
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [Acronis]

AcronisSyncOk\(Default) = {71573297-552E-46fc-BE3D-3DFAF88D47B7}
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [Acronis]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

 DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...Wow...CLSID} = DropboxExt1 Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

 DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...Wow...CLSID} = DropboxExt2 Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

 DropboxExt3\(Default) = {FB314EDD-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...Wow...CLSID} = DropboxExt5 Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

 DropboxExt4\(Default) = {FB314EDE-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...Wow...CLSID} = DropboxExt6 Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

 DropboxExt5\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...Wow...CLSID} = DropboxExt3 Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

 DropboxExt6\(Default) = {FB314EDF-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...Wow...CLSID} = DropboxExt7 Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

 DropboxExt7\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...Wow...CLSID} = DropboxExt4 Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

 DropboxExt8\(Default) = {FB314EE0-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...Wow...CLSID} = DropboxExt8 Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...Wow...CLSID} = DropboxExt1 Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...Wow...CLSID} = DropboxExt2 Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

DropboxExt3\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}
  -> {HKCU...Wow...CLSID} = DropboxExt3 Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{872A9397-E0D6-4e28-B64D-52B8D0A7EA35} = Display CPL Extension
  -> {HKLM...CLSID} = DisplayCplExt Class
                   \InProcServer32\(Default) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiama64.dll [Advanced Micro Devices, Inc.]

{5E2121EE-0300-11D4-8D3B-444553540000} = Catalyst Context Menu extension
  -> {HKLM...CLSID} = SimpleShlExt Class
                   \InProcServer32\(Default) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [Advanced Micro Devices, Inc.]

{09A47860-11B0-4DA5-AFA5-26D86198A780} = EPP
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = c:\PROGRA~1\MICROS~1\shellext.dll [MS]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL [MS]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler
  -> {HKLM...CLSID} = Microsoft Office Metadata Handler
                   \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler
  -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler
                   \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll [MS]

{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search
  -> {HKLM...CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search
                   \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL [MS]

{506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0}
  -> {HKLM...CLSID} = ImageExtractorShellExt Class
                   \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\VISSHE.DLL [MS]

{D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF}
  -> {HKLM...CLSID} = CInfoTipShellExt Class
                   \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\VISSHE.DLL [MS]

{7CCA70DB-DE7A-4FB7-9B2B-52E2335A3B5A} = Nameext
  -> {HKLM...CLSID} = Enterprise Projects
                   \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\NAMEEXT.DLL [MS]

{0006F045-0000-0000-C000-000000000046} = Microsoft Outlook Custom Icon Handler
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL [MS]

{0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} = RXDCExtShlExt extension
  -> {HKLM...CLSID} = RXDCExtShlExt Class
                   \InProcServer32\(Default) = C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [Sonic Solutions]

{C539A15A-3AF9-4c92-B771-50CB78F5C751} = Acronis True Image Shell Context Menu Extension
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [Acronis]

{C539A15B-3AF9-4c92-B771-50CB78F5C751} = Acronis True Image Shell Extension
  -> {HKLM...CLSID} = Acronis Secure Zone
                   \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [Acronis]

{AE424E85-F6DF-4910-A6A9-438797986431} = OpenOffice Property Handler
  -> {HKLM...CLSID} = OpenOffice Property Handler
                   \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll [Apache Software Foundation]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler
  -> {HKLM...Wow...CLSID} = (no title provided)
                         \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll [MS]

{506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0}
  -> {HKLM...Wow...CLSID} = ImageExtractorShellExt Class
                         \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL [MS]

{D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF}
  -> {HKLM...Wow...CLSID} = CInfoTipShellExt Class
                         \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL [MS]

{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search
  -> {HKLM...Wow...CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search
                         \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL [MS]

{00020D75-0000-0000-C000-000000000046} = Microsoft Outlook Desktop Icon Handler
  -> {HKLM...Wow...CLSID} = Microsoft Outlook
                         \InProcServer32\(Default) = C:\PROGRA~2\MICROS~2\Office14\MLSHEXT.DLL [MS]

{0006F045-0000-0000-C000-000000000046} = Microsoft Outlook Custom Icon Handler
  -> {HKLM...Wow...CLSID} = Outlook File Icon Extension
                         \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL [MS]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler
  -> {HKLM...Wow...CLSID} = Microsoft Office Metadata Handler
                         \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler
  -> {HKLM...Wow...CLSID} = Microsoft Office Thumbnail Handler
                         \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll [MS]

{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} = Shell Extensions for RealOne Player
  -> {HKLM...Wow...CLSID} = RealOne Player Context Menu Class
                         \InProcServer32\(Default) = c:\program files (x86)\real\realplayer\rpshell.dll [RealNetworks, Inc.]

{AE424E85-F6DF-4910-A6A9-438797986431} = OpenOffice Property Handler
  -> {HKLM...Wow...CLSID} = OpenOffice Property Handler
                         \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl.dll [Apache Software Foundation]

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} = OpenOffice Column Handler
  -> {HKLM...Wow...CLSID} = (no title provided)
                         \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl.dll [Apache Software Foundation]

{087B3AE3-E237-4467-B8DB-5A38AB959AC9} = OpenOffice Infotip Handler
  -> {HKLM...Wow...CLSID} = (no title provided)
                         \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl.dll [Apache Software Foundation]

{63542C48-9552-494A-84F7-73AA6A7C99C1} = OpenOffice Property Sheet Handler
  -> {HKLM...Wow...CLSID} = (no title provided)
                         \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl.dll [Apache Software Foundation]

{3B092F0C-7696-40E3-A80F-68D74DA84210} = OpenOffice Thumbnail Viewer
  -> {HKLM...Wow...CLSID} = (no title provided)
                         \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl.dll [Apache Software Foundation]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\

{65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}\(Default) = LogMeInCredProv
  -> {HKLM...CLSID} = LogMeInCredProv
                   \InProcServer32\(Default) = LMIinit.dll [LogMeIn, Inc.]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

<<!>> text/xml\CLSID = {807573E5-5146-11D5-A672-00B0D022E945}
  -> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter
                   \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> skypec2c\CLSID = {91774881-D725-4E58-B298-07617B9B86A8}
  -> {HKLM...CLSID} = Skype Click to Call for IE Pluggable Protocol
                   \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [MS]

HKCU\Software\Classes\*\shellex\ContextMenuHandlers\

DropboxExt\(Default) = {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}
  -> {HKCU...CLSID} = ContextMenuHandler Class
                   \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [Dropbox, Inc.]
  -> {HKCU...Wow...CLSID} = ContextMenuHandler Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780}
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = c:\PROGRA~1\MICROS~1\shellext.dll [MS]

RXDCExtSvr\(Default) = {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
  -> {HKLM...CLSID} = RXDCExtShlExt Class
                   \InProcServer32\(Default) = C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [Sonic Solutions]

VersionsPageShellExt\(Default) = {9E42900A-85F9-4E67-9778-575FBBA0A81C}
  -> {HKLM...CLSID} = VersionsPageShellExt Class
                   \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [Acronis]
  -> {HKLM...Wow...CLSID} = VersionsPageShellExt Class
                         \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\versions_page.dll [Acronis]

{C539A15A-3AF9-4c92-B771-50CB78F5C751}\(Default) = (no title provided)
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [Acronis]
  -> {HKLM...Wow...CLSID} = Acronis True Image Shell Context Menu Extension
                         \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\tishell.dll [Acronis]

{CA8ACAFA-5FBB-467B-B348-90DD488DE003}\(Default) = SUPERAntiSpyware Context Menu
  -> {HKLM...CLSID} = SASContextMenu Class
                   \InProcServer32\(Default) = C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL [SUPERAntiSpyware.com]

HKLM\SOFTWARE\Classes\*\shellex\PropertySheetHandlers\

{9E42900A-85F9-4E67-9778-575FBBA0A81C}\(Default) = (no title provided)
  -> {HKLM...CLSID} = VersionsPageShellExt Class
                   \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [Acronis]
  -> {HKLM...Wow...CLSID} = VersionsPageShellExt Class
                         \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\versions_page.dll [Acronis]

HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
  -> {HKLM...CLSID} = MBAMShlExt Class
                   \InProcServer32\(Default) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [Malwarebytes Corporation]

{4A7C4306-57E0-4C0C-83A9-78C1528F618C}\(Default) = {4A7C4306-57E0-4C0C-83A9-78C1528F618C}
  -> {HKLM...CLSID} = RealPlayer Cloud
                   \InProcServer32\(Default) = c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcloudview.dll [RealNetworks, Inc.]
  -> {HKLM...Wow...CLSID} = RealPlayer Cloud
                         \InProcServer32\(Default) = c:\program files (x86)\real\realplayer\RPDS\Bin\rpcloudview.dll [RealNetworks, Inc.]

{CA8ACAFA-5FBB-467B-B348-90DD488DE003}\(Default) = SUPERAntiSpyware Context Menu
  -> {HKLM...CLSID} = SASContextMenu Class
                   \InProcServer32\(Default) = C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL [SUPERAntiSpyware.com]

HKCU\Software\Classes\Directory\shellex\ContextMenuHandlers\

DropboxExt\(Default) = {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}
  -> {HKCU...CLSID} = ContextMenuHandler Class
                   \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [Dropbox, Inc.]
  -> {HKCU...Wow...CLSID} = ContextMenuHandler Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780}
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = c:\PROGRA~1\MICROS~1\shellext.dll [MS]

{CA8ACAFA-5FBB-467B-B348-90DD488DE003}\(Default) = SUPERAntiSpyware Context Menu
  -> {HKLM...CLSID} = SASContextMenu Class
                   \InProcServer32\(Default) = C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL [SUPERAntiSpyware.com]

HKCU\Software\Classes\Directory\shellex\CopyHookHandlers\

DropboxCopyHook\(Default) = {FBC9D74C-AF55-4309-9FB2-C426E071637F}
  -> {HKCU...CLSID} = DropboxExt CopyHook Class
                   \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [Dropbox, Inc.]
  -> {HKCU...Wow...CLSID} = DropboxExt CopyHook Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

HKCU\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\

DropboxExt\(Default) = {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}
  -> {HKCU...CLSID} = ContextMenuHandler Class
                   \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [Dropbox, Inc.]
  -> {HKCU...Wow...CLSID} = ContextMenuHandler Class
                         \InProcServer32\(Default) = C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

ACE\(Default) = {5E2121EE-0300-11D4-8D3B-444553540000}
  -> {HKLM...CLSID} = SimpleShlExt Class
                   \InProcServer32\(Default) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [Advanced Micro Devices, Inc.]

igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
  -> {HKLM...CLSID} = GraphicsShellExt Class
                   \InProcServer32\(Default) = C:\Windows\system32\igfxpph.dll [Intel Corporation]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = OpenOffice Column Handler
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll [Apache Software Foundation]
  -> {HKLM...Wow...CLSID} = (no title provided)
                         \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl.dll [Apache Software Foundation]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
  -> {HKLM...CLSID} = MBAMShlExt Class
                   \InProcServer32\(Default) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [Malwarebytes Corporation]

RXDCExtSvr\(Default) = {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
  -> {HKLM...CLSID} = RXDCExtShlExt Class
                   \InProcServer32\(Default) = C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [Sonic Solutions]

VersionsPageShellExt\(Default) = {9E42900A-85F9-4E67-9778-575FBBA0A81C}
  -> {HKLM...CLSID} = VersionsPageShellExt Class
                   \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [Acronis]
  -> {HKLM...Wow...CLSID} = VersionsPageShellExt Class
                         \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\versions_page.dll [Acronis]

{C539A15A-3AF9-4c92-B771-50CB78F5C751}\(Default) = (no title provided)
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [Acronis]
  -> {HKLM...Wow...CLSID} = Acronis True Image Shell Context Menu Extension
                         \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\tishell.dll [Acronis]

HKLM\SOFTWARE\Classes\Folder\shellex\PropertySheetHandlers\

{9E42900A-85F9-4E67-9778-575FBBA0A81C}\(Default) = (no title provided)
  -> {HKLM...CLSID} = VersionsPageShellExt Class
                   \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [Acronis]
  -> {HKLM...Wow...CLSID} = VersionsPageShellExt Class
                         \InProcServer32\(Default) = C:\Program Files (x86)\Acronis\TrueImageHome\versions_page.dll [Acronis]


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

PromptOnSecureDesktop = (REG_DWORD) dword:0x00000000
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
User Account Control: Switch to the secure desktop when prompting for elevation}

EnableLinkedConnections = (REG_DWORD) dword:0x00000001
{unrecognized setting}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
Wallpaper = C:\Users\Phyllis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg


Windows Portable Device AutoPlay Handlers
-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

Corel PaintShop Pro X6ShowPicturesOnArrivalHandler\
InvokeProgID = PaintShopProX6_64.Image
InvokeVerb = Review
HKLM\SOFTWARE\Classes\PaintShopProX6_64.Image\shell\Review\command\(Default) = "c:\Program Files\Corel\Corel PaintShop Pro X6 (64-bit)\Corel PaintShop Pro.exe" "%1" [Corel, Inc.]

MSPlayCDAudioOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.AudioCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS]

MSPlayDVDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.DVD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS]

MSPlaySuperVideoCDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.VCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]

MSPlayVideoCDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.VCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]

MSWMPBurnCDOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.BurnCD
InvokeVerb = Burn
HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS]

RoxioSCAudioCDTask36\
Provider = Roxio Central Audio
InvokeProgID = Roxio.RoxioCentral36
InvokeVerb = AudioCDTask
HKLM\SOFTWARE\Classes\Roxio.RoxioCentral36\shell\AudioCDTask\Command\(Default) = "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe" /Launch {1DF24BC5-8E7F-4D41-AF7B-1EAAF8CE889B} [null data]

RoxioSCCopyCD36\
Provider = Roxio Central Copy
InvokeProgID = Roxio.RoxioCentral36
InvokeVerb = ExactCopyJob
HKLM\SOFTWARE\Classes\Roxio.RoxioCentral36\shell\ExactCopyJob\Command\(Default) = "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe" /Launch {D7B34115-CCC3-4508-BAC4-02A111F4DB4D} [null data]

RoxioSCCopyDisc36\
Provider = Roxio Central Copy
InvokeProgID = Roxio.RoxioCentral36
InvokeVerb = ExactCopyJob
HKLM\SOFTWARE\Classes\Roxio.RoxioCentral36\shell\ExactCopyJob\Command\(Default) = "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe" /Launch {D7B34115-CCC3-4508-BAC4-02A111F4DB4D} [null data]

RoxioSCDataProject36\
Provider = Roxio Central Data
InvokeProgID = Roxio.RoxioCentral36
InvokeVerb = DataGuide
HKLM\SOFTWARE\Classes\Roxio.RoxioCentral36\shell\DataGuide\Command\(Default) = "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe" /Launch Data [null data]

RoxioSCDataTask36\
Provider = Roxio Central Data
InvokeProgID = Roxio.RoxioCentral36
InvokeVerb = DataTask
HKLM\SOFTWARE\Classes\Roxio.RoxioCentral36\shell\DataTask\Command\(Default) = "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe" /Launch {85B64A0F-9111-4A55-8B5A-59343EE1EE8B} [null data]

RPCDBurningOnArrival\
Provider = RealPlayer Cloud
InvokeProgID = RealPlayer.CDBurn.6
InvokeVerb = open
HKCU\Software\Classes\RealPlayer.CDBurn.6\shell\open\command\(Default) = "c:\program files (x86)\real\realplayer\\RealPlay.exe" /burn "%1" [RealNetworks, Inc.]

RPDVDBurningOnArrival\
Provider = RealPlayer Cloud
InvokeProgID = RealPlayer.DVDBurn.6
InvokeVerb = open
HKCU\Software\Classes\RealPlayer.DVDBurn.6\shell\open\command\(Default) = "c:\program files (x86)\real\realplayer\\RealPlay.exe" /burndvd "%1" [RealNetworks, Inc.]

RPPlayCDAudioOnArrival\
Provider = RealPlayer Cloud
InvokeProgID = RealPlayer.AudioCD.6
InvokeVerb = play
HKCU\Software\Classes\RealPlayer.AudioCD.6\shell\play\command\(Default) = "c:\program files (x86)\real\realplayer\\RealPlay.exe"  /play %1  [RealNetworks, Inc.]

RPPlayDVDMovieOnArrival\
Provider = RealPlayer Cloud
InvokeProgID = RealPlayer.DVD.6
InvokeVerb = play
HKCU\Software\Classes\RealPlayer.DVD.6\shell\play\command\(Default) = "c:\program files (x86)\real\realplayer\\RealPlay.exe"  /dvd %1  [RealNetworks, Inc.]

RPPlayMediaOnArrival\
Provider = RealPlayer Cloud
InvokeProgID = RealPlayer.AutoPlay.6
InvokeVerb = open
HKCU\Software\Classes\RealPlayer.AutoPlay.6\shell\open\command\(Default) = "c:\program files (x86)\real\realplayer\\RealPlay.exe" /autoplay "%1" [RealNetworks, Inc.]


Startup items in "Phyllis" & "All Users" startup folders:
---------------------------------------------------------

C:\Users\Phyllis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup {++}
Dropbox -> shortcut to: C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [Dropbox, Inc.]
ScreenHunter 6.0 Free -> shortcut to: C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe [Wisdom Software Inc. ]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup {++}
NETGEAR WNDA3100v2 Genie -> shortcut to: C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe [null data]
RealPlayer Cloud Service UI -> shortcut to: C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe [RealNetworks, Inc.]


Non-disabled Scheduled Tasks: {++}
-----------------------------

C:\Windows\System32\Tasks
Adobe Acrobat Update Task ->  launches: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [Adobe Systems Incorporated]
Adobe Flash Player Updater ->  launches: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated]
CCleanerSkipUAC ->  launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd]
DropboxUpdateTaskUserS-1-5-21-4249353033-2772040276-2529461727-1000Core ->  launches: C:\Users\Phyllis\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c [Dropbox, Inc.]
DropboxUpdateTaskUserS-1-5-21-4249353033-2772040276-2529461727-1000UA ->  launches: C:\Users\Phyllis\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler [Dropbox, Inc.]
EasyShare Registration Task ->  launches: C:\Windows\system32\rundll32.exe C:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_7.8.30.2.sxt _RegistrationOffer@16 [MS]
G2MUpdateTask-S-1-5-21-4249353033-2772040276-2529461727-1000 ->  launches: C:\Program Files (x86)\Citrix\GoToMeeting\3356\g2mupdate.exe [Citrix Online, a division of Citrix Systems, Inc.]
G2MUploadTask-S-1-5-21-4249353033-2772040276-2529461727-1000 ->  launches: C:\Program Files (x86)\Citrix\GoToMeeting\3356\g2mupload.exe [Citrix Online, a division of Citrix Systems, Inc.]
GoogleUpdateTaskMachineCore ->  launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.]
GoogleUpdateTaskMachineUA ->  launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.]
RealDownloader Update Check ->  launches: C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe /scheduler [null data]
RealDownloaderRealUpgradeLogonTaskS-1-5-21-4249353033-2772040276-2529461727-1000 ->  launches: C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /logoncheck [RealNetworks, Inc.]
RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4249353033-2772040276-2529461727-1000 ->  launches: C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /scheduledcheck [RealNetworks, Inc.]
RealPlayerRealUpgradeLogonTaskS-1-5-21-4249353033-2772040276-2529461727-1000 ->  launches: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck [RealNetworks, Inc.]
RealPlayerRealUpgradeScheduledTaskS-1-5-21-4249353033-2772040276-2529461727-1000 ->  launches: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck [RealNetworks, Inc.]
Reset ShopAtHome BAC ->  launches: "C:\Users\Phyllis\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\SahProcessManager.exe" "C:\Users\Phyllis\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\ShopAtHome_BAC_Service.exe" "restart" [file not found]
SamsungMagician ->  launches: "C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe" /AUTOHIDE [Samsung Electronics.]
TradeStation Backup - Daily ->  launches: C:\Program Files (x86)\TradeStation 9.5\Program\TSBackupRestore.exe /Backup C:\Program Files (x86)\TradeStation 9.5\Templates\Backup\Daily.tsb [TradeStation Technologies, Inc.]
TradeStation Backup - Monthly ->  launches: C:\Program Files (x86)\TradeStation 9.5\Program\TSBackupRestore.exe /Backup C:\Program Files (x86)\TradeStation 9.5\Templates\Backup\Monthly.tsb [TradeStation Technologies, Inc.]
TradeStation Backup - Weekly ->  launches: C:\Program Files (x86)\TradeStation 9.5\Program\TSBackupRestore.exe /Backup C:\Program Files (x86)\TradeStation 9.5\Templates\Backup\Weekly.tsb [TradeStation Technologies, Inc.]
{CDFDC4BD-99CB-4BAE-B95C-45EFEB402EE3} ->  launches: C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ZipLogix\zipForm6\zipForm6.exe" -d "C:\Program Files (x86)\ZipLogix\zipForm6\" [MS]

C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware
Microsoft Antimalware Scheduled Scan ->  launches: c:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client
AD RMS Rights Policy Template Management (Manual) ->  launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C}
  -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler
                   \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]
  -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler
                         \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience
AitAgent ->  launches: aitagent [MS]
Microsoft Compatibility Appraiser ->  launches: %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly [MS]
ProgramDataUpdater ->  launches: %windir%\system32\rundll32.exe invagent.dll,RunUpdate -noappraiser [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Autochk
Proxy ->  launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth
UninstallDeviceTask ->  launches: BthUdTask.exe $(Arg0) [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient
SystemTask ->  launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}
  -> {HKLM...CLSID} = Certificate Services Client Task Handler
                   \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
  -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler
                         \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
UserTask ->  launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}
  -> {HKLM...CLSID} = Certificate Services Client Task Handler
                   \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
  -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler
                         \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program
Consolidator ->  launches: %SystemRoot%\System32\wsqmcons.exe [MS]
KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c}
  -> {HKLM...CLSID} = KernelCeipCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\kernelceip.dll [MS]
UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8}
  -> {HKLM...CLSID} = UsbCeip
                   \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS]
  -> {HKLM...Wow...CLSID} = UsbCeip
                         \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Defrag
ScheduledDefrag ->  launches: %windir%\system32\defrag.exe -c [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis
Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3}
  -> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\sdiagschd.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Location
Notifications ->  launches: %windir%\System32\LocationNotifications.exe [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance
WinSAT ->  launches: {A9A33436-678B-4C9C-A211-7CC38785E79D}
  -> {HKLM...CLSID} = WinSAT Task Manger Task
                   \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS]
  -> {HKLM...Wow...CLSID} = WinSAT Task Manger Task
                         \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Media Center
ActivateWindowsSearch ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [MS]
ConfigureInternetTimeService ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [MS]
DispatchRecoveryTasks ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [MS]
ehDRMInit ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS]
InstallPlayReady ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [MS]
mcupdate ->  launches: %SystemRoot%\ehome\mcupdate $(Arg0) [MS]
mcupdate_scheduled ->  launches: %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 [MS]
MediaCenterRecoveryTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [MS]
ObjectStoreRecoveryTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [MS]
OCURActivate ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS]
OCURDiscovery ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [MS]
PBDADiscovery ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [MS]
PBDADiscoveryW1 ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [MS]
PBDADiscoveryW2 ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [MS]
PvrRecoveryTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [MS]
PvrScheduleTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [MS]
RegisterSearch ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [MS]
ReindexSearchRoot ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [MS]
SqlLiteRecoveryTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [MS]
StartRecording ->  launches: %SystemRoot%\ehome\ehrec /StartRecording [MS]
UpdateRecordPath ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic
CorruptionDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2}
  -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS]
DecompressionFailureDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2}
  -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC
HotStart ->  launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
  -> {HKLM...CLSID} = HotStart User Agent
                   \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MUI
LPRemove ->  launches: %windir%\system32\lpremove.exe [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia
SystemSoundsService ->  launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543}
  -> {HKLM...CLSID} = Microsoft PlaySoundService Class
                   \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]
  -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class
                         \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace
GatherNetworkInfo ->  launches: %windir%\system32\gatherNetworkInfo.vbs [null data]

C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics
AnalyzeSystem ->  launches: %SystemRoot%\System32\powercfg.exe -energy -auto [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RAC
RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6}
  -> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler
                   \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS]
  -> {HKLM...Wow...CLSID} = ReliabilityAnalysisCustomHandler
                         \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Ras
MobilityManager ->  launches: {c463a0fc-794f-4fdf-9201-01938ceacafa}
  -> {HKLM...CLSID} = RasMobilityManager
                   \InProcServer32\(Default) = C:\Windows\system32\rasmbmgr.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Registry
RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2}
  -> {HKLM...CLSID} = RegistryIdleBackupHandler
                   \InProcServer32\(Default) = C:\Windows\System32\regidle.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance
RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx
launchtrayprocess ->  launches: %windir%\system32\GWX\GWX.exe /tasklaunch [MS]
refreshgwxconfig ->  launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig [MS]
refreshgwxconfigandcontent ->  launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent [MS]
refreshgwxcontent ->  launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers
Logon-5d ->  launches: %windir%\system32\GWX\GWX.exe /event:7 [MS]
MachineUnlock-5d ->  launches: %windir%\system32\GWX\GWX.exe /event:8 [MS]
OutOfIdle-5d ->  launches: %windir%\system32\GWX\GWX.exe /event:6 [MS]
OutOfSleep-5d ->  launches: %windir%\system32\GWX\GWX.exe /event:9 [MS]
refreshgwxconfig-B ->  launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent [MS]
Telemetry-4xd ->  launches: %windir%\system32\GWX\GWX.exe /event:11 [MS]
Time-5d ->  launches: %windir%\system32\GWX\GWX.exe /event:10 [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SideShow
GadgetManager ->  launches: {FF87090D-4A9A-4f47-879B-29A80C355D61}
  -> {HKLM...CLSID} = GadgetsManager Class
                   \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore
SR ->  launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager
Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4}
  -> {HKLM...CLSID} = RunTask
                   \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS]
  -> {HKLM...Wow...CLSID} = RunTask
                         \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip
IpAddressConflict1 ->  launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS]
IpAddressConflict2 ->  launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework
MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}
  -> {HKLM...CLSID} = MsCtfMonitor task handler
                   \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]
  -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler
                         \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization
SynchronizeTime ->  launches: %windir%\system32\sc.exe start w32time task_started [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\UPnP
UPnPHostConfig ->  launches: sc.exe config upnphost start= auto [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WDI
ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1}
  -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]
  -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler
                         \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies
ValidationTask -> (HIDDEN!) launches: %SystemRoot%\system32\Wat\WatAdminSvc.exe /run [MS]
ValidationTaskDeadline -> (HIDDEN!) launches: %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting
QueueReporting ->  launches: %windir%\system32\wermgr.exe -queuereporting [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform
BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing
UpdateLibrary ->  launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup
ConfigNotification ->  launches: %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Wininet
CacheTask ->  launches: {0358b920-0ac7-461f-98f4-58e32cd89148}
  -> {HKLM...CLSID} = Wininet Cache task object
                   \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS]
  -> {HKLM...Wow...CLSID} = Wininet Cache task object
                         \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS]

C:\Windows\System32\Tasks\WPD
SqmUpload_S-1-5-21-424935
« Last Edit: September 02, 2015, 06:57:49 PM by PGB »

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27137
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] A/V Scans hanging up
« Reply #16 on: September 02, 2015, 06:58:48 PM »
You may get a warning not to run it, but it is safe.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline PGB

  • Bronze Member
  • Posts: 381
Re: [In Progress] A/V Scans hanging up
« Reply #17 on: September 02, 2015, 09:07:55 PM »
Ghostery now on my Explorer, Firefox and Chrome browsers. (I need different ones for different programs and services I use.)   I've been playing with it; think I'm going to like it.

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27137
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] A/V Scans hanging up
« Reply #18 on: September 02, 2015, 09:29:49 PM »
Have you tried turning off your backup software and see if that will allow a complete scan?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline PGB

  • Bronze Member
  • Posts: 381
Re: [In Progress] A/V Scans hanging up
« Reply #19 on: September 03, 2015, 08:55:31 PM »
Turned of the Acronis True Image back-up software, and am running MSE.

Offline PGB

  • Bronze Member
  • Posts: 381
Re: [In Progress] A/V Scans hanging up
« Reply #20 on: September 03, 2015, 09:21:27 PM »
Scan ran well until  Time elapsed: 00:15:29  and stopped, incomplete 
Items scanned:  1376844
Item: C:\Windows\Installer\$PatchCache$\Mnaaged\00004109D30000000000000000F01FEC\14.0.4763\)...  cannot read the rest

Offline PGB

  • Bronze Member
  • Posts: 381
Re: [In Progress] A/V Scans hanging up
« Reply #21 on: September 04, 2015, 08:45:16 AM »
I mistyped ...  Item: C:\Windows\Installer\$PatchCache$\Mnaaged\000041
 should read  Managed\000041....

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27137
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] A/V Scans hanging up
« Reply #22 on: September 04, 2015, 11:29:59 AM »
Curious, it always seems to lockup right about 15 minutes. Run a scan with Malwarebytes' Anti-Malware and see if it runs all the way thru  still.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline PGB

  • Bronze Member
  • Posts: 381
Re: [In Progress] A/V Scans hanging up
« Reply #23 on: September 04, 2015, 06:41:21 PM »
MBAM ran with no problems, to finish.  No threats identified.

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27137
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] A/V Scans hanging up
« Reply #24 on: September 04, 2015, 07:13:22 PM »
Go to http://www.eset.com/us/online-scanner/ and click on the Run ESET Online Scan button. Do this in IE. Follow the instructions. Let me know how the scan goes.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline PGB

  • Bronze Member
  • Posts: 381
Re: [In Progress] A/V Scans hanging up
« Reply #25 on: September 05, 2015, 05:41:15 AM »
Ran ESET Online scan in IE.  Scan Finished in 00:14:14.  No threats found.

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27137
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] A/V Scans hanging up
« Reply #26 on: September 05, 2015, 06:21:44 PM »
Well isn't that curious. Is Microsoft Security Essentials set on the default settings, or have you changed any settings?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline PGB

  • Bronze Member
  • Posts: 381
Re: [In Progress] A/V Scans hanging up
« Reply #27 on: September 05, 2015, 06:43:20 PM »
Am not aware of changing any settings, ...where would I see that?  I do not have it set on real-time, as MBAB covers that. 

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27137
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] A/V Scans hanging up
« Reply #28 on: September 06, 2015, 09:07:45 AM »
You should still have it set on real-time. I have ESET and Malwarebytes' Anti-Malware both installed running real-time scans.

Instead of checking settings, lets do an uninstall and reinstall of Microsoft Security Essentials.

Use this uninstaller to uninstall it. You can get the installation tool from here, make sure to get the correct language version.

Download both files then disconnect from the internet. Then uninstall Microsoft Security Essentials (using the tool) and run a scan with Ccleaner, remove any temporary files, then reboot and reinstall MSE. Once you have it installed reboot the computer again, reconnect to the internet and run an update on it. Now run a scan again and see if it hangs up again.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline PGB

  • Bronze Member
  • Posts: 381
Re: [In Progress] A/V Scans hanging up
« Reply #29 on: September 06, 2015, 09:32:28 AM »
Question:  The uninstaller  http://www.bleepingcomputer.com/download/microsoft-security-essentials-removal-tool/  forwards to a page that says  "Object moved to here"  and "here" is a link to
http://download.microsoft.com/download/0/A/A/0AAAE105-9EDB-45ED-B5F9-1E3C333A28D6/MicrosoftFixit50692.msi  called Windows Installer package.  I disconnect from the internet and it installs MictosoftFixIt50692.msi   Is this correct?