System Windows Explorer stürzt beim Schliessen eines Fensters ab

Problemsignatur
Problemereignisame: BEX
Anwendungsname: Explorer.EXE
Anwendungsversion: 6.0.6002.18005
Anwendungszeitstempel: 49e01da5
Fehlermodulname: safe_url.dll_unloaded
Fehlermodulversion: 0.0.0.0
Fehlermodulzeitstempel: 5587aa3f
Ausnahmeoffset: 090b95b0
Ausnahmecode: c0000005
Ausnahmedaten: 00000008
Betriebsystemversion: 6.0.6002.2.2.0.768.3
Gebietsschema-ID: 3079
Zusatzinformation 1: fd00
Zusatzinformation 2: ea6f5fe8924aaa756324d57f87834160
Zusatzinformation 3: fd00
Zusatzinformation 4: ea6f5fe8924aaa756324d57f87834160

Dateien zur Beschreibung des Problems
Version.txt
AppCompat.txt
memory.hdmp
minidump.mdmp

Protokollname: Application
Quelle: Application Error
Datum: 29.02.2016 00:55:42
Ereignis-ID: 1000
Aufgabenkategorie100)
Ebene: Fehler
Schlüsselwörter:Klassisch
Benutzer: Nicht zutreffend
Computer: *********-PC
Beschreibung:
Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x091195b0, Prozess-ID 0x3418, Anwendungsstartzeit 01d1727c9425a020.
Ereignis-XML:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-02-28T23:55:42.000Z" />
<EventRecordID>44054</EventRecordID>
<Channel>Application</Channel>
<Computer>*******-PC</Computer>
<Security />
</System>
<EventData>
<Data>Explorer.EXE</Data>
<Data>6.0.6002.18005</Data>
<Data>49e01da5</Data>
<Data>unknown</Data>
<Data>0.0.0.0</Data>
<Data>00000000</Data>
<Data>c0000005</Data>
<Data>091195b0</Data>
<Data>3418</Data>
<Data>01d1727c9425a020</Data>
</EventData>
</Event>

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:04:41, on 29.02.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16748)

FIREFOX: 38.0.5 (x86 de)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\ASScrPro.exe
C:\Program Files\ZTE Join Air\UIExec.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Vidalia Relay Bundle\Vidalia\vidalia.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Users\Harald\AppData\Roaming\UpdateStar\UpdateStar.exe
C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\AVG\Av\avgui.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Vidalia Relay Bundle\Tor\tor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Installer\WLSettings.exe
C:\Users\Harald\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\Harald\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\7b4e384f5b096b9656fee276ba88bb81\HijackThis_2.0.5.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUS Deutschland
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUS Deutschland
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? Hotmail, Bing, Outlook, Skype, Apps, Games, Windows
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn11\yt.dll
O1 - Hosts: # Copyright (c) 1993-1999 Microsoft Corp.
O1 - Hosts: 60.190.218.24 kavkiskey.com
O1 - Hosts: 60.190.218.24 kavkiskey.com
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: GMX MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll
O2 - BHO: (no name) - {E6D66045-F951-4DBF-962E-993B4FB6A9E0} - C:\Users\Harald\AppData\LocalLow\Browser-Security\safe_url.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: GMX MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files\ZTE Join Air\UIExec.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Av\avuirunnerx.exe" C:\Program Files\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Relay Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [UpdateStar] "C:\Users\Harald\AppData\Roaming\UpdateStar\UpdateStar.exe" -A
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Web Companion] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Global Startup: GetRight.lnk = C:\Program Files\GetRight\GetRight.exe
O8 - Extra context menu item: Download with GetRight Pro - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: gmx - {8FAF0273-9CA8-4EFC-9536-1E35E254D5CD} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files\ZTE Join Air\AssistantServices.exe
O23 - Service: vToolbarUpdater40.2.6 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 15301 bytes

C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Users\Harald\AppData\Roaming\UpdateStar\UpdateStar.exe
C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe

C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe

C:\Users\Harald\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\Harald\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a
Die zwei Einträge gehören zum Chip-Downloader und CHIP Secured Installer

R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn11\yt.dll
Der Yahoo URL-SearchHook wird allgemein als unerwünscht eingestuft.

O1 - Hosts: 60.190.218.24 kavkiskey.com
O1 - Hosts: 60.190.218.24 kavkiskey.com
das sieht mir sehr verdächtig aus. Hast du das selbst in die Hostdatei eingetragen? Wenn nicht, dann entfernen.

Die folgenden BHO und Toolbars sollten sehr kritisch betrachtet werden. Jedes BHO und jede Toolbar öffnet ein Tor nach draußen. Damit kann Malware eindringen. Den IObit-Uninstaller kann man behalten, aber nicht als BHO.
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit
\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: GMX MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll
O2 - BHO: (no name) - {E6D66045-F951-4DBF-962E-993B4FB6A9E0} - C:\Users\Harald\AppData\LocalLow\Browser-Security\safe_url.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs
\cpn0\YTSingleInstance.dll

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

Es folgen im Hijack-Log 22 Autostart-Einträge. Da brauch man sich nicht zu wundern dass Windows bzw der Explorer "spinnt". Sollten auf das unbedingt notwendige Maß reduziert werden.

Es folgen 5 Einträge zu Lavasoft. Wenn du die nicht absichtlich installiert hast, solltest du sie entfernen.
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll


O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
Wenn du Yahoo nicht absichtlich installiert hast, solltest du es entfernen.

# AdwCleaner v3.309 - Bericht erstellt am 01/03/2016 um 13:00:29
# Aktualisiert 02/09/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : H- H-PC
# Gestartet von : C:\Users\H\Downloads\adwcleaner_3.309_CB-DL-Manager [1].exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\H\AppData\Roaming\Mozilla\Firefox\Profiles\lyea7h4g.default-1451307230502\searchplugins\avg-secure-search.xml
Ordner Gefunden : C:\Program Files\Common Files\AVG Secure Search
Ordner Gefunden : C:\ProgramData\AVG Secure Search
Ordner Gefunden : C:\ProgramData\AVG Security Toolbar

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\23556fb1360f366337f97c924e76ead3
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Headlight
Schlüssel Gefunden : HKCU\Software\Headlight
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Smart Driver Updater_is1
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\UpdateStar
Schlüssel Gefunden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16748

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.bing.com/?pc=COSP&ptag=D022416-A6B219395BABB4E59ADF&form=CONMHP&conlogo=CT3332005

-\\ Mozilla Firefox v38.0.5 (x86 de)

[ Datei : C:\Users\h\AppData\Roaming\Mozilla\Firefox\Profiles\2lok3ej7.default\prefs.js ]


[ Datei : C:\Users\H\AppData\Roaming\Mozilla\Firefox\Profiles\lyea7h4g.default-1451307230502\prefs.js ]

Zeile gefunden : user_pref("avg.wtu.ext.extParams", "{\"action\":\"extParams\",\"data\":{\"searchParams\":{\"pid\":\"wtu\",\"cid\":\"{db543e30-b44a-4ad5-8e38-720e4047d640}\",\"mid\":\"f661af2b5a92a606c28ed8c0c8001eab-[...]
Zeile gefunden : user_pref("browser.newtab.url", "hxxp://www.bing.com/?pc=COSP&ptag=D022416-A6B219395BABB4E59ADF&form=CONMHP&conlogo=CT3332005");
Zeile gefunden : user_pref("browser.newtabpage.url", "hxxp://www.bing.com/?pc=COSP&ptag=D022416-A6B219395BABB4E59ADF&form=CONMHP&conlogo=CT3332005");
Zeile gefunden : user_pref("browser.startup.homepage", "hxxp://www.bing.com/?pc=COSP&ptag=D022416-A6B219395BABB4E59ADF&form=CONMHP&conlogo=CT3332005");

*************************

AdwCleaner[R0].txt - [9837 octets] - [11/09/2014 15:28:42]
AdwCleaner[R1].txt - [10546 octets] - [09/06/2015 15:02:03]
AdwCleaner[R2].txt - [11316 octets] - [11/06/2015 14:28:24]
AdwCleaner[R3].txt - [3853 octets] - [22/07/2015 23:20:18]
AdwCleaner[R4].txt - [3913 octets] - [22/07/2015 23:49:47]
AdwCleaner[R5].txt - [5162 octets] - [01/03/2016 12:49:59]
AdwCleaner[R6].txt - [5021 octets] - [01/03/2016 13:00:29]
AdwCleaner[S0].txt - [11200 octets] - [12/06/2015 00:24:55]

########## EOF - C:\AdwCleaner\AdwCleaner[R6].txt - [5142 octets] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 01.03.2016
Suchlaufzeit: 02:29:16
Protokolldatei:
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.02.29.05
Rootkit-Datenbank: v2016.02.27.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: +++++++

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 372918
Abgelaufene Zeit: 30 Min., 0 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 1
PUP.Optional.MultiIE, C:\Users\+++++++\AppData\LocalLow\Browser-Security\safe_url.dll, , [61188bdb41588bab4686d4deae5446ba],

Registrierungsschlüssel: 12
PUP.Optional.MultiIE, HKLM\SOFTWARE\CLASSES\CLSID\{E6D66045-F951-4DBF-962E-993B4FB6A9E0}, , [61188bdb41588bab4686d4deae5446ba],
PUP.Optional.MultiIE, HKLM\SOFTWARE\CLASSES\CLSID\{E6D66045-F951-4DBF-962E-993B4FB6A9E0}\INPROCSERVER32, , [61188bdb41588bab4686d4deae5446ba],
PUP.Optional.MultiIE, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E6D66045-F951-4DBF-962E-993B4FB6A9E0}, , [61188bdb41588bab4686d4deae5446ba],
PUP.Optional.MultiIE, HKU\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E6D66045-F951-4DBF-962E-993B4FB6A9E0}, , [61188bdb41588bab4686d4deae5446ba],
PUP.Optional.MultiIE, HKU\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E6D66045-F951-4DBF-962E-993B4FB6A9E0}, , [61188bdb41588bab4686d4deae5446ba],
PUP.Optional.MultiIE, HKU\S-1-5-21-3867315891-1915105375-3091467415-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E6D66045-F951-4DBF-962E-993B4FB6A9E0}, , [61188bdb41588bab4686d4deae5446ba],
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [3346b4b21089b284868a9d907c88df21],
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}, , [13667bebd5c4df574cc481acb351b050],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Bidaily Synchronize Task[973b], , [eb8eb8aecacfd660d9b9f6108084b34d],
PUP.Optional.WinYahoo, HKU\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\wincy, , [82f7ef77b3e644f2ad5731dd52b131cf],
PUP.Optional.WinYahoo, HKU\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [a3d6ec7aabee2214739b84a935cf0af6],
PUP.Optional.ProductSetup, HKU\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\PRODUCTSETUP, , [e891a3c31a7f49edd07b37d61be95da3],

Registrierungswerte: 7
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Yahoo Suche ? Websuche & Suchmaschine Vista (TM) Home Premium&p={searchTerms}, [3346b4b21089b284868a9d907c88df21], %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, Yahoo Suche ? Websuche & Suchmaschine Vista (TM) Home Premium&p={searchTerms}, [1d5c3333d7c2fb3b5db39e8f9e6646ba], %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|URL, Yahoo Suche ? Websuche & Suchmaschine Vista (TM) Home Premium&p={searchTerms}, [13667bebd5c4df574cc481acb351b050], %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|TopResultURLFallback, Yahoo Suche ? Websuche & Suchmaschine Vista (TM) Home Premium&p={searchTerms}, [0c6de77f3a5fa78f809071bc12f2cf31], %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, Yahoo Suche ? Websuche & Suchmaschine Vista (TM) Home Premium&p={searchTerms}, [a3d6ec7aabee2214739b84a935cf0af6], %5
PUP.Optional.Conduit, HKU\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURL, http://www.bing.com/search?pc=COSP&ptag=D022416-A6B219395BABB4E59ADF&form=CONBDF&conlogo=CT3332005&q={searchTerms}, , [a1d8e77f8a0f0f2760425992867d41bf]
PUP.Optional.ProductSetup, HKU\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\PRODUCTSETUP|tb, 0X1F1T1V1G1G, , [e891a3c31a7f49edd07b37d61be95da3]

Registrierungsdaten: 1
PUP.Optional.Conduit, HKU\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, Bing, Gut: (Google), Schlecht: (Bing),,[ea8f98ce5049d95d1a8f1de0897b5ca4]

Ordner: 20
PUP.Optional.MultiPlug.Gen, C:\ProgramData\7346885875457339532, , [e9909ccac8d1da5cfc9a00dcb94abc44],
PUP.Optional.CrossRider, C:\Program Files\CinemaP-1.9cV28.09, , [00795115564321155d856e802ad92dd3],
PUP.Optional.BrowserSecurity, C:\Users\+++++++\AppData\LocalLow\Browser-Security, , [8fea6ef8d8c137ffe67634f9e51f827e],
PUP.Optional.Acengine.WnskRST, C:\Windows\System32\config\systemprofile\AppData\Local\acengine, , [e8917de900992b0bfe72a8ba4db74bb5],
PUP.Optional.OurSurfing.ShrtCln, C:\Users\+++++++\AppData\Roaming\oursurfing, , [0475d6909cfd79bdfd4e0dc330d2639d],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Cache, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extension Rules, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extension State, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Session Storage, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.BrowserSecurity, C:\Users\+++++++\AppData\Roaming\Browser-Security, , [e495075f1287c2741167718ade2440c0],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\extensionData, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\icons, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\icons\actions, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.SetSearchSetting, C:\Users\hajori\AppData\Roaming\Mozilla\Firefox\Profiles\2lok3ej7.default\extensions\{23BA1545-A651-4EDB-9568-45BE0CBAE475}, , [6f0a36308e0bdf5711b73aee7a8b6e92],

Dateien: 89
PUP.Optional.MultiIE, C:\Users\+++++++\AppData\LocalLow\Browser-Security\safe_url.dll, , [61188bdb41588bab4686d4deae5446ba],
PUP.Optional.InstallCore, C:\Users\+++++++\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C\Adobe Reader Packages\uninstaller.exe, , [82f73531bfdac4729357b28b2fd2ad53],
PUP.Optional.InstallCore, C:\Users\+++++++\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C\ASUS Data Security Manager Packages\uninstaller.exe, , [98e1471fd1c8ce680cdea895c23f20e0],
PUP.Optional.InstallCore, C:\Users\+++++++\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C\Java Update Packages\uninstaller.exe, , [3544f2749603e254a149f04d45bca060],
PUP.Optional.InstallCore, C:\Users\Harald\Downloads\UpdateStar_10-1265GER_installer.exe, , [6a0f283e8316c86e069b5209f908da26],
Trojan.Agent, C:\Users\+++++++\AppData\Roaming\svchost.exe.tmp, , [d8a189ddbbde67cfef515579c53e13ed],
PUP.Optional.OurSurfing.ShrtCln, C:\Program Files\Mozilla Firefox\browser\searchplugins\oursurfing.xml, , [4c2d36303d5c79bd538d01d7d72c06fa],
PUP.Optional.WinYahoo, C:\Users\+++++++\AppData\LocalLow\Microsoft\Internet Explorer\Services\WinYahoo.ico, , [b7c22a3ccfca2412f18d74658380649c],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\7346885875457339532\0761db6a09db839a66ffa2b60655e352.ini, , [e9909ccac8d1da5cfc9a00dcb94abc44],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\7346885875457339532\0912c0dc1e513b1266ffa2b60655e352.ini, , [e9909ccac8d1da5cfc9a00dcb94abc44],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\7346885875457339532\29ed52a6943da83dad190132a9a9e00d.ini, , [e9909ccac8d1da5cfc9a00dcb94abc44],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\7346885875457339532\4717f374fb4a996aad190132a9a9e00d.ini, , [e9909ccac8d1da5cfc9a00dcb94abc44],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\7346885875457339532\7581323da2aedcc9ad190132a9a9e00d.ini, , [e9909ccac8d1da5cfc9a00dcb94abc44],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\7346885875457339532\a8aa984433799aa966ffa2b60655e352.ini, , [e9909ccac8d1da5cfc9a00dcb94abc44],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\7346885875457339532\aaee60a831c4568966ffa2b60655e352.ini, , [e9909ccac8d1da5cfc9a00dcb94abc44],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\7346885875457339532\b4f73acb236bcd2ead190132a9a9e00d.ini, , [e9909ccac8d1da5cfc9a00dcb94abc44],
PUP.Optional.CrossRider, C:\Program Files\CinemaP-1.9cV28.09\bgNova.html, , [00795115564321155d856e802ad92dd3],
PUP.Optional.CrossRider, C:\Program Files\CinemaP-1.9cV28.09\c7f87861-80f9-43ed-982c-8f3f48e72905.crx, , [00795115564321155d856e802ad92dd3],
PUP.Optional.CrossRider, C:\Program Files\CinemaP-1.9cV28.09\c7f87861-80f9-43ed-982c-8f3f48e72905.xpi, , [00795115564321155d856e802ad92dd3],
PUP.Optional.WinYahoo, C:\Users\+++++++\AppData\LocalLow\Microsoft\Internet Explorer\Services\Wincy.ico, , [4138095d29707abc8bc8e547c63e768a],
PUP.Optional.BrowserSecurity, C:\Users\+++++++\AppData\LocalLow\Browser-Security\safe_url.dat, , [8fea6ef8d8c137ffe67634f9e51f827e],
PUP.Optional.BrowserSecurity, C:\Users\+++++++\AppData\LocalLow\Browser-Security\session.dat, , [8fea6ef8d8c137ffe67634f9e51f827e],
PUP.Optional.Acengine.WnskRST, C:\Windows\System32\config\systemprofile\AppData\Local\acengine\acengine.ini, , [e8917de900992b0bfe72a8ba4db74bb5],
PUP.Optional.OurSurfing.ShrtCln, C:\Users\+++++++\AppData\Roaming\oursurfing\inst1.dat, , [0475d6909cfd79bdfd4e0dc330d2639d],
PUP.Optional.OurSurfing.ShrtCln, C:\Users\+++++++\AppData\Roaming\oursurfing\unipc.dat, , [0475d6909cfd79bdfd4e0dc330d2639d],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\chrome.dat, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\First Run, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Local State, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Cookies, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Cookies-journal, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Current Session, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Current Tabs, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Favicons, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Favicons-journal, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\History, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\History-journal, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Login Data, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Login Data-journal, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Network Action Predictor, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Network Action Predictor-journal, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Preferences, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\README, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Secure Preferences, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Shortcuts, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Shortcuts-journal, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Top Sites, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Top Sites-journal, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Visited Links, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Web Data, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Web Data-journal, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Cache\data_0, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Cache\data_1, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Cache\data_2, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Cache\data_3, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Cache\index, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extension Rules\000003.log, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extension Rules\CURRENT, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extension Rules\LOCK, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extension Rules\LOG, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extension Rules\MANIFEST-000002, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extension State\000003.log, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extension State\CURRENT, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extension State\LOCK, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extension State\LOG, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extension State\MANIFEST-000002, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Session Storage\000003.log, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Session Storage\CURRENT, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Session Storage\LOCK, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Session Storage\LOG, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.CrossBrowse, C:\Users\+++++++\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Session Storage\MANIFEST-000002, , [c0b90c5a495044f2eb7510c932d020e0],
PUP.Optional.BrowserSecurity, C:\Users\+++++++\AppData\Roaming\Browser-Security\license.rtf, , [e495075f1287c2741167718ade2440c0],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\background.html, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\chromeCoreFilesIndex.txt, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\manifest.json, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\popup.html, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\Settings.json, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\extensionData\manifest.xml, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\extensionData\plugins.json, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\icons\icon128.png, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\icons\icon16.png, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\icons\icon48.png, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.CrossRider, C:\Users\+++++++\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.99_0\icons\actions\1.png, , [c7b2ee785d3c13234542a4594eb4ce32],
PUP.Optional.SetSearchSetting, C:\Users\++++++i\AppData\Roaming\Mozilla\Firefox\Profiles\2lok3ej7.default\extensions\{23BA1545-A651-4EDB-9568-45BE0CBAE475}\install.rdf, , [6f0a36308e0bdf5711b73aee7a8b6e92],
PUP.Optional.SetSearchSetting, C:\Users\++++++i\AppData\Roaming\Mozilla\Firefox\Profiles\2lok3ej7.default\extensions\{23BA1545-A651-4EDB-9568-45BE0CBAE475}\bootstrap.js, , [6f0a36308e0bdf5711b73aee7a8b6e92],
PUP.Optional.SetSearchSetting, C:\Users\++++++i\AppData\Roaming\Mozilla\Firefox\Profiles\2lok3ej7.default\extensions\{23BA1545-A651-4EDB-9568-45BE0CBAE475}\search.json, , [6f0a36308e0bdf5711b73aee7a8b6e92],
PUP.Optional.WinYahoo, C:\Users\++++++i\AppData\Roaming\Mozilla\Firefox\Profiles\2lok3ej7.default\prefs.js, Gut: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (user_pref("browser.startup.homepage", "http://at.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_), ,[f782c1a55049fe381b77f5380302d729]
PUP.Optional.WinYahoo, C:\Users\++++++i\AppData\Roaming\Mozilla\Firefox\Profiles\2lok3ej7.default\prefs.js, Gut: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (user_pref("browser.startup.homepage", "http://at.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_ir_15_40&param1=1&param2=f,[c9b030366b2e270f850e4de0f0153dc3]D1%26b,[c9b030366b2e270f850e4de0f0153dc3]DFirefox%26cc,[c9b030366b2e270f850e4de0f0153dc3]Dat%26pa,[c9b030366b2e270f850e4de0f0153dc3]DWinYahoo), %5
PUP.Optional.Conduit, C:\Users\+++++++\AppData\Roaming\Mozilla\Firefox\Profiles\lyea7h4g.default-1451307230502\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "http://www.bing.com/?pc=COSP&ptag=D022416-A6B219395BABB4E59ADF&form=CONMHP&conlogo=CT3332005"), ,[abce7aec3267072fe0a6949037ce41bf]
PUP.Optional.Conduit, C:\Users\+++++++\AppData\Roaming\Mozilla\Firefox\Profiles\lyea7h4g.default-1451307230502\prefs.js, Gut: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (user_pref("browser.startup.homepage", "http://www.bing.com/?pc=COSP&ptag=D022416-A6B219395BABB4E59ADF&form=CONMHP&conlogo=CT3332005), ,[295080e647523bfb447d909cd82dde22]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

360 Tage Scan

OTL Extras logfile created on: 01.03.2016 23:57:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Harald\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 0,83 Gb Available Physical Memory | 27,56% Memory free
6,20 Gb Paging File | 1,81 Gb Available in Paging File | 29,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 22,44 Gb Free Space | 19,27% Space Free | Partition Type: NTFS
Drive D: | 106,67 Gb Total Space | 76,35 Gb Free Space | 71,57% Space Free | Partition Type: NTFS

Computer Name: HARALD-PC | User Name: Harald | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09616038-F1A4-4F38-8584-448CEC615275}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{0F1014FF-05EB-4C88-BD8A-B0773AF91F81}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0FC5B7A3-ECF7-47DE-9C0A-EE797CA41F48}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1A73BDF1-69D3-4AD8-8A92-ABBC55835B25}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1FC3D596-EDC0-4037-8347-ECAB7A15EF0B}" = rport=137 | protocol=17 | dir=out | app=system |
"{224C1403-4974-4AA8-8846-74EFB3DBFEB3}" = rport=2869 | protocol=6 | dir=out | app=system |
"{24692F1D-24CE-48E7-B632-1360EB404E5A}" = rport=445 | protocol=6 | dir=out | app=system |
"{2A300B9A-3683-46CC-B655-4544A4403E56}" = lport=139 | protocol=6 | dir=in | app=system |
"{30618D19-E447-4BFA-BE58-E3E4671A54AE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{316FA779-0D06-4A62-AE86-94983D139964}" = rport=139 | protocol=6 | dir=out | app=system |
"{3AFD5247-98A7-46FD-92D1-D54C2E2AF3C4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3E85095F-1623-4F68-B211-9CEC967A264B}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{41CE2F60-441C-44E7-B21D-5A34EAAB54F7}" = lport=445 | protocol=6 | dir=in | app=system |
"{427FA5B7-847E-4C92-BF81-059AB5E31378}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{4B5C49D9-BDB2-463A-A3D4-6E93E7AF3A4F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{55EFF609-3208-423E-A6EC-8B1BEAC2EF73}" = lport=2869 | protocol=6 | dir=in | app=system |
"{574C018D-89F6-462F-B423-638113D0CBC5}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{66D6CC8B-D146-4242-9182-7422A393FE06}" = lport=138 | protocol=17 | dir=in | app=system |
"{69BEBB72-16DD-4E19-ACB4-686FDF68720E}" = lport=137 | protocol=17 | dir=in | app=system |
"{6F0B5B5B-2E16-420C-B423-77DC4F7C24B4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6FC1AC9A-27CE-422D-83A5-159EA10B5439}" = rport=138 | protocol=17 | dir=out | app=system |
"{7121C172-3759-4EC1-AFFE-A70A40B6EDB9}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{7B191B69-56CE-4AB1-94E1-260F5DA36800}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7B8FFD2A-A4EA-49E2-93B6-A07FDEDC1310}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{86E863B8-A713-4FDF-B0E2-B377257E2F7D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8BB983CB-7F71-4332-9121-902B27EE9A81}" = lport=2869 | protocol=6 | dir=in | app=system |
"{95EF8C0A-ED4E-4DBE-8A67-88B7E3545C1A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9E437A3F-47CF-4079-BBE3-2E435A58DB82}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9F85CD2F-DDBA-42C3-81E7-5CF1404267BF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BF2994AA-E36C-4B5C-8A4F-3483769AB3EC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CAFB43DD-F003-4756-876C-689054AEC1AA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{D0D42B5E-4AD8-434C-9812-817C593A1ED9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DDB968EB-764A-4635-875D-7FD4B4A91554}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E9D6FB25-2946-45DD-895E-4A0ADDB14EE5}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C7F975-07F8-4770-BA68-4FA97234EE35}" = protocol=6 | dir=in | app=c:\program files\avg\av\avgmfapx.exe |
"{098E24B4-7B78-4459-A8FC-78A8D0824EB9}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 breitband\a1breitband.exe |
"{0DF9775D-7FB5-48CE-B3FE-0A3738EBA34D}" = protocol=17 | dir=in | app=c:\program files\avg\av\avgdiagex.exe |
"{1002385C-0028-40AC-A0CA-50576507D408}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1122A716-C74D-4EB5-ACCF-31D55831AA87}" = dir=in | app=c:\program files\iobit\driver booster\dbdownloader.exe |
"{13D492B6-7FAC-4D8D-B479-BC2B4AB34FD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{15E2C7C7-C582-4018-A801-0491762F2531}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 wlan optimierer\a1wlanoptimierer.exe |
"{18E6861D-B34D-4C9F-9645-9A9F3B6CCAA9}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1cmdtool.exe |
"{1FDDC087-02E8-4A75-9599-06F0B75EADF5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{218E3EAF-9EFD-4177-8712-98889E88C344}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe |
"{2EA38B4C-AFEB-4B60-B18A-B3D73692835E}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1wlanassistent.exe |
"{30095CB0-B5F7-4D10-BFD2-1CC4EBEAADE4}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1cmdtool.exe |
"{31E1767E-9EAA-41E8-BEF5-F76704E25EF5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{34A133AF-FEEB-4E66-8815-3DBAC86AFE56}" = protocol=6 | dir=in | app=c:\program files\avg\av\avgnsx.exe |
"{37ABC9D5-2FF4-4E25-881C-690DF7F9F67E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3AF5811F-D343-4016-830C-9FF1118AF18C}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{449258DD-8629-4420-A8DE-62E434746069}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1wlanassistent.exe |
"{45835957-00AE-41E7-8E84-79AD93964388}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 bandbreiten-optimierer\a1_bandbreiten_optimierer.exe |
"{45975EE4-B406-4225-A1D8-CFD1D681E751}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1modemkonfigurator.exe |
"{477C03E8-2DB3-4B46-A06C-C1FCE123E916}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{496A506A-27F0-457B-81BF-33698AF5B311}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FE22AA7-FF30-445F-B2C3-CDD61B68CA5F}" = dir=out | app=c:\program files\iobit\driver booster\dbdownloader.exe |
"{51C4EEE7-3A6D-4ABB-BA4D-CB8526493308}" = protocol=6 | dir=out | app=system |
"{53784497-44ED-4A15-9556-1CE5B3D3CB37}" = protocol=17 | dir=in | app=c:\program files\avg\av\avgmfapx.exe |
"{54FA6AAA-788D-479D-86F5-661602BA20D3}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{60B7D3D6-CBB1-49A2-93FC-FEF2AE682CFE}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe |
"{629981E4-54C5-4D9F-A604-13DAA8BBAC3F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{62FAD43C-78FE-4D91-9350-ED9E47D95F91}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66980032-D168-4E6F-9E4A-02DEFC7272AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6E7C71C9-CA48-4235-8C01-89EA2E92537A}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 breitband\a1breitband.exe |
"{737A4066-9D10-4127-98B2-6FDB1956E36D}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 breitband\a1breitband.exe |
"{7688D7AF-172B-41C0-81A8-303C8A21979A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{802AEFC2-FF60-4FD0-B442-155F4305BF78}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 servicecenter\start.exe |
"{8104316C-E2D4-455D-BC71-EC8FD808C9B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{82BA8039-8E4C-4776-9EE3-8AAC931FBBA7}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{85CEA153-9065-4E16-B966-C90E7B4A42BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{85F04C28-F4FB-45F1-A614-042E8E9A7965}" = dir=in | app=c:\program files\iobit\driver booster\driverbooster.exe |
"{8692B071-7FB2-4772-BE82-96B8D0BB8506}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1diagnose.exe |
"{87D0359B-806C-4717-8ACA-4417997F053A}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 modemwechsel\a1modemwechsel.exe |
"{8928666B-CDE7-46F6-8278-1751BD9B0AF5}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 wlan optimierer\a1wlanoptimierer.exe |
"{8A414080-D9D5-451C-9985-C1B3A79BC521}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1cmdtool.exe |
"{8CD7360E-1AC1-411E-AD30-9A9BEEB31462}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1cmdtool.exe |
"{8DC2F279-5483-4AAD-969F-6D02E55A652F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{90B90E47-07AB-4778-B584-030E55157579}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe |
"{99B4B907-C161-4523-AA80-E6364B2702C5}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{9B607065-B5F9-4DBC-B6F5-B2BF75F4142F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9F60FC2F-FFD4-4BFB-B539-598199EE21F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A00405FC-8055-40E9-B07E-03679F42B7F2}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{A1924BDB-E2B9-40B0-81A7-BF637FAAA372}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 breitband\a1breitband.exe |
"{A6906FEB-A515-4D1E-B578-AFD9DEC4D111}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AB9D77A5-47FC-4BDE-8AB7-8149CEBB7EDD}" = protocol=6 | dir=in | app=c:\program files\avg\av\avgdiagex.exe |
"{B6CBC45A-D16D-4721-B2F7-FE9DC58DFE03}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1wlanassistent.exe |
"{BBE70833-706D-4AB4-8E16-79CCDED3C60F}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe |
"{C24C65B7-7BE6-4C44-A4DD-FED02CB4CE8F}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{C3975CEE-2BC6-4B52-BFE2-472C73C8B972}" = dir=out | app=c:\program files\iobit\driver booster\autoupdate.exe |
"{C476826F-C5C9-47EE-8D33-D271B6B6C511}" = dir=out | app=c:\program files\iobit\driver booster\driverbooster.exe |
"{CE005A18-FA09-408F-9360-767824BA4F0D}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1mailboxen.exe |
"{D3FA1326-A61E-4D83-8594-01D3B9BDF184}" = dir=in | app=c:\program files\iobit\driver booster\autoupdate.exe |
"{D7F345BA-DA92-454F-8DAD-89288733E796}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 bandbreiten-optimierer\a1_bandbreiten_optimierer.exe |
"{D918B5A3-751C-40E9-8D1D-D5210452482E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB00B0BD-01B7-49E0-A7D2-32765A4DC69F}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 servicecenter\start.exe |
"{E0F47E09-B8CE-468F-805D-CDCFA2534BA8}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1modemkonfigurator.exe |
"{EE73AE40-7FDB-4AB5-82FE-8E33F2521F44}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1mailboxen.exe |
"{F53268F5-108B-4D33-8877-F1970E13F74E}" = protocol=17 | dir=in | app=c:\program files\avg\av\avgnsx.exe |
"{F5E97DE9-4D07-4798-A3F6-10B81EF86D69}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1diagnose.exe |
"{F6F07177-A737-41D2-BF59-17C9C5C987F2}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 modemwechsel\a1modemwechsel.exe |
"{F814D14E-A373-4CCA-9FCD-F1421709488F}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1wlanassistent.exe |
"{FE525F9B-BB6D-4701-BB66-B00B8BB73BE0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{19FBF85A-8E83-41A9-9BB1-9797CF59851C}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe |
"TCP Query User{4D5381A6-9D86-4123-9D96-67FA0C5CD28C}C:\program files\vidalia relay bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files\vidalia relay bundle\tor\tor.exe |
"TCP Query User{5AC77F5C-A0EE-48EC-BE7C-E1C0C5783DB4}C:\program files\microsoft office\office12\outlook.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"TCP Query User{87BB6E37-2A51-46FC-BE66-5E17D0D9916E}C:\program files\nero\nero8\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero8\nero home\nerohome.exe |
"TCP Query User{B9857D8B-6CC5-45D8-9B4F-2265D818372A}C:\program files\vidalia relay bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files\vidalia relay bundle\tor\tor.exe |
"UDP Query User{05B4C5AA-749B-4295-8D32-144F2866579B}C:\program files\vidalia relay bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files\vidalia relay bundle\tor\tor.exe |
"UDP Query User{30D0750A-0E35-4E9D-8B74-7B906A96FEEF}C:\program files\microsoft office\office12\outlook.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"UDP Query User{4B717501-BF1D-4D8B-948A-6AFB14C5B458}C:\program files\nero\nero8\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero8\nero home\nerohome.exe |
"UDP Query User{953E2684-AF38-4FE2-A8BC-B1C0FAA022B2}C:\program files\vidalia relay bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files\vidalia relay bundle\tor\tor.exe |
"UDP Query User{FD4B57F9-F134-46B1-8911-6794F4D138AE}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0000EF65-BE80-3B99-BDE5-84C515C3F64C}" = Microsoft .NET Framework 4.5.2 (DEU)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A844D8F-A965-11E2-9E77-B8AC6F98CCE3}" = Google Earth
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{102A3A0A-545A-4D73-A329-044310242DE5}" = AVG 2016
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{13F054F3-0B07-4D15-9E80-C55B496AB557}" = Garmin Communicator Plugin
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2396F815-84E0-4353-83D7-8B190556DA42}" = ASUS CopyProtect
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{26A24AE4-039D-4CA4-87B4-2F83218073F0}" = Java 8 Update 73
"{26A24AE4-039D-4CA4-87B4-2F83218074F0}" = Java 8 Update 74
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{2D877D7D-958C-41F7-8863-3E682CE8EEA6}" = UpdateStar
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1" = GoogleClean
"{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}" = Google Earth Pro
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4694981D-8031-4526-90BE-E5F7FB80CBB8}" = Elevated Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AC2E99A-FDFB-4745-9D7E-34DC53D60ADD}" = ANT Drivers Installer x86
"{4B75C1B1-D0C7-4E70-9EE4-09CE7F734B0C}" = UpdateStar
"{4C35C7D7-5321-4FBE-AF6E-23BC816A7D22}" = AVG
"{4d822984-3cc1-4308-8a65-2a0b2326586a}" = Web Companion
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01
"{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1" = Cliqz
"{5AD12E7A-D739-4451-9BD1-3610EC56D8F5}" = SlimDrivers
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{714dc1e5-69a4-4ecd-9552-93397e084298}" = Garmin Express
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89047E06-C9CA-4626-AB3B-3A85FA05FDF2}" = FMW 1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_STANDARD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_STANDARD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_STANDARD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_STANDARD_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_STANDARD_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.2 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0081-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1" = WinZip Driver Updater
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A5B876D-A900-4AAB-B557-DE827BE46E6C}" = Nero 8
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92D383B-FD85-4B9C-A5D9-3647C71E48A1}" = Garmin Express
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Join Air
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-0804-1033-1959-001824161310}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.16) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 341.92
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9E91711-8600-4919-AEF0-D4821F886797}_is1" = Gigaflat
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D52EDFA2-13A7-4765-8650-4AB30E6DB77F}" = Garmin Express Tray
"{D9461574-5FC0-4641-BBDC-D1038B196F55}" = Brother MFL-Pro Suite MFC-490CW
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E108ADB5-8B3E-427D-A945-EAA2FCE68913}" = Wocarson Windows Genuine Advantage Validation v1.9.40.0 Cracked V2
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EA594E28-547D-4FB5-AED8-3628EFB1474D}" = TuneUp Utilities 2014 (de-DE)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4933D9F-89CC-4CA9-B5B0-CF32968890C7}" = BookScan&Whiteboard Suite
"{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}" = FaceFilter Studio Brother Edition
"{F5A4F780-DF0C-444F-BA82-637CCF5C8052}" = Windows Live Family Safety
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}" = TuneUp Utilities 2014
"1&1 Mail & Media GmbH Toolbar IE8" = GMX MailCheck
"22A03655B083CBA48D06AC6168E58505D985A435" = Windows-Treiberpaket - Intel (NETwNv32) net (07/14/2010 13.3.0.24)
"6CF78C20C2A7F2CFD53A10716FFCBBCE4DA156A8" = Windows-Treiberpaket - Intel (NETwLv32) net (08/15/2010 13.3.0.137)
"Adobe Flash Player ActiveX" = Adobe Flash Player 20 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 20 NPAPI
"Advanced SystemCare_is1" = Advanced SystemCare 9
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"AVG" = AVG Protection
"AVG Web TuneUp" = AVG Web TuneUp
"CCleaner" = CCleaner
"CyberGhost VPN_is1" = CyberGhost VPN Patch 4.7.19
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
"Driver Booster_is1" = Driver Booster 3.2
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"GetRight Pro_is1" = GetRight
"HD Tune Pro_is1" = HD Tune Pro 5.60
"IObit Malware Fighter_is1" = IObit Malware Fighter 3
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.2.0.1024
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 38.0.5 (x86 de)" = Mozilla Firefox 38.0.5 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyKeyFinder_is1" = MyKeyFinder
"PasswdFinder_is1" = Magical Jelly Bean PasswdFinder
"Sandboxie" = Sandboxie 3.72 (32-bit)
"Smart Defrag 4_is1" = Smart Defrag 4
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"STANDARD" = Microsoft Office Standard 2007
"Tor" = Tor 0.2.4.23
"TuneUp Utilities" = TuneUp Utilities 2014
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"Vidalia" = Vidalia 0.2.21
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 5.21 (32-Bit)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Reader Packages" = Adobe Reader Packages
"ASUS Data Security Manager Packages" = ASUS Data Security Manager Packages
"Chromium" = Chromium
"Java Update Packages" = Java Update Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 28.02.2016 19:55:42 | Computer Name = Harald-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x091195b0, Prozess-ID 0x3418, Anwendungsstartzeit
01d1727c9425a020.

Error - 29.02.2016 08:39:10 | Computer Name = Harald-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung explorer.exe, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul safe_url.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x5587aa3f, Ausnahmecode 0xc0000005, Fehleroffset 0x099095b0, Prozess-ID 0x3334,
Anwendungsstartzeit 01d172838d20e300.

Error - 29.02.2016 09:32:07 | Computer Name = Harald-PC | Source = IMFservice | ID = 0
Description =

Error - 29.02.2016 09:32:07 | Computer Name = Harald-PC | Source = IMFservice | ID = 0
Description =

Error - 29.02.2016 09:38:07 | Computer Name = Harald-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.02.2016 10:49:21 | Computer Name = Harald-PC | Source = ESENT | ID = 215
Description = wlmail (6048) WindowsLiveMail0: Die Sicherung wurde abgebrochen, weil
sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
wurde.

Error - 29.02.2016 11:07:42 | Computer Name = Harald-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: ce0 Anfangszeit: 01d172f61177e817 Zeitpunkt
der Beendigung: 0

Error - 29.02.2016 11:56:51 | Computer Name = Harald-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul safe_url.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x5587aa3f, Ausnahmecode 0xc0000005, Fehleroffset 0x08aa95b0, Prozess-ID 0xf80,
Anwendungsstartzeit 01d17302f046d2c7.

Error - 29.02.2016 20:43:18 | Computer Name = Harald-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul safe_url.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x5587aa3f, Ausnahmecode 0xc0000005, Fehleroffset 0x09ac95b0, Prozess-ID 0xac8,
Anwendungsstartzeit 01d17309d2739567.

Error - 29.02.2016 21:34:36 | Computer Name = Harald-PC | Source = Application Error | ID = 1000
Error - 29.02.2016 22:08:52 | Computer Name = Harald-PC | Source = Application Error
| ID = 1000

Description = Fehlerhafte Anwendung explorer.exe, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul safe_url.dll_unloaded, Version 0.0.0.0, Zeitstempel 0x5587aa3f, Ausnahmecode 0xc0000005, Fehleroffset 0x085095b0,
Prozess-ID 0x2de8, Anwendungsstartzeit 01d1735a958e7840.

Error encountered while reading event logs.

< End of report >

30 Tage Scan

OTL Extras logfile created on: 02.03.2016 00:38:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Harald\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 0,83 Gb Available Physical Memory | 27,55% Memory free
6,20 Gb Paging File | 1,72 Gb Available in Paging File | 27,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 22,44 Gb Free Space | 19,27% Space Free | Partition Type: NTFS
Drive D: | 106,67 Gb Total Space | 76,35 Gb Free Space | 71,57% Space Free | Partition Type: NTFS

Computer Name: HARALD-PC | User Name: Harald | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09616038-F1A4-4F38-8584-448CEC615275}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{0F1014FF-05EB-4C88-BD8A-B0773AF91F81}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0FC5B7A3-ECF7-47DE-9C0A-EE797CA41F48}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1A73BDF1-69D3-4AD8-8A92-ABBC55835B25}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1FC3D596-EDC0-4037-8347-ECAB7A15EF0B}" = rport=137 | protocol=17 | dir=out | app=system |
"{224C1403-4974-4AA8-8846-74EFB3DBFEB3}" = rport=2869 | protocol=6 | dir=out | app=system |
"{24692F1D-24CE-48E7-B632-1360EB404E5A}" = rport=445 | protocol=6 | dir=out | app=system |
"{2A300B9A-3683-46CC-B655-4544A4403E56}" = lport=139 | protocol=6 | dir=in | app=system |
"{30618D19-E447-4BFA-BE58-E3E4671A54AE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{316FA779-0D06-4A62-AE86-94983D139964}" = rport=139 | protocol=6 | dir=out | app=system |
"{3AFD5247-98A7-46FD-92D1-D54C2E2AF3C4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3E85095F-1623-4F68-B211-9CEC967A264B}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{41CE2F60-441C-44E7-B21D-5A34EAAB54F7}" = lport=445 | protocol=6 | dir=in | app=system |
"{427FA5B7-847E-4C92-BF81-059AB5E31378}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{4B5C49D9-BDB2-463A-A3D4-6E93E7AF3A4F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{55EFF609-3208-423E-A6EC-8B1BEAC2EF73}" = lport=2869 | protocol=6 | dir=in | app=system |
"{574C018D-89F6-462F-B423-638113D0CBC5}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{66D6CC8B-D146-4242-9182-7422A393FE06}" = lport=138 | protocol=17 | dir=in | app=system |
"{69BEBB72-16DD-4E19-ACB4-686FDF68720E}" = lport=137 | protocol=17 | dir=in | app=system |
"{6F0B5B5B-2E16-420C-B423-77DC4F7C24B4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6FC1AC9A-27CE-422D-83A5-159EA10B5439}" = rport=138 | protocol=17 | dir=out | app=system |
"{7121C172-3759-4EC1-AFFE-A70A40B6EDB9}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{7B191B69-56CE-4AB1-94E1-260F5DA36800}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7B8FFD2A-A4EA-49E2-93B6-A07FDEDC1310}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{86E863B8-A713-4FDF-B0E2-B377257E2F7D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8BB983CB-7F71-4332-9121-902B27EE9A81}" = lport=2869 | protocol=6 | dir=in | app=system |
"{95EF8C0A-ED4E-4DBE-8A67-88B7E3545C1A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9E437A3F-47CF-4079-BBE3-2E435A58DB82}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9F85CD2F-DDBA-42C3-81E7-5CF1404267BF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BF2994AA-E36C-4B5C-8A4F-3483769AB3EC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CAFB43DD-F003-4756-876C-689054AEC1AA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{D0D42B5E-4AD8-434C-9812-817C593A1ED9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DDB968EB-764A-4635-875D-7FD4B4A91554}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E9D6FB25-2946-45DD-895E-4A0ADDB14EE5}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C7F975-07F8-4770-BA68-4FA97234EE35}" = protocol=6 | dir=in | app=c:\program files\avg\av\avgmfapx.exe |
"{098E24B4-7B78-4459-A8FC-78A8D0824EB9}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 breitband\a1breitband.exe |
"{0DF9775D-7FB5-48CE-B3FE-0A3738EBA34D}" = protocol=17 | dir=in | app=c:\program files\avg\av\avgdiagex.exe |
"{1002385C-0028-40AC-A0CA-50576507D408}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1122A716-C74D-4EB5-ACCF-31D55831AA87}" = dir=in | app=c:\program files\iobit\driver booster\dbdownloader.exe |
"{13D492B6-7FAC-4D8D-B479-BC2B4AB34FD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{15E2C7C7-C582-4018-A801-0491762F2531}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 wlan optimierer\a1wlanoptimierer.exe |
"{18E6861D-B34D-4C9F-9645-9A9F3B6CCAA9}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1cmdtool.exe |
"{1FDDC087-02E8-4A75-9599-06F0B75EADF5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{218E3EAF-9EFD-4177-8712-98889E88C344}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe |
"{2EA38B4C-AFEB-4B60-B18A-B3D73692835E}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1wlanassistent.exe |
"{30095CB0-B5F7-4D10-BFD2-1CC4EBEAADE4}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1cmdtool.exe |
"{31E1767E-9EAA-41E8-BEF5-F76704E25EF5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{34A133AF-FEEB-4E66-8815-3DBAC86AFE56}" = protocol=6 | dir=in | app=c:\program files\avg\av\avgnsx.exe |
"{37ABC9D5-2FF4-4E25-881C-690DF7F9F67E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3AF5811F-D343-4016-830C-9FF1118AF18C}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{449258DD-8629-4420-A8DE-62E434746069}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1wlanassistent.exe |
"{45835957-00AE-41E7-8E84-79AD93964388}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 bandbreiten-optimierer\a1_bandbreiten_optimierer.exe |
"{45975EE4-B406-4225-A1D8-CFD1D681E751}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1modemkonfigurator.exe |
"{477C03E8-2DB3-4B46-A06C-C1FCE123E916}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{496A506A-27F0-457B-81BF-33698AF5B311}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FE22AA7-FF30-445F-B2C3-CDD61B68CA5F}" = dir=out | app=c:\program files\iobit\driver booster\dbdownloader.exe |
"{51C4EEE7-3A6D-4ABB-BA4D-CB8526493308}" = protocol=6 | dir=out | app=system |
"{53784497-44ED-4A15-9556-1CE5B3D3CB37}" = protocol=17 | dir=in | app=c:\program files\avg\av\avgmfapx.exe |
"{54FA6AAA-788D-479D-86F5-661602BA20D3}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{60B7D3D6-CBB1-49A2-93FC-FEF2AE682CFE}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe |
"{629981E4-54C5-4D9F-A604-13DAA8BBAC3F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{62FAD43C-78FE-4D91-9350-ED9E47D95F91}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66980032-D168-4E6F-9E4A-02DEFC7272AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6E7C71C9-CA48-4235-8C01-89EA2E92537A}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 breitband\a1breitband.exe |
"{737A4066-9D10-4127-98B2-6FDB1956E36D}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 breitband\a1breitband.exe |
"{7688D7AF-172B-41C0-81A8-303C8A21979A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{802AEFC2-FF60-4FD0-B442-155F4305BF78}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 servicecenter\start.exe |
"{8104316C-E2D4-455D-BC71-EC8FD808C9B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{82BA8039-8E4C-4776-9EE3-8AAC931FBBA7}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{85CEA153-9065-4E16-B966-C90E7B4A42BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{85F04C28-F4FB-45F1-A614-042E8E9A7965}" = dir=in | app=c:\program files\iobit\driver booster\driverbooster.exe |
"{8692B071-7FB2-4772-BE82-96B8D0BB8506}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1diagnose.exe |
"{87D0359B-806C-4717-8ACA-4417997F053A}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 modemwechsel\a1modemwechsel.exe |
"{8928666B-CDE7-46F6-8278-1751BD9B0AF5}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 wlan optimierer\a1wlanoptimierer.exe |
"{8A414080-D9D5-451C-9985-C1B3A79BC521}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1cmdtool.exe |
"{8CD7360E-1AC1-411E-AD30-9A9BEEB31462}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1cmdtool.exe |
"{8DC2F279-5483-4AAD-969F-6D02E55A652F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{90B90E47-07AB-4778-B584-030E55157579}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe |
"{99B4B907-C161-4523-AA80-E6364B2702C5}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{9B607065-B5F9-4DBC-B6F5-B2BF75F4142F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9F60FC2F-FFD4-4BFB-B539-598199EE21F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A00405FC-8055-40E9-B07E-03679F42B7F2}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{A1924BDB-E2B9-40B0-81A7-BF637FAAA372}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 breitband\a1breitband.exe |
"{A6906FEB-A515-4D1E-B578-AFD9DEC4D111}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AB9D77A5-47FC-4BDE-8AB7-8149CEBB7EDD}" = protocol=6 | dir=in | app=c:\program files\avg\av\avgdiagex.exe |
"{B6CBC45A-D16D-4721-B2F7-FE9DC58DFE03}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1wlanassistent.exe |
"{BBE70833-706D-4AB4-8E16-79CCDED3C60F}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe |
"{C24C65B7-7BE6-4C44-A4DD-FED02CB4CE8F}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{C3975CEE-2BC6-4B52-BFE2-472C73C8B972}" = dir=out | app=c:\program files\iobit\driver booster\autoupdate.exe |
"{C476826F-C5C9-47EE-8D33-D271B6B6C511}" = dir=out | app=c:\program files\iobit\driver booster\driverbooster.exe |
"{CE005A18-FA09-408F-9360-767824BA4F0D}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1mailboxen.exe |
"{D3FA1326-A61E-4D83-8594-01D3B9BDF184}" = dir=in | app=c:\program files\iobit\driver booster\autoupdate.exe |
"{D7F345BA-DA92-454F-8DAD-89288733E796}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 bandbreiten-optimierer\a1_bandbreiten_optimierer.exe |
"{D918B5A3-751C-40E9-8D1D-D5210452482E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB00B0BD-01B7-49E0-A7D2-32765A4DC69F}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 servicecenter\start.exe |
"{E0F47E09-B8CE-468F-805D-CDCFA2534BA8}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1modemkonfigurator.exe |
"{EE73AE40-7FDB-4AB5-82FE-8E33F2521F44}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1mailboxen.exe |
"{F53268F5-108B-4D33-8877-F1970E13F74E}" = protocol=17 | dir=in | app=c:\program files\avg\av\avgnsx.exe |
"{F5E97DE9-4D07-4798-A3F6-10B81EF86D69}" = protocol=6 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1diagnose.exe |
"{F6F07177-A737-41D2-BF59-17C9C5C987F2}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 modemwechsel\a1modemwechsel.exe |
"{F814D14E-A373-4CCA-9FCD-F1421709488F}" = protocol=17 | dir=in | app=c:\program files\a1 servicecenter\a1 diagnose\a1wlanassistent.exe |
"{FE525F9B-BB6D-4701-BB66-B00B8BB73BE0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{19FBF85A-8E83-41A9-9BB1-9797CF59851C}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe |
"TCP Query User{4D5381A6-9D86-4123-9D96-67FA0C5CD28C}C:\program files\vidalia relay bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files\vidalia relay bundle\tor\tor.exe |
"TCP Query User{5AC77F5C-A0EE-48EC-BE7C-E1C0C5783DB4}C:\program files\microsoft office\office12\outlook.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"TCP Query User{87BB6E37-2A51-46FC-BE66-5E17D0D9916E}C:\program files\nero\nero8\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero8\nero home\nerohome.exe |
"TCP Query User{B9857D8B-6CC5-45D8-9B4F-2265D818372A}C:\program files\vidalia relay bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files\vidalia relay bundle\tor\tor.exe |
"UDP Query User{05B4C5AA-749B-4295-8D32-144F2866579B}C:\program files\vidalia relay bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files\vidalia relay bundle\tor\tor.exe |
"UDP Query User{30D0750A-0E35-4E9D-8B74-7B906A96FEEF}C:\program files\microsoft office\office12\outlook.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"UDP Query User{4B717501-BF1D-4D8B-948A-6AFB14C5B458}C:\program files\nero\nero8\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero8\nero home\nerohome.exe |
"UDP Query User{953E2684-AF38-4FE2-A8BC-B1C0FAA022B2}C:\program files\vidalia relay bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files\vidalia relay bundle\tor\tor.exe |
"UDP Query User{FD4B57F9-F134-46B1-8911-6794F4D138AE}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0000EF65-BE80-3B99-BDE5-84C515C3F64C}" = Microsoft .NET Framework 4.5.2 (DEU)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A844D8F-A965-11E2-9E77-B8AC6F98CCE3}" = Google Earth
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{102A3A0A-545A-4D73-A329-044310242DE5}" = AVG 2016
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{13F054F3-0B07-4D15-9E80-C55B496AB557}" = Garmin Communicator Plugin
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2396F815-84E0-4353-83D7-8B190556DA42}" = ASUS CopyProtect
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{26A24AE4-039D-4CA4-87B4-2F83218073F0}" = Java 8 Update 73
"{26A24AE4-039D-4CA4-87B4-2F83218074F0}" = Java 8 Update 74
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{2D877D7D-958C-41F7-8863-3E682CE8EEA6}" = UpdateStar
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1" = GoogleClean
"{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}" = Google Earth Pro
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4694981D-8031-4526-90BE-E5F7FB80CBB8}" = Elevated Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AC2E99A-FDFB-4745-9D7E-34DC53D60ADD}" = ANT Drivers Installer x86
"{4B75C1B1-D0C7-4E70-9EE4-09CE7F734B0C}" = UpdateStar
"{4C35C7D7-5321-4FBE-AF6E-23BC816A7D22}" = AVG
"{4d822984-3cc1-4308-8a65-2a0b2326586a}" = Web Companion
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01
"{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1" = Cliqz
"{5AD12E7A-D739-4451-9BD1-3610EC56D8F5}" = SlimDrivers
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{714dc1e5-69a4-4ecd-9552-93397e084298}" = Garmin Express
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89047E06-C9CA-4626-AB3B-3A85FA05FDF2}" = FMW 1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_STANDARD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_STANDARD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_STANDARD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_STANDARD_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_STANDARD_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.2 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0081-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1" = WinZip Driver Updater
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A5B876D-A900-4AAB-B557-DE827BE46E6C}" = Nero 8
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92D383B-FD85-4B9C-A5D9-3647C71E48A1}" = Garmin Express
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Join Air
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-0804-1033-1959-001824161310}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.16) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 341.92
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9E91711-8600-4919-AEF0-D4821F886797}_is1" = Gigaflat
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D52EDFA2-13A7-4765-8650-4AB30E6DB77F}" = Garmin Express Tray
"{D9461574-5FC0-4641-BBDC-D1038B196F55}" = Brother MFL-Pro Suite MFC-490CW
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E108ADB5-8B3E-427D-A945-EAA2FCE68913}" = Wocarson Windows Genuine Advantage Validation v1.9.40.0 Cracked V2
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EA594E28-547D-4FB5-AED8-3628EFB1474D}" = TuneUp Utilities 2014 (de-DE)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4933D9F-89CC-4CA9-B5B0-CF32968890C7}" = BookScan&Whiteboard Suite
"{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}" = FaceFilter Studio Brother Edition
"{F5A4F780-DF0C-444F-BA82-637CCF5C8052}" = Windows Live Family Safety
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}" = TuneUp Utilities 2014
"1&1 Mail & Media GmbH Toolbar IE8" = GMX MailCheck
"22A03655B083CBA48D06AC6168E58505D985A435" = Windows-Treiberpaket - Intel (NETwNv32) net (07/14/2010 13.3.0.24)
"6CF78C20C2A7F2CFD53A10716FFCBBCE4DA156A8" = Windows-Treiberpaket - Intel (NETwLv32) net (08/15/2010 13.3.0.137)
"Adobe Flash Player ActiveX" = Adobe Flash Player 20 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 20 NPAPI
"Advanced SystemCare_is1" = Advanced SystemCare 9
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"AVG" = AVG Protection
"AVG Web TuneUp" = AVG Web TuneUp
"CCleaner" = CCleaner
"CyberGhost VPN_is1" = CyberGhost VPN Patch 4.7.19
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
"Driver Booster_is1" = Driver Booster 3.2
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"GetRight Pro_is1" = GetRight
"HD Tune Pro_is1" = HD Tune Pro 5.60
"IObit Malware Fighter_is1" = IObit Malware Fighter 3
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.2.0.1024
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 38.0.5 (x86 de)" = Mozilla Firefox 38.0.5 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyKeyFinder_is1" = MyKeyFinder
"PasswdFinder_is1" = Magical Jelly Bean PasswdFinder
"Sandboxie" = Sandboxie 3.72 (32-bit)
"Smart Defrag 4_is1" = Smart Defrag 4
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"STANDARD" = Microsoft Office Standard 2007
"Tor" = Tor 0.2.4.23
"TuneUp Utilities" = TuneUp Utilities 2014
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"Vidalia" = Vidalia 0.2.21
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 5.21 (32-Bit)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3867315891-1915105375-3091467415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Reader Packages" = Adobe Reader Packages
"ASUS Data Security Manager Packages" = ASUS Data Security Manager Packages
"Chromium" = Chromium
"Java Update Packages" = Java Update Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 28.02.2016 19:55:42 | Computer Name = Harald-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x091195b0, Prozess-ID 0x3418, Anwendungsstartzeit
01d1727c9425a020.

Error - 29.02.2016 08:39:10 | Computer Name = Harald-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung explorer.exe, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul safe_url.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x5587aa3f, Ausnahmecode 0xc0000005, Fehleroffset 0x099095b0, Prozess-ID 0x3334,
Anwendungsstartzeit 01d172838d20e300.

Error - 29.02.2016 09:32:07 | Computer Name = Harald-PC | Source = IMFservice | ID = 0
Description =

Error - 29.02.2016 09:32:07 | Computer Name = Harald-PC | Source = IMFservice | ID = 0
Description =

Error - 29.02.2016 09:38:07 | Computer Name = Harald-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.02.2016 10:49:21 | Computer Name = Harald-PC | Source = ESENT | ID = 215
Description = wlmail (6048) WindowsLiveMail0: Die Sicherung wurde abgebrochen, weil
sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
wurde.

Error - 29.02.2016 11:07:42 | Computer Name = Harald-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: ce0 Anfangszeit: 01d172f61177e817 Zeitpunkt
der Beendigung: 0

Error - 29.02.2016 11:56:51 | Computer Name = Harald-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul safe_url.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x5587aa3f, Ausnahmecode 0xc0000005, Fehleroffset 0x08aa95b0, Prozess-ID 0xf80,
Anwendungsstartzeit 01d17302f046d2c7.

Error - 29.02.2016 20:43:18 | Computer Name = Harald-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul safe_url.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x5587aa3f, Ausnahmecode 0xc0000005, Fehleroffset 0x09ac95b0, Prozess-ID 0xac8,
Anwendungsstartzeit 01d17309d2739567.

Error - 29.02.2016 21:34:36 | Computer Name = Harald-PC | Source = Application Error | ID = 1000
Error - 29.02.2016 22:08:52 | Computer Name = Harald-PC | Source = Application Error
| ID = 1000

Description = Fehlerhafte Anwendung explorer.exe, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul safe_url.dll_unloaded, Version 0.0.0.0, Zeitstempel 0x5587aa3f, Ausnahmecode 0xc0000005, Fehleroffset 0x085095b0,
Prozess-ID 0x2de8, Anwendungsstartzeit 01d1735a958e7840.

Error encountered while reading event logs.

< End of report >