Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Windows Explorer Ordner öffnet sich immer nach dem Hochfahren

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 08.02.2014, 13:49   #1
sulamith
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Problem: Windows Explorer Ordner öffnet sich immer nach dem Hochfahren



Hallo,

Ich habe seit einigen Tagen folgendes Problem:
Immer nachdem der Computer hochgefahren wurde öffnet sich der Windows Explorer Ordner "Computer" mit den Laufwerken.

Nach einiger Recherche hab ich bereits den Autostart Ordner (ohne Inhalt) und msconfig mit Hilfe eines sauberen Systemstarts, wie hier beschrieben:
hxxp://wiki.winboard.org/index.php/Sauberer_Systemstart
überprüft.
Obwohl alle Systemstartelemente aktiviert waren trat das Problem weiterhin auf.

Nachdem ich hier im Forum einen Verweis auf
hxxp://cgi.zdnet.de/forum/viewtopic.php?t=4965
gefunden habe, hab ich den Schlüssel: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
in der Registry Überprüft und einen Eintrag ohne Wert gefunden (siehe Anhang)

Mich würde interessieren ob das die Ursache des Problems sein könnte und ob ich den Eintrag ohne Bedenken löschen kann.
Ich bin für jeden Hinweis dankbar, aber bitte möglichst idiotensicher erklären, da ich mich nicht so auskenne

lg sulamith
Miniaturansicht angehängter Grafiken
-registry.jpg  

Alt 08.02.2014, 18:56   #2
Larusso
/// Selecta Jahrusso
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Windows Explorer Ordner öffnet sich immer nach dem Hochfahren Anleitung / Hilfe



Hy. Darf ich mal genauer nachsehen, was so alles mitstartet.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 08.02.2014, 20:06   #3
sulamith
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Windows Explorer Ordner öffnet sich immer nach dem Hochfahren Details



hier die gewünschten infos:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by Amelie (ATTENTION: The logged in user is not administrator) on GOLDMARIECHEN on 08-02-2014 20:00:08
Running from C:\Users\Amelie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(LENOVO) C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Users\Amelie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Logitech Inc.) C:\Program Files (x86)\Squeezebox\SqueezeTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2847016 2011-11-10] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [408872 2011-11-10] (Synaptics)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SACpl.exe [1654400 2012-02-21] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-07] (Lenovo (Beijing) Limited)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [883840 2012-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [792224 2011-12-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-12-13] (Atheros Commnucations)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [378968 2012-01-05] (Alcor Micro Corp.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2012-01-26] (Lenovo, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Intelligent Touchpad] - C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [291272 2011-12-08] ()
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CAPOSD] - C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe [1876992 2012-02-17] (LENOVO)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [332BigDog] - C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [548864 2011-12-09] (Vimicro)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2015557645-2765522812-600638866-1001\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Amelie\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
HKU\S-1-5-21-2015557645-2765522812-600638866-1001\...\Run: [Amazon Cloud Player] - C:\Users\Amelie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-2015557645-2765522812-600638866-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2676584 2011-06-08] (Hewlett-Packard Co.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = 
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7KMOH
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7KMOH
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Amelie\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Amelie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-14]
CHR Extension: (Google-Suche) - C:\Users\Amelie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-14]
CHR Extension: (AdBlock) - C:\Users\Amelie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-04]
CHR Extension: (Google Wallet) - C:\Users\Amelie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14]
CHR Extension: (Google Mail) - C:\Users\Amelie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-14]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-09] (Avira Operations GmbH & Co. KG)
S2 BootShieldSvc; C:\Windows\System32\BootShieldSvc.exe [123952 2012-02-06] (Lenovo)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-04-16] ()
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-02-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164184 2012-04-16] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-13] (Atheros)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
R0 BootShield; C:\Windows\System32\drivers\BootShield.sys [31536 2012-04-16] (Lenovo Corporation")
R1 BootShieldfltr; C:\Windows\System32\drivers\BootShieldfltr.sys [61744 2012-02-16] (Lenovo Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-02-06] (Intel Corporation)
R3 LAD; C:\Windows\System32\DRIVERS\LAD.sys [8192 2012-01-12] (TODO: <Company name>)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U3 BcmSqlStartupSvc; 
U2 CLKMSVC10_3A60B698; 
U2 CLKMSVC10_C3B3B687; 
U2 DriverService; 
U2 iATAgentService; 
U2 idealife Update Service; 
U3 IGRS; 
U2 IviRegMgr; 
U2 Oasis2Service; 
U2 PCCarerService; 
U2 ReadyComm.DirectRouter; 
U2 RichVideo; 
U2 RtLedService; 
U2 SeaPort; 
U2 SoftwareService; 
U3 SQLWriter; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-08 20:00 - 2014-02-08 20:00 - 00015638 _____ () C:\Users\Amelie\Downloads\FRST.txt
2014-02-08 20:00 - 2014-02-08 20:00 - 00000000 ____D () C:\FRST
2014-02-08 19:59 - 2014-02-08 19:59 - 02079744 _____ (Farbar) C:\Users\Amelie\Downloads\FRST64.exe
2014-02-08 13:29 - 2014-02-08 13:30 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{7AA02613-BF67-4959-A804-B54412932BFF}
2014-02-08 12:38 - 2014-02-08 13:03 - 00000000 ____D () C:\Windows\pss
2014-02-07 13:47 - 2014-02-07 13:47 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{87C0C185-B59F-42A5-ADA1-83801DB36E8D}
2014-02-06 23:21 - 2014-02-06 23:21 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{4A3297DF-A101-4711-9FD5-7E992BF1BAEB}
2014-02-06 18:04 - 2014-02-06 18:04 - 00000000 ____D () C:\Users\Amelie\AppData\Local\HP
2014-02-06 17:51 - 2014-02-06 17:51 - 00000000 ____D () C:\Users\Amelie_2\AppData\Roaming\HpUpdate
2014-02-06 17:51 - 2011-06-08 18:35 - 00778088 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMa011.dll
2014-02-06 17:50 - 2014-02-06 17:51 - 00000000 ____D () C:\Program Files (x86)\HP
2014-02-06 17:50 - 2014-02-06 17:50 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-02-06 17:50 - 2014-02-06 17:50 - 00000000 ____D () C:\ProgramData\HP
2014-02-06 17:50 - 2014-02-06 17:50 - 00000000 ____D () C:\Program Files\HP
2014-02-06 11:20 - 2014-02-06 11:20 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{FACEA119-4E81-4A33-9151-8BD84F74C1DA}
2014-02-06 09:51 - 2014-02-06 09:51 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{8D7482B3-48F9-418E-9632-458620FA88BE}
2014-02-05 19:11 - 2014-02-05 19:11 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{5E066033-6ABC-4F08-82A9-3FABAA887013}
2014-02-04 22:58 - 2014-02-04 22:58 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{13BD9A31-BB47-4A2B-BD15-454EC1B05AEB}
2014-02-04 22:21 - 2014-02-04 22:21 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{5A02EE93-AC12-4680-BCEA-0243C6A6F1AB}
2014-02-04 09:14 - 2014-02-04 09:14 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A1E985D5-4ECC-40CE-BDF3-06C3DBADBAAD}
2014-02-03 12:27 - 2014-02-05 17:41 - 00000000 ____D () C:\Users\Amelie\Desktop\Siwawi
2014-02-03 11:17 - 2014-02-03 11:24 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{57BE71A5-AE4B-4501-8D0D-C640E665A338}
2014-02-03 11:08 - 2014-02-03 11:08 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{184C43FA-E834-493F-9556-B63811397A79}
2014-02-02 10:02 - 2014-02-02 10:02 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{2BBAE4D5-E0EE-4178-BC81-683D09CCF5EE}
2014-02-01 12:31 - 2014-02-01 12:31 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{2771F3CD-E390-4B86-AAB1-230BD9A764A4}
2014-02-01 09:53 - 2014-02-01 09:53 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{63AC8F6D-39DD-444E-8677-C8374BC4D7E3}
2014-01-31 14:15 - 2014-01-31 14:16 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E6019D9F-BB92-43EE-9786-64B3B1D09657}
2014-01-31 11:18 - 2014-01-31 11:18 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A1EA6ABD-BE68-49A4-9C5D-93C2D9395F77}
2014-01-30 15:16 - 2014-01-30 15:16 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{B106E740-86A0-430B-8BD0-1F670808C79E}
2014-01-29 18:45 - 2014-01-29 18:45 - 00000000 ____D () C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-01-29 18:45 - 2014-01-29 18:45 - 00000000 ____D () C:\Users\Amelie\AppData\Local\Amazon Cloud Player
2014-01-29 18:43 - 2014-01-29 18:43 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{C9B0148A-53AA-4B22-9CE5-71FD8412090B}
2014-01-29 18:42 - 2014-01-29 18:43 - 36160080 _____ (Amazon) C:\Users\Amelie\Downloads\AmazonCloudPlayerInstaller_422.exe
2014-01-29 18:25 - 2014-01-29 18:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E5C4B552-6375-4E86-936A-6946D882055A}
2014-01-28 12:07 - 2014-01-28 12:07 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E33E437B-7B3C-4B43-AC75-9D77EAFF8D5D}
2014-01-27 22:25 - 2014-01-27 22:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E92C3FE8-8E1A-4414-B6B4-CD1F571CF4F4}
2014-01-27 18:50 - 2014-01-27 18:50 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{1CA10A46-A94E-434B-8338-6F4D69D42D6D}
2014-01-27 15:38 - 2014-01-27 15:38 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{2A44FFD4-50FF-4FB3-9061-608D66239E30}
2014-01-26 22:34 - 2014-01-26 22:34 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{DC76C835-EB6B-48D3-8823-32A29F25D279}
2014-01-25 23:38 - 2014-01-25 23:38 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6D46F65A-AF10-48B9-B108-9E94DAC64E07}
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\Users\Amelie\Documents\Youcam
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\Users\Amelie\AppData\Roaming\CyberLink
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\Users\Amelie\AppData\Local\CyberLink
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\ProgramData\CyberLink
2014-01-25 16:41 - 2014-01-25 17:35 - 00000000 ____D () C:\Users\Amelie\AppData\Roaming\Skype
2014-01-25 16:41 - 2014-01-25 16:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-25 16:41 - 2014-01-25 16:41 - 00000000 ____D () C:\Users\Amelie\AppData\Local\Skype
2014-01-25 16:40 - 2014-01-25 16:51 - 00000000 ____D () C:\ProgramData\Skype
2014-01-25 16:40 - 2014-01-25 16:40 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Amelie\Downloads\SkypeSetup.exe
2014-01-25 11:38 - 2014-01-25 11:38 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{39D849DC-6A31-4C26-AF67-E56F812C088B}
2014-01-25 10:56 - 2014-01-25 10:56 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{05FD8B48-BAD0-4339-AB3C-064D86912ED1}
2014-01-24 18:35 - 2014-01-24 18:35 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A49A66F9-0490-4B94-B55B-4C5C3DCEC232}
2014-01-24 00:07 - 2014-01-24 00:07 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{EC15FD23-EF00-48A9-8066-EFF6375822CD}
2014-01-23 11:33 - 2014-01-23 11:34 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6456C239-4A94-4159-89CD-4098080EC188}
2014-01-23 10:36 - 2014-01-23 10:36 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{BA96C5C5-A5DE-4711-8867-FCE33345E907}
2014-01-22 15:28 - 2014-01-22 15:29 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A836B353-FAAB-455B-912E-67B617134FBA}
2014-01-21 21:46 - 2014-01-21 21:46 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{7C35F714-578E-4E4B-87FA-31461E2D4A08}
2014-01-21 09:37 - 2014-01-21 09:37 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{7F4EC524-2D7A-475B-A893-3D3DBA491589}
2014-01-20 16:09 - 2014-01-20 16:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-20 16:09 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-20 16:07 - 2014-01-20 16:07 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Amelie\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 11:39 - 2014-01-20 11:39 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6E21A8AB-D712-438A-BD11-441C221F2695}
2014-01-19 15:25 - 2014-01-19 15:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{ADE06F62-7819-4A34-BC75-C19C845A0C3D}
2014-01-18 16:25 - 2014-01-18 16:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{8A1A3FE3-8856-4180-A768-6D8A2FCBBFB1}
2014-01-18 09:53 - 2014-01-18 09:53 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{AF3E1DC7-8DD4-49AF-87EF-18288E83D75A}
2014-01-17 11:17 - 2014-01-17 11:17 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{751CB08A-B807-4A89-B92F-25644E5D98A3}
2014-01-16 15:11 - 2014-01-16 15:12 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{3B226E33-856F-4AF0-86E3-8FAE04B3A78A}
2014-01-15 19:37 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 19:37 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 19:37 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 19:37 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 19:37 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 19:37 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 19:37 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 19:37 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 19:36 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 15:25 - 2014-01-15 15:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{841951F4-25FD-4491-8178-D21A7F560AA8}
2014-01-14 21:37 - 2014-01-14 21:37 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{AD30D57C-F714-404A-ADA9-0A0BCBAF831B}
2014-01-14 09:32 - 2014-01-14 09:32 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A9407927-0A46-4ADE-BCAE-FEEC55801278}
2014-01-14 00:08 - 2014-01-14 00:08 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{312F47EE-12F3-4C75-A389-BFCA1FBA7F18}
2014-01-13 18:45 - 2014-01-13 18:45 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{86681BD0-D11D-47B7-9DE3-5C2F09FB3846}
2014-01-13 17:45 - 2014-01-13 17:45 - 00000000 ____D () C:\Users\Amelie\Desktop\Arty
2014-01-13 17:01 - 2014-01-13 17:01 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{CA6EE347-0C6C-4198-9D93-91135F552FD6}
2014-01-12 15:39 - 2014-01-12 15:39 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{3A5849E3-AA0B-4A63-AD3F-79E959A266F0}
2014-01-11 15:49 - 2014-01-11 15:49 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{5F7D80F8-A39A-471A-8B83-08E72467F811}
2014-01-10 13:53 - 2014-01-10 13:53 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{29C27DAD-1546-4FCA-9290-D09095D9CBB5}
2014-01-09 18:43 - 2014-01-09 18:43 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{D559384E-1731-4AA6-B862-7E0482BEE351}

==================== One Month Modified Files and Folders =======

2014-02-08 20:00 - 2014-02-08 20:00 - 00015638 _____ () C:\Users\Amelie\Downloads\FRST.txt
2014-02-08 20:00 - 2014-02-08 20:00 - 00000000 ____D () C:\FRST
2014-02-08 20:00 - 2012-08-07 21:25 - 01277527 _____ () C:\Windows\WindowsUpdate.log
2014-02-08 19:59 - 2014-02-08 19:59 - 02079744 _____ (Farbar) C:\Users\Amelie\Downloads\FRST64.exe
2014-02-08 19:47 - 2012-08-07 22:03 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-08 19:37 - 2012-08-07 22:03 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-08 15:31 - 2009-07-14 05:45 - 00031840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-08 15:31 - 2009-07-14 05:45 - 00031840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-08 13:30 - 2014-02-08 13:29 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{7AA02613-BF67-4959-A804-B54412932BFF}
2014-02-08 13:08 - 2012-08-08 07:12 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-02-08 13:08 - 2012-08-08 07:12 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-02-08 13:08 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-08 13:05 - 2013-12-14 19:27 - 00000000 ___RD () C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-08 13:04 - 2013-12-26 13:56 - 00003765 _____ () C:\Windows\setupact.log
2014-02-08 13:04 - 2013-12-14 21:21 - 00083120 _____ () C:\Users\Public\CAFADEBUG.log
2014-02-08 13:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-08 13:03 - 2014-02-08 12:38 - 00000000 ____D () C:\Windows\pss
2014-02-07 22:17 - 2013-12-14 19:58 - 00178664 _____ () C:\Users\Amelie\Desktop\notes.one
2014-02-07 13:47 - 2014-02-07 13:47 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{87C0C185-B59F-42A5-ADA1-83801DB36E8D}
2014-02-07 13:44 - 2010-11-21 04:47 - 00279056 _____ () C:\Windows\PFRO.log
2014-02-06 23:21 - 2014-02-06 23:21 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{4A3297DF-A101-4711-9FD5-7E992BF1BAEB}
2014-02-06 18:04 - 2014-02-06 18:04 - 00000000 ____D () C:\Users\Amelie\AppData\Local\HP
2014-02-06 17:51 - 2014-02-06 17:51 - 00000000 ____D () C:\Users\Amelie_2\AppData\Roaming\HpUpdate
2014-02-06 17:51 - 2014-02-06 17:50 - 00000000 ____D () C:\Program Files (x86)\HP
2014-02-06 17:50 - 2014-02-06 17:50 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-02-06 17:50 - 2014-02-06 17:50 - 00000000 ____D () C:\ProgramData\HP
2014-02-06 17:50 - 2014-02-06 17:50 - 00000000 ____D () C:\Program Files\HP
2014-02-06 16:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-06 11:20 - 2014-02-06 11:20 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{FACEA119-4E81-4A33-9151-8BD84F74C1DA}
2014-02-06 09:51 - 2014-02-06 09:51 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{8D7482B3-48F9-418E-9632-458620FA88BE}
2014-02-05 19:11 - 2014-02-05 19:11 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{5E066033-6ABC-4F08-82A9-3FABAA887013}
2014-02-05 17:41 - 2014-02-03 12:27 - 00000000 ____D () C:\Users\Amelie\Desktop\Siwawi
2014-02-04 22:58 - 2014-02-04 22:58 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{13BD9A31-BB47-4A2B-BD15-454EC1B05AEB}
2014-02-04 22:21 - 2014-02-04 22:21 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{5A02EE93-AC12-4680-BCEA-0243C6A6F1AB}
2014-02-04 09:20 - 2013-12-14 19:58 - 00000000 ____D () C:\Users\Amelie\Desktop\Muenchen
2014-02-04 09:16 - 2013-12-14 19:58 - 00000000 ____D () C:\Users\Amelie\Desktop\TUM
2014-02-04 09:14 - 2014-02-04 09:14 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A1E985D5-4ECC-40CE-BDF3-06C3DBADBAAD}
2014-02-03 11:24 - 2014-02-03 11:17 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{57BE71A5-AE4B-4501-8D0D-C640E665A338}
2014-02-03 11:08 - 2014-02-03 11:08 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{184C43FA-E834-493F-9556-B63811397A79}
2014-02-02 10:02 - 2014-02-02 10:02 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{2BBAE4D5-E0EE-4178-BC81-683D09CCF5EE}
2014-02-01 12:31 - 2014-02-01 12:31 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{2771F3CD-E390-4B86-AAB1-230BD9A764A4}
2014-02-01 09:53 - 2014-02-01 09:53 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{63AC8F6D-39DD-444E-8677-C8374BC4D7E3}
2014-01-31 14:16 - 2014-01-31 14:15 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E6019D9F-BB92-43EE-9786-64B3B1D09657}
2014-01-31 11:18 - 2014-01-31 11:18 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A1EA6ABD-BE68-49A4-9C5D-93C2D9395F77}
2014-01-30 15:16 - 2014-01-30 15:16 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{B106E740-86A0-430B-8BD0-1F670808C79E}
2014-01-29 18:45 - 2014-01-29 18:45 - 00000000 ____D () C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-01-29 18:45 - 2014-01-29 18:45 - 00000000 ____D () C:\Users\Amelie\AppData\Local\Amazon Cloud Player
2014-01-29 18:43 - 2014-01-29 18:43 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{C9B0148A-53AA-4B22-9CE5-71FD8412090B}
2014-01-29 18:43 - 2014-01-29 18:42 - 36160080 _____ (Amazon) C:\Users\Amelie\Downloads\AmazonCloudPlayerInstaller_422.exe
2014-01-29 18:25 - 2014-01-29 18:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E5C4B552-6375-4E86-936A-6946D882055A}
2014-01-28 12:07 - 2014-01-28 12:07 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E33E437B-7B3C-4B43-AC75-9D77EAFF8D5D}
2014-01-27 22:25 - 2014-01-27 22:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E92C3FE8-8E1A-4414-B6B4-CD1F571CF4F4}
2014-01-27 18:50 - 2014-01-27 18:50 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{1CA10A46-A94E-434B-8338-6F4D69D42D6D}
2014-01-27 15:38 - 2014-01-27 15:38 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{2A44FFD4-50FF-4FB3-9061-608D66239E30}
2014-01-26 22:34 - 2014-01-26 22:34 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{DC76C835-EB6B-48D3-8823-32A29F25D279}
2014-01-25 23:38 - 2014-01-25 23:38 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6D46F65A-AF10-48B9-B108-9E94DAC64E07}
2014-01-25 17:35 - 2014-01-25 16:41 - 00000000 ____D () C:\Users\Amelie\AppData\Roaming\Skype
2014-01-25 16:51 - 2014-01-25 16:40 - 00000000 ____D () C:\ProgramData\Skype
2014-01-25 16:48 - 2013-12-15 18:16 - 00000000 ____D () C:\Users\Amelie\Documents\OneNote Notebooks
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\Users\Amelie\Documents\Youcam
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\Users\Amelie\AppData\Roaming\CyberLink
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\Users\Amelie\AppData\Local\CyberLink
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\ProgramData\CyberLink
2014-01-25 16:41 - 2014-01-25 16:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-25 16:41 - 2014-01-25 16:41 - 00000000 ____D () C:\Users\Amelie\AppData\Local\Skype
2014-01-25 16:40 - 2014-01-25 16:40 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Amelie\Downloads\SkypeSetup.exe
2014-01-25 11:38 - 2014-01-25 11:38 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{39D849DC-6A31-4C26-AF67-E56F812C088B}
2014-01-25 10:56 - 2014-01-25 10:56 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{05FD8B48-BAD0-4339-AB3C-064D86912ED1}
2014-01-24 18:35 - 2014-01-24 18:35 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A49A66F9-0490-4B94-B55B-4C5C3DCEC232}
2014-01-24 18:22 - 2013-12-17 21:02 - 00000000 ____D () C:\Users\Amelie_2
2014-01-24 00:07 - 2014-01-24 00:07 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{EC15FD23-EF00-48A9-8066-EFF6375822CD}
2014-01-23 16:24 - 2012-08-07 21:57 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-01-23 11:34 - 2014-01-23 11:33 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6456C239-4A94-4159-89CD-4098080EC188}
2014-01-23 10:36 - 2014-01-23 10:36 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{BA96C5C5-A5DE-4711-8867-FCE33345E907}
2014-01-23 00:13 - 2013-12-14 20:00 - 00000000 ____D () C:\Users\Amelie\Desktop\WS1314
2014-01-22 15:29 - 2014-01-22 15:28 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A836B353-FAAB-455B-912E-67B617134FBA}
2014-01-21 21:46 - 2014-01-21 21:46 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{7C35F714-578E-4E4B-87FA-31461E2D4A08}
2014-01-21 09:37 - 2014-01-21 09:37 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{7F4EC524-2D7A-475B-A893-3D3DBA491589}
2014-01-20 16:09 - 2014-01-20 16:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-20 16:07 - 2014-01-20 16:07 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Amelie\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 11:39 - 2014-01-20 11:39 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6E21A8AB-D712-438A-BD11-441C221F2695}
2014-01-19 15:25 - 2014-01-19 15:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{ADE06F62-7819-4A34-BC75-C19C845A0C3D}
2014-01-18 16:25 - 2014-01-18 16:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{8A1A3FE3-8856-4180-A768-6D8A2FCBBFB1}
2014-01-18 09:53 - 2014-01-18 09:53 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{AF3E1DC7-8DD4-49AF-87EF-18288E83D75A}
2014-01-17 11:17 - 2014-01-17 11:17 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{751CB08A-B807-4A89-B92F-25644E5D98A3}
2014-01-16 15:12 - 2014-01-16 15:11 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{3B226E33-856F-4AF0-86E3-8FAE04B3A78A}
2014-01-16 08:46 - 2009-07-14 05:45 - 00340200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 00:48 - 2013-12-14 23:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 00:48 - 2013-12-14 20:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 00:47 - 2013-12-14 20:02 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 15:25 - 2014-01-15 15:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{841951F4-25FD-4491-8178-D21A7F560AA8}
2014-01-14 21:37 - 2014-01-14 21:37 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{AD30D57C-F714-404A-ADA9-0A0BCBAF831B}
2014-01-14 09:32 - 2014-01-14 09:32 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A9407927-0A46-4ADE-BCAE-FEEC55801278}
2014-01-14 00:08 - 2014-01-14 00:08 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{312F47EE-12F3-4C75-A389-BFCA1FBA7F18}
2014-01-13 18:45 - 2014-01-13 18:45 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{86681BD0-D11D-47B7-9DE3-5C2F09FB3846}
2014-01-13 17:45 - 2014-01-13 17:45 - 00000000 ____D () C:\Users\Amelie\Desktop\Arty
2014-01-13 17:01 - 2014-01-13 17:01 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{CA6EE347-0C6C-4198-9D93-91135F552FD6}
2014-01-12 15:39 - 2014-01-12 15:39 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{3A5849E3-AA0B-4A63-AD3F-79E959A266F0}
2014-01-11 15:49 - 2014-01-11 15:49 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{5F7D80F8-A39A-471A-8B83-08E72467F811}
2014-01-10 13:53 - 2014-01-10 13:53 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{29C27DAD-1546-4FCA-9290-D09095D9CBB5}
2014-01-09 18:43 - 2014-01-09 18:43 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{D559384E-1731-4AA6-B862-7E0482BEE351}

Some content of TEMP:
====================
C:\Users\Amelie\AppData\Local\Temp\avgnt.exe
C:\Users\Amelie\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ====================
         
--- --- ---

--- --- ---


und die addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2014
Ran by Amelie at 2014-02-08 20:00:46
Running from C:\Users\Amelie\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (x32 Version: 3.1.3042.60281 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.1.3042.60281 - Alcor Micro Corp.) Hidden
Amazon Cloud Player (HKCU Version: 2.3.0.422 - Amazon Services LLC)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Atheros WLAN Client Installation Program (x32 Version: 9.0 - Atheros)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden
Bluetooth Win7 Suite (64) (Version: 7.3.0.145 - Atheros Communications)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BootShield (x32 Version: 1.0.1.9 - Lenovo)
Conexant HD Audio (Version: 8.54.28.50 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (x32 Version: 7.2.7000.7 - Dolby Laboratories Inc)
Energy Management (x32 Version: 7.0.4.1 - Lenovo)
Energy Management (x32 Version: 7.0.4.1 - Lenovo) Hidden
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (x32 Version: 140.0.2.2 - Hewlett Packard)
HP Update (x32 Version: 5.003.000.004 - Hewlett-Packard)
Intel AppUp(SM) center (x32 Version: 03.05.11 - Intel)
Intel(R) Management Engine Components (x32 Version: 8.0.10.1464 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (x32 Version:  - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Start Technology (x32 Version: 1.0.0.1021 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.23.943.1 - Intel Corporation) Hidden
Intelligent Touchpad (x32 Version: 1.00.0108 - Lenovo)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo CAPOSD (x32 Version: 1.0.0.7 - Lenovo)
Lenovo CAPOSD (x32 Version: 1.0.0.7 - Lenovo) Hidden
Lenovo EasyCamera (x32 Version: 1.11.1214.1 - Lenovo EasyCamera)
Lenovo OneKey Recovery (Version: 7.0.0.3807 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (x32 Version: 7.0.0.3807 - CyberLink Corp.)
Lenovo Registration (x32 Version: 1.0.4 - Lenovo Inc.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
LenovoDrv_x64 (Version: 1.0.00 - Lenovo)
Logitech Media Server 7.7.3 (x32 Version: 7.7.3 - Logitech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NVIDIA Grafiktreiber 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (x32 Version: 7.48.823.2011 - Realtek)
Skype™ 6.13 (x32 Version: 6.13.104 - Skype Technologies S.A.)
SugarSync Manager (x32 Version: 1.9.49.86082 - SugarSync, Inc.)
Synaptics Pointing Device Driver (Version: 15.3.33.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
UserGuide (x32 Version: 1.0.0.6 - Lenovo)
Windows Driver Package - Lenovo Corporation (LAD) System  (01/13/2012 1.0.0.2) (Version: 01/13/2012 1.0.0.2 - Lenovo Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (Version: 12/15/2011 7.1.0.1 - Lenovo)

==================== Restore Points  =========================

Could not list Restore Points. Check WMI.


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) =============

2008-12-20 02:20 - 2012-08-07 22:08 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-04-19 15:22 - 2012-08-07 22:08 - 01516592 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-10 15:31 - 2012-08-07 22:08 - 00012336 _____ () C:\Program Files (x86)\Lenovo\Energy Management\de-DE\EMWpfUI.resources.dll
2008-12-20 02:20 - 2012-08-07 22:08 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-03-12 03:00 - 2012-02-17 17:21 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/08/2014 04:13:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1092

Error: (02/08/2014 04:13:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1092

Error: (02/08/2014 04:13:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/08/2014 01:06:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2014 01:05:08 PM) (Source: BootShieldSvc) (User: )
Description: An error has occurred (---query FLAG_AUTO_SVC_CHANGED key success failed with 1, The Code is:0x424.).

Error: (02/08/2014 01:05:08 PM) (Source: BootShieldSvc) (User: )
Description: An error has occurred (---Get FLAG_AUTO_SVC_CHANGED Open key suc failed with 0, The Code is:0x422.).

Error: (02/08/2014 01:05:08 PM) (Source: BootShieldSvc) (User: )
Description: An error has occurred (---query FLAG_AUTO_SVC_CHANGED key success failed with 1, The Code is:0x424.).

Error: (02/08/2014 01:05:08 PM) (Source: BootShieldSvc) (User: )
Description: An error has occurred (---Get FLAG_AUTO_SVC_CHANGED Open key suc failed with 0, The Code is:0x422.).

Error: (02/08/2014 01:05:08 PM) (Source: BootShieldSvc) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (02/08/2014 01:05:08 PM) (Source: BootShieldSvc) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).


System errors:
=============
Error: (02/08/2014 01:07:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/08/2014 01:04:58 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (02/08/2014 01:03:21 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (02/08/2014 00:45:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/08/2014 00:43:26 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (02/08/2014 00:40:41 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (02/08/2014 00:40:19 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (02/08/2014 11:37:50 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/08/2014 11:35:48 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (02/08/2014 11:35:23 AM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 33%
Total physical RAM: 8052.91 MB
Available physical RAM: 5375.05 MB
Total Pagefile: 16104 MB
Available Pagefile: 12763.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:653.44 GB) (Free:539.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:21.04 GB) NTFS

==================== MBR & Partition Table ==================

==================== End
         
__________________

Alt 08.02.2014, 20:19   #4
Larusso
/// Selecta Jahrusso
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Lösung: Windows Explorer Ordner öffnet sich immer nach dem Hochfahren



Sind irgendwelche Externen Speichermedien angeschlossen ? ( CD im Laufwerk ... )
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 08.02.2014, 20:26   #5
sulamith
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Wie Windows Explorer Ordner öffnet sich immer nach dem Hochfahren



Nein gar nichts


Alt 08.02.2014, 21:11   #6
Larusso
/// Selecta Jahrusso
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Wo Windows Explorer Ordner öffnet sich immer nach dem Hochfahren Lösung!



Öffne bitte den Windows Explorer --> Organisieren --> Ordner und Suchoptionen --> Ansicht

Gehe sicher, dass bei "Vorherige Ordnerfenster bei der Anmeldung wiederherstellen" kein Haken gesetzt ist ( vorletzte Zeile )
__________________
--> Windows Explorer Ordner öffnet sich immer nach dem Hochfahren

Alt 08.02.2014, 21:22   #7
sulamith
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Windows Explorer Ordner öffnet sich immer nach dem Hochfahren



es war ein haken da gewesen, den ich nun entfernt habe, das Problem besteht aber weiterhin.

Alt 08.02.2014, 21:45   #8
Larusso
/// Selecta Jahrusso
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Windows Explorer Ordner öffnet sich immer nach dem Hochfahren



So sehe ich da jetzt nichts. Irgendwas installiert bevor das Problem auftrat ?
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 09.02.2014, 12:20   #9
sulamith
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Windows Explorer Ordner öffnet sich immer nach dem Hochfahren



nee, das letzte Programm das ich installiert habe war meine ich Skype gewesen, und das ist auch schon wieder eine Weile her.

Alt 09.02.2014, 12:58   #10
Larusso
/// Selecta Jahrusso
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Windows Explorer Ordner öffnet sich immer nach dem Hochfahren [gelöst]



Kannst du mal in de abgesicherten Modus starten und mir sagen, ob hier das Problem auch auftritt ?
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 09.02.2014, 16:39   #11
sulamith
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Windows Explorer Ordner öffnet sich immer nach dem Hochfahren [gelöst]



im abgesicherten Modus öffnet sich der Explorer nicht

Alt 09.02.2014, 17:06   #12
Larusso
/// Selecta Jahrusso
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Windows Explorer Ordner öffnet sich immer nach dem Hochfahren [gelöst]



Kannst du bitte FRST aus einem Benutzerkonto mit Adminrechten starten und mir die Logfile posten.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 09.02.2014, 19:09   #13
sulamith
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Windows Explorer Ordner öffnet sich immer nach dem Hochfahren [gelöst]




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-02-2014 02
Ran by Amelie_2 (administrator) on GOLDMARIECHEN on 09-02-2014 19:06:46
Running from C:\Users\Amelie_2\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(LENOVO) C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxtray.exe
(Intel Corporation) C:\Windows\system32\hkcmd.exe
() C:\Program Files\Conexant\ForteConfig\fmapp.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Users\Amelie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Logitech Inc.) C:\Program Files (x86)\Squeezebox\SqueezeTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Logitech Inc.) C:\Program Files (x86)\Squeezebox\SqueezeTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(LENOVO) C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files (x86)\Squeezebox\server\SqueezeSvr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2847016 2011-11-10] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [408872 2011-11-10] (Synaptics)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SACpl.exe [1654400 2012-02-21] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-07] (Lenovo (Beijing) Limited)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [883840 2012-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [792224 2011-12-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-12-13] (Atheros Commnucations)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [378968 2012-01-05] (Alcor Micro Corp.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2012-01-26] (Lenovo, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Intelligent Touchpad] - C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [291272 2011-12-08] ()
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CAPOSD] - C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe [1876992 2012-02-17] (LENOVO)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [332BigDog] - C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [548864 2011-12-09] (Vimicro)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2015557645-2765522812-600638866-1001\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Amelie\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
HKU\S-1-5-21-2015557645-2765522812-600638866-1001\...\Run: [Amazon Cloud Player] - C:\Users\Amelie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-2015557645-2765522812-600638866-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2676584 2011-06-08] (Hewlett-Packard Co.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = 
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7KMOH
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7KMOH
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
CHR Extension: (Google Docs) - C:\Users\Amelie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-22]
CHR Extension: (Google Drive) - C:\Users\Amelie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-22]
CHR Extension: (YouTube) - C:\Users\Amelie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-22]
CHR Extension: (Google-Suche) - C:\Users\Amelie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-22]
CHR Extension: (Google Wallet) - C:\Users\Amelie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-22]
CHR Extension: (Google Mail) - C:\Users\Amelie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-22]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-09] (Avira Operations GmbH & Co. KG)
S2 BootShieldSvc; C:\Windows\System32\BootShieldSvc.exe [123952 2012-02-06] (Lenovo)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-04-16] ()
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-02-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164184 2012-04-16] (Intel Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-13] (Atheros)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
R0 BootShield; C:\Windows\System32\drivers\BootShield.sys [31536 2012-04-16] (Lenovo Corporation")
R1 BootShieldfltr; C:\Windows\System32\drivers\BootShieldfltr.sys [61744 2012-02-16] (Lenovo Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-02-06] (Intel Corporation)
R3 LAD; C:\Windows\System32\DRIVERS\LAD.sys [8192 2012-01-12] (TODO: <Company name>)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U3 BcmSqlStartupSvc; 
U2 CLKMSVC10_3A60B698; 
U2 CLKMSVC10_C3B3B687; 
U2 DriverService; 
U2 iATAgentService; 
U2 idealife Update Service; 
U3 IGRS; 
U2 IviRegMgr; 
U2 Oasis2Service; 
U2 PCCarerService; 
U2 ReadyComm.DirectRouter; 
U2 RichVideo; 
U2 RtLedService; 
U2 SeaPort; 
U2 SoftwareService; 
U3 SQLWriter; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-09 19:06 - 2014-02-09 19:06 - 02170880 _____ (Farbar) C:\Users\Amelie_2\Downloads\FRST64.exe
2014-02-09 19:06 - 2014-02-09 19:06 - 00016675 _____ () C:\Users\Amelie_2\Downloads\FRST.txt
2014-02-09 11:17 - 2014-02-09 11:17 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{19683CBB-32E4-43A3-BBDF-562374C35A8A}
2014-02-09 08:56 - 2014-02-09 08:56 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6A51A5DA-368B-40F5-9322-CBB26CC29B12}
2014-02-08 20:00 - 2014-02-09 19:06 - 00000000 ____D () C:\FRST
2014-02-08 20:00 - 2014-02-08 20:00 - 00037971 _____ () C:\Users\Amelie\Downloads\FRST.txt
2014-02-08 20:00 - 2014-02-08 20:00 - 00016970 _____ () C:\Users\Amelie\Downloads\Addition.txt
2014-02-08 19:59 - 2014-02-08 19:59 - 02079744 _____ (Farbar) C:\Users\Amelie\Downloads\FRST64.exe
2014-02-08 13:29 - 2014-02-08 13:30 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{7AA02613-BF67-4959-A804-B54412932BFF}
2014-02-08 12:38 - 2014-02-08 13:03 - 00000000 ____D () C:\Windows\pss
2014-02-07 13:47 - 2014-02-07 13:47 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{87C0C185-B59F-42A5-ADA1-83801DB36E8D}
2014-02-06 23:21 - 2014-02-06 23:21 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{4A3297DF-A101-4711-9FD5-7E992BF1BAEB}
2014-02-06 18:04 - 2014-02-06 18:04 - 00000000 ____D () C:\Users\Amelie\AppData\Local\HP
2014-02-06 17:51 - 2014-02-06 17:51 - 00000000 ____D () C:\Users\Amelie_2\AppData\Roaming\HpUpdate
2014-02-06 17:51 - 2011-06-08 18:35 - 00778088 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMa011.dll
2014-02-06 17:50 - 2014-02-06 17:51 - 00000000 ____D () C:\Program Files (x86)\HP
2014-02-06 17:50 - 2014-02-06 17:50 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-02-06 17:50 - 2014-02-06 17:50 - 00000000 ____D () C:\ProgramData\HP
2014-02-06 17:50 - 2014-02-06 17:50 - 00000000 ____D () C:\Program Files\HP
2014-02-06 17:48 - 2014-02-06 17:48 - 00071136 _____ () C:\Users\Amelie_2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-06 17:48 - 2014-02-06 17:48 - 00000000 ____D () C:\Users\Amelie_2\AppData\Local\HP
2014-02-06 11:20 - 2014-02-06 11:20 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{FACEA119-4E81-4A33-9151-8BD84F74C1DA}
2014-02-06 09:51 - 2014-02-06 09:51 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{8D7482B3-48F9-418E-9632-458620FA88BE}
2014-02-05 19:11 - 2014-02-05 19:11 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{5E066033-6ABC-4F08-82A9-3FABAA887013}
2014-02-04 22:58 - 2014-02-04 22:58 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{13BD9A31-BB47-4A2B-BD15-454EC1B05AEB}
2014-02-04 22:21 - 2014-02-04 22:21 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{5A02EE93-AC12-4680-BCEA-0243C6A6F1AB}
2014-02-04 09:14 - 2014-02-04 09:14 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A1E985D5-4ECC-40CE-BDF3-06C3DBADBAAD}
2014-02-03 12:27 - 2014-02-05 17:41 - 00000000 ____D () C:\Users\Amelie\Desktop\Siwawi
2014-02-03 11:17 - 2014-02-03 11:24 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{57BE71A5-AE4B-4501-8D0D-C640E665A338}
2014-02-03 11:08 - 2014-02-03 11:08 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{184C43FA-E834-493F-9556-B63811397A79}
2014-02-02 10:02 - 2014-02-02 10:02 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{2BBAE4D5-E0EE-4178-BC81-683D09CCF5EE}
2014-02-01 12:31 - 2014-02-01 12:31 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{2771F3CD-E390-4B86-AAB1-230BD9A764A4}
2014-02-01 09:53 - 2014-02-01 09:53 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{63AC8F6D-39DD-444E-8677-C8374BC4D7E3}
2014-01-31 14:15 - 2014-01-31 14:16 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E6019D9F-BB92-43EE-9786-64B3B1D09657}
2014-01-31 11:18 - 2014-01-31 11:18 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A1EA6ABD-BE68-49A4-9C5D-93C2D9395F77}
2014-01-30 15:16 - 2014-01-30 15:16 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{B106E740-86A0-430B-8BD0-1F670808C79E}
2014-01-29 18:45 - 2014-01-29 18:45 - 00000000 ____D () C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-01-29 18:45 - 2014-01-29 18:45 - 00000000 ____D () C:\Users\Amelie\AppData\Local\Amazon Cloud Player
2014-01-29 18:43 - 2014-01-29 18:43 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{C9B0148A-53AA-4B22-9CE5-71FD8412090B}
2014-01-29 18:42 - 2014-01-29 18:43 - 36160080 _____ (Amazon) C:\Users\Amelie\Downloads\AmazonCloudPlayerInstaller_422.exe
2014-01-29 18:25 - 2014-01-29 18:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E5C4B552-6375-4E86-936A-6946D882055A}
2014-01-28 12:07 - 2014-01-28 12:07 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E33E437B-7B3C-4B43-AC75-9D77EAFF8D5D}
2014-01-27 22:25 - 2014-01-27 22:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E92C3FE8-8E1A-4414-B6B4-CD1F571CF4F4}
2014-01-27 18:50 - 2014-01-27 18:50 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{1CA10A46-A94E-434B-8338-6F4D69D42D6D}
2014-01-27 15:38 - 2014-01-27 15:38 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{2A44FFD4-50FF-4FB3-9061-608D66239E30}
2014-01-26 22:34 - 2014-01-26 22:34 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{DC76C835-EB6B-48D3-8823-32A29F25D279}
2014-01-25 23:38 - 2014-01-25 23:38 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6D46F65A-AF10-48B9-B108-9E94DAC64E07}
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\Users\Amelie\Documents\Youcam
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\Users\Amelie\AppData\Roaming\CyberLink
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\Users\Amelie\AppData\Local\CyberLink
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\ProgramData\CyberLink
2014-01-25 16:41 - 2014-01-25 17:35 - 00000000 ____D () C:\Users\Amelie\AppData\Roaming\Skype
2014-01-25 16:41 - 2014-01-25 16:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-25 16:41 - 2014-01-25 16:41 - 00000000 ____D () C:\Users\Amelie\AppData\Local\Skype
2014-01-25 16:40 - 2014-01-25 16:51 - 00000000 ____D () C:\ProgramData\Skype
2014-01-25 16:40 - 2014-01-25 16:40 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Amelie\Downloads\SkypeSetup.exe
2014-01-25 11:38 - 2014-01-25 11:38 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{39D849DC-6A31-4C26-AF67-E56F812C088B}
2014-01-25 10:56 - 2014-01-25 10:56 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{05FD8B48-BAD0-4339-AB3C-064D86912ED1}
2014-01-24 18:35 - 2014-01-24 18:35 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A49A66F9-0490-4B94-B55B-4C5C3DCEC232}
2014-01-24 00:07 - 2014-01-24 00:07 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{EC15FD23-EF00-48A9-8066-EFF6375822CD}
2014-01-23 11:33 - 2014-01-23 11:34 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6456C239-4A94-4159-89CD-4098080EC188}
2014-01-23 10:36 - 2014-01-23 10:36 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{BA96C5C5-A5DE-4711-8867-FCE33345E907}
2014-01-22 15:28 - 2014-01-22 15:29 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A836B353-FAAB-455B-912E-67B617134FBA}
2014-01-21 21:46 - 2014-01-21 21:46 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{7C35F714-578E-4E4B-87FA-31461E2D4A08}
2014-01-21 09:37 - 2014-01-21 09:37 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{7F4EC524-2D7A-475B-A893-3D3DBA491589}
2014-01-20 16:07 - 2014-01-20 16:07 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Amelie\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 11:39 - 2014-01-20 11:39 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6E21A8AB-D712-438A-BD11-441C221F2695}
2014-01-19 15:25 - 2014-01-19 15:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{ADE06F62-7819-4A34-BC75-C19C845A0C3D}
2014-01-18 16:25 - 2014-01-18 16:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{8A1A3FE3-8856-4180-A768-6D8A2FCBBFB1}
2014-01-18 09:53 - 2014-01-18 09:53 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{AF3E1DC7-8DD4-49AF-87EF-18288E83D75A}
2014-01-17 11:17 - 2014-01-17 11:17 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{751CB08A-B807-4A89-B92F-25644E5D98A3}
2014-01-16 15:11 - 2014-01-16 15:12 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{3B226E33-856F-4AF0-86E3-8FAE04B3A78A}
2014-01-15 19:37 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 19:37 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 19:37 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 19:37 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 19:37 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 19:37 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 19:37 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 19:37 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 19:36 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 15:25 - 2014-01-15 15:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{841951F4-25FD-4491-8178-D21A7F560AA8}
2014-01-14 21:37 - 2014-01-14 21:37 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{AD30D57C-F714-404A-ADA9-0A0BCBAF831B}
2014-01-14 09:32 - 2014-01-14 09:32 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A9407927-0A46-4ADE-BCAE-FEEC55801278}
2014-01-14 00:08 - 2014-01-14 00:08 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{312F47EE-12F3-4C75-A389-BFCA1FBA7F18}
2014-01-13 18:45 - 2014-01-13 18:45 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{86681BD0-D11D-47B7-9DE3-5C2F09FB3846}
2014-01-13 17:45 - 2014-01-13 17:45 - 00000000 ____D () C:\Users\Amelie\Desktop\Arty
2014-01-13 17:01 - 2014-01-13 17:01 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{CA6EE347-0C6C-4198-9D93-91135F552FD6}
2014-01-12 15:39 - 2014-01-12 15:39 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{3A5849E3-AA0B-4A63-AD3F-79E959A266F0}
2014-01-11 15:49 - 2014-01-11 15:49 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{5F7D80F8-A39A-471A-8B83-08E72467F811}
2014-01-10 13:53 - 2014-01-10 13:53 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{29C27DAD-1546-4FCA-9290-D09095D9CBB5}

==================== One Month Modified Files and Folders =======

2014-02-09 19:07 - 2014-02-09 19:06 - 00016675 _____ () C:\Users\Amelie_2\Downloads\FRST.txt
2014-02-09 19:06 - 2014-02-09 19:06 - 02170880 _____ (Farbar) C:\Users\Amelie_2\Downloads\FRST64.exe
2014-02-09 19:06 - 2014-02-08 20:00 - 00000000 ____D () C:\FRST
2014-02-09 19:04 - 2013-12-14 21:21 - 00006392 _____ () C:\Users\Public\CAFADEBUG.log
2014-02-09 19:04 - 2012-08-07 22:03 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-09 18:34 - 2012-08-07 22:03 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-09 17:31 - 2012-08-07 21:25 - 01318841 _____ () C:\Windows\WindowsUpdate.log
2014-02-09 16:44 - 2009-07-14 05:45 - 00031840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-09 16:44 - 2009-07-14 05:45 - 00031840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-09 16:42 - 2012-08-08 07:12 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-02-09 16:42 - 2012-08-08 07:12 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-02-09 16:42 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-09 16:37 - 2013-12-14 19:27 - 00000000 ___RD () C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-09 16:36 - 2013-12-26 13:56 - 00004101 _____ () C:\Windows\setupact.log
2014-02-09 16:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-09 16:25 - 2013-12-17 21:02 - 00000000 ____D () C:\Users\Amelie_2
2014-02-09 11:17 - 2014-02-09 11:17 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{19683CBB-32E4-43A3-BBDF-562374C35A8A}
2014-02-09 08:56 - 2014-02-09 08:56 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6A51A5DA-368B-40F5-9322-CBB26CC29B12}
2014-02-08 20:00 - 2014-02-08 20:00 - 00037971 _____ () C:\Users\Amelie\Downloads\FRST.txt
2014-02-08 20:00 - 2014-02-08 20:00 - 00016970 _____ () C:\Users\Amelie\Downloads\Addition.txt
2014-02-08 19:59 - 2014-02-08 19:59 - 02079744 _____ (Farbar) C:\Users\Amelie\Downloads\FRST64.exe
2014-02-08 13:30 - 2014-02-08 13:29 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{7AA02613-BF67-4959-A804-B54412932BFF}
2014-02-08 13:03 - 2014-02-08 12:38 - 00000000 ____D () C:\Windows\pss
2014-02-07 22:17 - 2013-12-14 19:58 - 00178664 _____ () C:\Users\Amelie\Desktop\notes.one
2014-02-07 13:47 - 2014-02-07 13:47 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{87C0C185-B59F-42A5-ADA1-83801DB36E8D}
2014-02-07 13:44 - 2010-11-21 04:47 - 00279056 _____ () C:\Windows\PFRO.log
2014-02-06 23:21 - 2014-02-06 23:21 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{4A3297DF-A101-4711-9FD5-7E992BF1BAEB}
2014-02-06 18:04 - 2014-02-06 18:04 - 00000000 ____D () C:\Users\Amelie\AppData\Local\HP
2014-02-06 17:51 - 2014-02-06 17:51 - 00000000 ____D () C:\Users\Amelie_2\AppData\Roaming\HpUpdate
2014-02-06 17:51 - 2014-02-06 17:50 - 00000000 ____D () C:\Program Files (x86)\HP
2014-02-06 17:50 - 2014-02-06 17:50 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-02-06 17:50 - 2014-02-06 17:50 - 00000000 ____D () C:\ProgramData\HP
2014-02-06 17:50 - 2014-02-06 17:50 - 00000000 ____D () C:\Program Files\HP
2014-02-06 17:48 - 2014-02-06 17:48 - 00071136 _____ () C:\Users\Amelie_2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-06 17:48 - 2014-02-06 17:48 - 00000000 ____D () C:\Users\Amelie_2\AppData\Local\HP
2014-02-06 16:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-06 11:20 - 2014-02-06 11:20 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{FACEA119-4E81-4A33-9151-8BD84F74C1DA}
2014-02-06 09:51 - 2014-02-06 09:51 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{8D7482B3-48F9-418E-9632-458620FA88BE}
2014-02-05 19:11 - 2014-02-05 19:11 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{5E066033-6ABC-4F08-82A9-3FABAA887013}
2014-02-05 17:41 - 2014-02-03 12:27 - 00000000 ____D () C:\Users\Amelie\Desktop\Siwawi
2014-02-04 22:58 - 2014-02-04 22:58 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{13BD9A31-BB47-4A2B-BD15-454EC1B05AEB}
2014-02-04 22:21 - 2014-02-04 22:21 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{5A02EE93-AC12-4680-BCEA-0243C6A6F1AB}
2014-02-04 09:20 - 2013-12-14 19:58 - 00000000 ____D () C:\Users\Amelie\Desktop\Muenchen
2014-02-04 09:16 - 2013-12-14 19:58 - 00000000 ____D () C:\Users\Amelie\Desktop\TUM
2014-02-04 09:14 - 2014-02-04 09:14 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A1E985D5-4ECC-40CE-BDF3-06C3DBADBAAD}
2014-02-03 11:24 - 2014-02-03 11:17 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{57BE71A5-AE4B-4501-8D0D-C640E665A338}
2014-02-03 11:08 - 2014-02-03 11:08 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{184C43FA-E834-493F-9556-B63811397A79}
2014-02-02 10:02 - 2014-02-02 10:02 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{2BBAE4D5-E0EE-4178-BC81-683D09CCF5EE}
2014-02-01 12:31 - 2014-02-01 12:31 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{2771F3CD-E390-4B86-AAB1-230BD9A764A4}
2014-02-01 09:53 - 2014-02-01 09:53 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{63AC8F6D-39DD-444E-8677-C8374BC4D7E3}
2014-01-31 14:16 - 2014-01-31 14:15 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E6019D9F-BB92-43EE-9786-64B3B1D09657}
2014-01-31 11:18 - 2014-01-31 11:18 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A1EA6ABD-BE68-49A4-9C5D-93C2D9395F77}
2014-01-30 15:16 - 2014-01-30 15:16 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{B106E740-86A0-430B-8BD0-1F670808C79E}
2014-01-29 18:45 - 2014-01-29 18:45 - 00000000 ____D () C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-01-29 18:45 - 2014-01-29 18:45 - 00000000 ____D () C:\Users\Amelie\AppData\Local\Amazon Cloud Player
2014-01-29 18:43 - 2014-01-29 18:43 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{C9B0148A-53AA-4B22-9CE5-71FD8412090B}
2014-01-29 18:43 - 2014-01-29 18:42 - 36160080 _____ (Amazon) C:\Users\Amelie\Downloads\AmazonCloudPlayerInstaller_422.exe
2014-01-29 18:25 - 2014-01-29 18:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E5C4B552-6375-4E86-936A-6946D882055A}
2014-01-28 12:07 - 2014-01-28 12:07 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E33E437B-7B3C-4B43-AC75-9D77EAFF8D5D}
2014-01-27 22:25 - 2014-01-27 22:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{E92C3FE8-8E1A-4414-B6B4-CD1F571CF4F4}
2014-01-27 18:50 - 2014-01-27 18:50 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{1CA10A46-A94E-434B-8338-6F4D69D42D6D}
2014-01-27 15:38 - 2014-01-27 15:38 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{2A44FFD4-50FF-4FB3-9061-608D66239E30}
2014-01-26 22:34 - 2014-01-26 22:34 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{DC76C835-EB6B-48D3-8823-32A29F25D279}
2014-01-25 23:38 - 2014-01-25 23:38 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6D46F65A-AF10-48B9-B108-9E94DAC64E07}
2014-01-25 17:35 - 2014-01-25 16:41 - 00000000 ____D () C:\Users\Amelie\AppData\Roaming\Skype
2014-01-25 16:51 - 2014-01-25 16:40 - 00000000 ____D () C:\ProgramData\Skype
2014-01-25 16:48 - 2013-12-15 18:16 - 00000000 ____D () C:\Users\Amelie\Documents\OneNote Notebooks
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\Users\Amelie\Documents\Youcam
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\Users\Amelie\AppData\Roaming\CyberLink
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\Users\Amelie\AppData\Local\CyberLink
2014-01-25 16:43 - 2014-01-25 16:43 - 00000000 ____D () C:\ProgramData\CyberLink
2014-01-25 16:41 - 2014-01-25 16:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-25 16:41 - 2014-01-25 16:41 - 00000000 ____D () C:\Users\Amelie\AppData\Local\Skype
2014-01-25 16:40 - 2014-01-25 16:40 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Amelie\Downloads\SkypeSetup.exe
2014-01-25 11:38 - 2014-01-25 11:38 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{39D849DC-6A31-4C26-AF67-E56F812C088B}
2014-01-25 10:56 - 2014-01-25 10:56 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{05FD8B48-BAD0-4339-AB3C-064D86912ED1}
2014-01-24 18:35 - 2014-01-24 18:35 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A49A66F9-0490-4B94-B55B-4C5C3DCEC232}
2014-01-24 00:07 - 2014-01-24 00:07 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{EC15FD23-EF00-48A9-8066-EFF6375822CD}
2014-01-23 16:24 - 2012-08-07 21:57 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-01-23 11:34 - 2014-01-23 11:33 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6456C239-4A94-4159-89CD-4098080EC188}
2014-01-23 10:36 - 2014-01-23 10:36 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{BA96C5C5-A5DE-4711-8867-FCE33345E907}
2014-01-23 00:13 - 2013-12-14 20:00 - 00000000 ____D () C:\Users\Amelie\Desktop\WS1314
2014-01-22 15:29 - 2014-01-22 15:28 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A836B353-FAAB-455B-912E-67B617134FBA}
2014-01-21 21:46 - 2014-01-21 21:46 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{7C35F714-578E-4E4B-87FA-31461E2D4A08}
2014-01-21 09:37 - 2014-01-21 09:37 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{7F4EC524-2D7A-475B-A893-3D3DBA491589}
2014-01-20 16:07 - 2014-01-20 16:07 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Amelie\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 11:39 - 2014-01-20 11:39 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{6E21A8AB-D712-438A-BD11-441C221F2695}
2014-01-19 15:25 - 2014-01-19 15:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{ADE06F62-7819-4A34-BC75-C19C845A0C3D}
2014-01-18 16:25 - 2014-01-18 16:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{8A1A3FE3-8856-4180-A768-6D8A2FCBBFB1}
2014-01-18 09:53 - 2014-01-18 09:53 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{AF3E1DC7-8DD4-49AF-87EF-18288E83D75A}
2014-01-17 11:17 - 2014-01-17 11:17 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{751CB08A-B807-4A89-B92F-25644E5D98A3}
2014-01-16 15:12 - 2014-01-16 15:11 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{3B226E33-856F-4AF0-86E3-8FAE04B3A78A}
2014-01-16 08:46 - 2009-07-14 05:45 - 00340200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 00:48 - 2013-12-14 23:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 00:48 - 2013-12-14 20:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 00:47 - 2013-12-14 20:02 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 15:25 - 2014-01-15 15:25 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{841951F4-25FD-4491-8178-D21A7F560AA8}
2014-01-14 21:37 - 2014-01-14 21:37 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{AD30D57C-F714-404A-ADA9-0A0BCBAF831B}
2014-01-14 09:32 - 2014-01-14 09:32 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{A9407927-0A46-4ADE-BCAE-FEEC55801278}
2014-01-14 00:08 - 2014-01-14 00:08 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{312F47EE-12F3-4C75-A389-BFCA1FBA7F18}
2014-01-13 18:45 - 2014-01-13 18:45 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{86681BD0-D11D-47B7-9DE3-5C2F09FB3846}
2014-01-13 17:45 - 2014-01-13 17:45 - 00000000 ____D () C:\Users\Amelie\Desktop\Arty
2014-01-13 17:01 - 2014-01-13 17:01 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{CA6EE347-0C6C-4198-9D93-91135F552FD6}
2014-01-12 15:39 - 2014-01-12 15:39 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{3A5849E3-AA0B-4A63-AD3F-79E959A266F0}
2014-01-11 15:49 - 2014-01-11 15:49 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{5F7D80F8-A39A-471A-8B83-08E72467F811}
2014-01-10 13:53 - 2014-01-10 13:53 - 00000000 ____D () C:\Users\Amelie\AppData\Local\{29C27DAD-1546-4FCA-9290-D09095D9CBB5}

Some content of TEMP:
====================
C:\Users\Amelie\AppData\Local\Temp\avgnt.exe
C:\Users\Amelie\AppData\Local\Temp\ose00000.exe
C:\Users\Amelie_2\AppData\Local\Temp\avgnt.exe
C:\Users\Amelie_2\AppData\Local\Temp\DeleteVF.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-08 15:59

==================== End Of Log ============================
         
--- --- ---

Alt 09.02.2014, 19:22   #14
Larusso
/// Selecta Jahrusso
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Windows Explorer Ordner öffnet sich immer nach dem Hochfahren [gelöst]



Komisch.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM-x32\...\Run: [] - [X]
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Sollte nach einem Neustart das Problem immer noch da sein,

Öffne bitte einmal msconfig --> Reiter Dienste
Setze einen Haken bei "Alle Microsoft Dienste ausblenden" und entferne den Haken bei allen Diensten.
Klicke Übernehmen und starte den Rechner neu.
Berichte ob der Explorer immer noch da ist
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 09.02.2014, 20:18   #15
sulamith
 
Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Standard

Windows Explorer Ordner öffnet sich immer nach dem Hochfahren [gelöst]



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-02-2014 02
Ran by Amelie_2 at 2014-02-09 20:07:52 Run:1
Running from C:\Users\Amelie_2\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [] - [X]
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.

==== End of Fixlog ====
         
es ist weg nach dem neustart, nachdem die Fixlog erstellt wurde, war alles paletti! vorsichtshalber noch ein 2. neustart auf einem anderen benutzerkonto und auch da war alles ok.

vielen, vielen dank.

Antwort

Themen zu Windows Explorer Ordner öffnet sich immer nach dem Hochfahren
aktiviert, anhang, autostart, computer, eintrag, explorer, folge, folgendes, forum, hinweis, hochfahren, inhalt, laufwerke, löschen, microsoft, msconfig, ordner, problem, registry, software, systemstartelemente, version, windows, windows explorer, würde, öffnet



Ähnliche Themen: Windows Explorer Ordner öffnet sich immer nach dem Hochfahren


  1. Windows 7: Windows Explorer stürzt immer ab und "Unbekanter Fehler" öffnet sich unendlich oft
    Plagegeister aller Art und deren Bekämpfung - 03.01.2015 (17)
  2. Windows XP: Internet Explorer öffnet sich immer wieder selbstständig
    Log-Analyse und Auswertung - 29.08.2013 (7)
  3. Win 7 Der Internet Explorer öffnet sich immer
    Plagegeister aller Art und deren Bekämpfung - 08.08.2013 (15)
  4. Internetseite(Tesyxaltert.us) öffnet sich nach hochfahren automatisch, kann nichts machen.
    Log-Analyse und Auswertung - 19.01.2013 (11)
  5. PC wird beim Hochfahren immer langsamer und der Tasksheduler öffnet sich
    Log-Analyse und Auswertung - 06.11.2012 (7)
  6. Windows neuinstalliert, internet explorer öffnet sich immer noch selbsständig
    Plagegeister aller Art und deren Bekämpfung - 20.07.2010 (0)
  7. internet explorer öffnet sich immer wieder
    Log-Analyse und Auswertung - 25.04.2010 (2)
  8. Internet Explorer öffnet sich immer wieder
    Log-Analyse und Auswertung - 10.04.2010 (6)
  9. ein schlimmer virus, explorer öffnet sich immer...
    Log-Analyse und Auswertung - 08.02.2010 (1)
  10. Internet Explorer öffnet sich immer wieder
    Log-Analyse und Auswertung - 03.02.2010 (1)
  11. Windows Explorer stürzt nach dem hochfahren ab
    Alles rund um Windows - 26.08.2009 (0)
  12. internet Explorer öffnet sich immer automatisch
    Log-Analyse und Auswertung - 16.07.2009 (9)
  13. internet explorer öffnet sich immer
    Log-Analyse und Auswertung - 22.05.2009 (3)
  14. IE net explorer öffnet sich immer
    Log-Analyse und Auswertung - 10.10.2008 (0)
  15. Bei mir öffnet sich immer einfach de explorer
    Log-Analyse und Auswertung - 10.10.2008 (2)
  16. fehlermeldung beim hochfahren , internet explorer öffnet sich ständig
    Log-Analyse und Auswertung - 12.03.2008 (4)
  17. Explorer öffnet sich immer mit der Seite securepccleaner
    Log-Analyse und Auswertung - 11.01.2008 (2)

Zum Thema Windows Explorer Ordner öffnet sich immer nach dem Hochfahren - Hallo, Ich habe seit einigen Tagen folgendes Problem: Immer nachdem der Computer hochgefahren wurde öffnet sich der Windows Explorer Ordner "Computer" mit den Laufwerken. Nach einiger Recherche hab ich bereits - Windows Explorer Ordner öffnet sich immer nach dem Hochfahren...
Archiv
Du betrachtest: Windows Explorer Ordner öffnet sich immer nach dem Hochfahren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.