PC friert ein - nur noch per Hand auszuschalten

uli54 · 15.04.2014, 12:37

Nach unterschiedlich langer Laufzeit (5min - 3 Std) friert mein PC ein. Bild bleibt stehen. Habe im Taskmanager unter Prozesse eine Datei gefunden: atieclxx.exe. lässt weder den Dateipfad öffnen noch sich deaktivieren.

Nach einigem googeln stellt sich heraus, dass diese Datei auch ein Virus sein kann.

Habe dann über Systemsteuerung - Verwaltung - Dienste die externen Dienste von ATI deaktiviert, damit war auch die o.g. Datei aus den Prozessen im Taskmanager.

Konnte aber über die Suche im Explorer die Datei noch zweimal finden:
in C: Windows System 32 und in Windows System 32 - Driverstore.
In ersterem liess sich die Datei entfernen, im Driverstore aber nicht.

Frage: sollte tatsächlich die Fehlfunktion meines PCs mit dieser Datei (Virus) zusammenhängen?
Wenn ja, wie entferne ich die letzte verbliebene?
Wenn nein, was könnte dann das "Einfrieren" verursachen?

schrauber · 15.04.2014, 13:21

Hi,

Festplatte defekt. die Datei ist von ATI, kein Virus.

uli54 · 15.04.2014, 14:06

Hallo Schrauber,

danke für den Hinweis.

Aber laut "CrystalDisk"-Programm ist der Festplattenzustand "gut" bei 30°C. Wie gesagt, nur unter "limitierter" PC-Laufzeit bis zum nächsten "Einfrieren"...

Uli

schrauber · 16.04.2014, 10:17

Das war ja auch nur ein Tipp wo du suchen sollst. RAM kann auch sowas. Kannst Du während dem Einfrieren noch die Maus bewegen oder steht er komplett?

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

uli54 · 16.04.2014, 19:26

Hallo Schrauber,

ja, es funktioniert auch keine Maus mehr - absolut nichts.

Deinen Vorschlag werde ich befolgen und mich dann wieder melden.

Danke
Uli

- das ist, was ich sehe, wenn ich das #-Symbol anklicke. Verstehe nicht, was ich dann tun soll.
Ich vergass vielleicht zu erwähnen, dass ich zwar kein PC-Dödel bin, aber auch nicht gerade sehr "trickreich" - eben ein durchschnittlicher User...

Uli

Sorry, da fehlte was! Was ich sehe, ist wie folgt: (Code) (Code)
Was mache ich damit?

Gruss
Uli54

schrauber · 17.04.2014, 13:37

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

uli54 · 17.04.2014, 15:17

Hallo Schrauber, ich hoffe es war alles richtig so:

[CO
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-04-2014 01
Ran by uli (administrator) on ULI-PC on 16-04-2014 15:06:59
Running from C:\Users\uli\Desktop
Microsoft Windows 7 Enterprise  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(SANDBOXIE L.T.D) H:\Security\Sandboxie\SbieSvc.exe
(Avira Operations GmbH & Co. KG) H:\Security\Avira\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) H:\Security\Avira\Avira\AntiVir Desktop\avguard.exe
(Safer-Networking Ltd.) H:\Security\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) H:\Security\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) H:\Security\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) H:\Security\Avira\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Avira Operations GmbH & Co. KG) H:\Security\Avira\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) H:\Security\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SANDBOXIE L.T.D) H:\Security\Sandboxie\SbieCtrl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) H:\Internet\Mozilla\firefox.exe
(Avira Operations GmbH & Co. KG) H:\security\avira\avira\antivir desktop\ipmGui.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) H:\Internet\Mozilla\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] => H:\Security\Avira\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SDTray] => H:\Security\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-05] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1988137150-886258936-1300054847-1001\...\Run: [SandboxieControl] => H:\Security\Sandboxie\SbieCtrl.exe [466704 2012-06-17] (SANDBOXIE L.T.D)
HKU\S-1-5-21-1988137150-886258936-1300054847-1001\...\Run: [Spybot-S&D Cleaning] => H:\Security\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-1988137150-886258936-1300054847-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1988137150-886258936-1300054847-1001\...\MountPoints2: {03a0efe4-fe45-11d5-aa3e-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.html
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.lnk
ShortcutTarget: OpenOffice.org 3.4.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe (No File)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://es.ask.com/?l=dis&o=15430
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC8651353F8D2CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
SearchScopes: HKCU - {143C79DC-32AA-4127-93D1-0D50C660CD86} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=CLM&o=15427&src=crm&q={searchTerms}&locale=&apn_ptnrs=^LE&apn_dtid=^YYYYYY^YY^ES&apn_uid=9d856ea4-8585-424f-be36-6d26b54ccec8&apn_sauid=80C69B17-399E-4331-9E33-F7EA42821FAC
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\Security\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default
FF user.js: detected! => C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\user.js
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.ighome.com/?t=310820
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\searchplugins\youtube-ssl.xml
FF Extension: United States English Spellchecker - C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\Extensions\en-US@dictionaries.addons.mozilla.org [2013-03-23]
FF Extension: DownloadHelper - C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: DivX Web Player - C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\Extensions\DivXWebPlayer@divx.com.xpi [2011-04-05]
FF Extension: TrashMail.net - C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\Extensions\spam@trashmail.net.xpi [2011-11-18]
FF Extension: YouTube to MP3 - C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\Extensions\youtube2mp3@mondayx.de.xpi [2011-11-18]
FF Extension: NoScript - C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-06-19]
FF Extension: Adblock Plus - C:\Users\uli\AppData\Roaming\Mozilla\Firefox\Profiles\pv2z7435.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011-01-19]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-01-19]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-02-17]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-06-09]
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - H:\Media\Video\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - H:\Media\Video\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF StartMenuInternet: FIREFOX.EXE - H:\Internet\Mozilla\firefox.exe

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; H:\Security\Avira\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; H:\Security\Avira\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 SbieSvc; H:\Security\Sandboxie\SbieSvc.exe [75536 2012-06-17] (SANDBOXIE L.T.D)
R2 SDScannerService; H:\Security\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; H:\Security\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; H:\Security\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)
S3 AIDA64Driver; H:\PC Systemwerkzeuge\PC Diagnose\AIDA64 Extreme Edition\kerneld.x32 [28824 2011-06-15] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14216 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [8456 2011-07-29] ()
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-24] (Pinnacle Systems GmbH)
S3 MTDVC2; C:\Windows\System32\DRIVERS\mtdv2ku2.sys [12288 2003-10-15] (Matsushita Electric Industrial Co., Ltd.)
S3 MTDVC2_ENUM; C:\Windows\System32\DRIVERS\mtdv2ks2.sys [11648 2003-10-11] (Matsushita Electric Industrial Co., Ltd.)
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [25712 2013-01-29] (Microsoft Corporation)
R3 SbieDrv; H:\Security\Sandboxie\SbieDrv.sys [137488 2012-06-17] (SANDBOXIE L.T.D)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS [X]
S3 SANDRA; \??\H:\PC Systemwerkzeuge\PC Diagnose\SiSoftware Sandra Lite 2011c\WNt500x86\Sandra.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-16 15:06 - 2014-04-16 15:07 - 00015224 _____ () C:\Users\uli\Desktop\FRST.txt
2014-04-16 15:06 - 2014-04-16 15:06 - 00000000 ____D () C:\FRST
2014-04-16 15:05 - 2014-04-16 15:06 - 01146368 _____ (Farbar) C:\Users\uli\Desktop\FRST.exe
2014-04-14 21:12 - 2014-04-14 21:13 - 01194880 _____ () C:\Windows\Minidump\041414-26187-01.dmp
2014-04-13 20:34 - 2014-04-16 14:49 - 00000616 _____ () C:\Windows\setupact.log
2014-04-13 17:28 - 2014-04-16 14:59 - 00079146 _____ () C:\Windows\WindowsUpdate.log
2014-04-13 17:23 - 2014-04-13 17:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-10 00:12 - 2014-03-06 10:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 00:12 - 2014-03-06 09:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 00:12 - 2014-03-06 09:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-10 00:12 - 2014-03-06 09:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 00:12 - 2014-03-06 09:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-10 00:12 - 2014-03-06 09:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-10 00:12 - 2014-03-06 08:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 00:12 - 2014-03-06 08:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 00:12 - 2014-03-06 08:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 00:12 - 2014-03-06 08:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-10 00:12 - 2014-03-06 08:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 00:12 - 2014-03-06 08:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 00:12 - 2014-03-06 08:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-10 00:12 - 2014-03-06 08:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-10 00:12 - 2014-03-06 08:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-10 00:12 - 2014-03-06 08:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-10 00:12 - 2014-03-06 08:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-10 00:12 - 2014-03-06 08:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 00:12 - 2014-03-06 08:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-10 00:12 - 2014-03-06 08:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-10 00:12 - 2014-03-06 07:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 00:12 - 2014-03-06 07:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 00:12 - 2014-03-06 07:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 00:12 - 2014-03-06 06:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-10 00:12 - 2014-03-06 06:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 00:12 - 2014-03-06 06:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 18:57 - 2014-03-04 10:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-05 19:52 - 2014-04-05 19:52 - 00000000 ____D () C:\Users\uli\AppData\Local\{D47C2AB6-8003-4011-B099-6B53EE281E64}
2014-03-23 17:36 - 2014-03-23 17:36 - 00000000 ____D () C:\Users\uli\Documents\ProcAlyzer Dumps

==================== One Month Modified Files and Folders =======

2014-04-16 15:07 - 2014-04-16 15:06 - 00015224 _____ () C:\Users\uli\Desktop\FRST.txt
2014-04-16 15:06 - 2014-04-16 15:06 - 00000000 ____D () C:\FRST
2014-04-16 15:06 - 2014-04-16 15:05 - 01146368 _____ (Farbar) C:\Users\uli\Desktop\FRST.exe
2014-04-16 14:59 - 2014-04-13 17:28 - 00079146 _____ () C:\Windows\WindowsUpdate.log
2014-04-16 14:59 - 2012-04-03 06:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 14:56 - 2011-01-19 02:44 - 00000000 ____D () C:\Users\uli\AppData\Roaming\Skype
2014-04-16 14:54 - 2011-01-20 03:32 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-16 14:50 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-16 14:49 - 2014-04-13 20:34 - 00000616 _____ () C:\Windows\setupact.log
2014-04-16 01:28 - 2009-07-14 05:34 - 00010528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-16 01:28 - 2009-07-14 05:34 - 00010528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-16 01:12 - 2011-01-20 03:32 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-14 21:13 - 2014-04-14 21:12 - 01194880 _____ () C:\Windows\Minidump\041414-26187-01.dmp
2014-04-14 21:12 - 2011-07-29 20:03 - 00000000 ____D () C:\Windows\Minidump
2014-04-13 18:14 - 2012-06-19 08:46 - 02542080 ___SH () C:\Users\uli\Desktop\Thumbs.db
2014-04-13 17:23 - 2014-04-13 17:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-12 19:25 - 2011-01-18 22:37 - 02504236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 23:32 - 2011-02-02 23:31 - 00000000 ____D () C:\Users\uli\AppData\Local\Adobe
2014-04-10 23:30 - 2012-04-03 06:38 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-10 23:30 - 2011-05-15 10:45 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-10 21:38 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-04-10 10:11 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-04-10 03:03 - 2012-04-24 07:22 - 00000000 ____D () C:\Users\Gast
2014-04-10 03:03 - 2011-04-04 15:32 - 00000000 ____D () C:\Users\Guest
2014-04-10 03:03 - 2011-01-19 00:45 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-10 03:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-04-10 03:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-04-10 03:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-04-10 00:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-09 19:26 - 2009-07-14 03:04 - 00000499 _____ () C:\Windows\win.ini
2014-04-09 19:11 - 2002-01-01 03:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 18:55 - 2011-01-19 02:25 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 18:25 - 2011-01-18 22:34 - 00000000 ____D () C:\Users\uli
2014-04-05 19:52 - 2014-04-05 19:52 - 00000000 ____D () C:\Users\uli\AppData\Local\{D47C2AB6-8003-4011-B099-6B53EE281E64}
2014-04-02 15:50 - 2014-02-02 22:59 - 00000145 _____ () C:\Users\uli\Desktop\Piano.txt
2014-03-24 22:34 - 2013-12-26 16:26 - 00000000 ____D () C:\Users\uli\Desktop\TS
2014-03-24 15:09 - 2013-07-04 17:11 - 00000000 ____D () C:\Program Files\Defraggler
2014-03-24 15:08 - 2013-07-04 17:11 - 00001866 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-03-23 17:36 - 2014-03-23 17:36 - 00000000 ____D () C:\Users\uli\Documents\ProcAlyzer Dumps
2014-03-22 20:31 - 2002-01-01 09:20 - 00000000 ____D () C:\Windows\Panther

Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\Gast\AppData\Local\Temp\SkypeSetup.exe
C:\Users\uli\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-09 23:27

==================== End Of Log ============================

--- --- ---
DE][/COAdditional scan result of Farbar Recovery Scan Tool (x86) Version: 16-04-2014 01
Ran by uli at 2014-04-16 15:08:30
Running from C:\Users\uli\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

µTorrent (HKLM\...\uTorrent) (Version: 3.1.3 - )
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
AIDA64 Extreme Edition v1.80 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 1.80 - FinalWire Ltd.)
AMD APP SDK Runtime (Version: 10.0.923.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{0BD03BF6-3A66-EC7F-5155-28A8D6C69409}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.61205.2219 - Advanced Micro Devices, Inc.) Hidden
Applian FLV and Media Player 3.1.1.12 (HKLM\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies)
Application Profiles (HKLM\...\{21F3F7EC-CD32-D678-63AD-305F556D7BC9}) (Version: 2.0.4399.36214 - Advanced Micro Devices, Inc.)
ATI - Dienstprogramm zur Deinstallation der Software (HKLM\...\All ATI Software) (Version: 6.14.10.1011 - )
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Back4Sure 3.5.2 (HKLM\...\Back4Sure_is1) (Version: - Ulrich Krebs)
Canon MP Navigator EX 1.0 (HKLM\...\MP Navigator EX 1.0) (Version: - )
Canon MX310 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series) (Version: - )
Canon MX310 series Benutzerregistrierung (HKLM\...\Canon MX310 series Benutzerregistrierung) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2011.1205.2215.39827 - Nombre de su organización) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CrystalDiskInfo 4.6.2a (HKLM\...\CrystalDiskInfo_is1) (Version: 4.6.2a - Crystal Dew World)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Designer 2.0 (HKLM\...\Designer 2.0_is1) (Version: 7.8.6 - Fomanu AG)
Doom Shareware for Windows 95 (HKLM\...\Doom Shareware for Windows 95) (Version: - )
EASEUS Partition Master 9.1.1 Home Edition (HKLM\...\EASEUS Partition Master Home Edition_is1) (Version: - EASEUS)
Free Audio Converter version 5.0.30.1022 (HKLM\...\Free Audio Converter_is1) (Version: 5.0.30.1022 - DVDVideoSoft Ltd.)
Free AVI Video Converter version 5.0.27.717 (HKLM\...\Free AVI Video Converter_is1) (Version: 5.0.27.717 - DVDVideoSoft Ltd.)
Free Video Player version 1.0.2 (HKLM\...\{5E8E67B8-CEF8-445D-BFDF-620077C2584E}_is1) (Version: 1.0.2 - Blue Labs, LLC)
Free Video to MP3 Converter version 5.0.35.304 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.35.304 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 3.0.1 (HKLM\...\Freemake Video Converter_is1) (Version: 3.0.1 - Ellora Assets Corporation)
FreeMind (HKLM\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0_RC_10 - )
FreeRIP MP3 Converter 4.3 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.3 - GreenTree Applications SRL)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Helium Audio Converter (build 266) (HKLM\...\{8CF3206B-6330-42D6-B35E-CA7098337CB8}_is1) (Version: 1.4.0.266 - Intermedia Software)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java DB 10.5.3.0 (HKLM\...\{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}) (Version: 10.5.3.0 - Sun Microsystems, Inc)
Java(TM) 6 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020F0}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 23 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160230}) (Version: 1.6.0.230 - Oracle)
JLC's Internet TV (HKLM\...\JLC's Internet TV) (Version: - )
Logitech Webcam-Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
Mozilla Firefox 14.0.1 (x86 de) (HKLM\...\Mozilla Firefox 14.0.1 (x86 de)) (Version: 14.0.1 - Mozilla)
Mozilla Firefox 28.0 (x86 de) (HKCU\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 14.0.1 - Mozilla)
Mp3tag v2.55a (HKLM\...\Mp3tag) (Version: v2.55a - Florian Heidenreich)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiRes (remove only) (HKLM\...\MultiRes (remove only)) (Version: - )
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Pinnacle Studio 12 (HKLM\...\{D041EB9E-890A-4098-8F94-51DA194AC72A}) (Version: 12.0.0.6163 - Pinnacle Systems)
Pinnacle Video Treiber (HKLM\...\{5EB90C06-964F-4195-B83E-BD7E55C88415}) (Version: 12.00.0017 - Pinnacle Systems)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Radeon Omega Drivers v4.8.442 Setup Files and Tools (HKLM\...\Radeon Omega Drivers for Windows XP/2kv4.8.442) (Version: v4.8.442 - Omegadrivers.net)
Sandboxie 3.72 (32-bit) (HKLM\...\Sandboxie) (Version: 3.72 - SANDBOXIE L.T.D)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Solitude for Windows (HKLM\...\Solitude for Windows) (Version: - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TmUnitedForever (HKLM\...\TmUnitedForever_is1) (Version: - Nadeo)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228) (Version: 1 - Microsoft Corporation)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Wuala (HKCU\...\Wuala) (Version: - LaCie)
Wuala CBFS (HKLM\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Xilisoft PowerPoint to Video Converter Free (HKLM\...\Xilisoft PowerPoint to Video Converter Free) (Version: 1.1.1.20120601 - Xilisoft)
Yawcam 0.4.1 (HKLM\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version: - )

==================== Restore Points =========================

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01D1E235-8010-4461-8E85-777BE43476F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-20] (Google Inc.)
Task: {04555D68-DC1D-4238-9B58-754CA4736FFE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => H:\Security\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {338A1DE5-345A-48B2-9904-1F8BA102B205} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1988137150-886258936-1300054847-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {37AC8D5A-EA2D-4115-BB8F-D5308C485ECD} - System32\Tasks\{E6FC455F-39F0-4233-8E8F-F26D06325FCB} => H:\Spiele\Doom\Doom95.exe [1996-06-06] (id Software)
Task: {452E2490-2013-4E18-B95F-6F0A6D1CEA10} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-10] (Adobe Systems Incorporated)
Task: {6439EE21-44E8-43E2-A96E-765F6DEFDAE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-20] (Google Inc.)
Task: {7318F8F3-A1C3-41FD-A391-45128AA9D7F5} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {83D8FA09-2132-4D41-B6B2-720020352511} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {8B47A120-CB12-444B-A197-660C8680147B} - System32\Tasks\{E6C6A903-B1DD-4ECD-8070-21B3ED2A12F6} => C:\Program Files\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {A55569F0-6168-47DC-AB60-9823D94557BD} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {AE553B03-0841-461F-ACDA-0CFF93394861} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => H:\Security\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {BB757269-31E5-45A3-85DD-B0A813F1FBB7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1988137150-886258936-1300054847-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {C6AE2A2B-3D76-44A2-8ED9-2B40BA81EF9A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {CB7EB553-78EF-48CA-99CC-14DD1339D04B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => H:\Security\Spybot - Search & Destroy 2\SDScan.exe
Task: {CE69C745-9FAC-46D2-A8EB-29B6CC80D5D0} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {D4F5DD3F-1080-4A08-B8DF-6FF2D8EB142A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-19 15:51 - 2012-09-19 19:17 - 00397088 _____ () H:\Security\Avira\Avira\AntiVir Desktop\sqlite3.dll
2013-05-07 19:18 - 2012-11-13 14:06 - 00108960 _____ () H:\Security\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-05-07 19:18 - 2012-11-13 14:06 - 00416160 _____ () H:\Security\Spybot - Search & Destroy 2\DEC150.bpl
2013-05-07 19:18 - 2012-11-13 14:06 - 00158624 _____ () H:\Security\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-05-07 19:18 - 2012-08-23 09:38 - 00574840 _____ () H:\Security\Spybot - Search & Destroy 2\sqlite3.dll
2013-05-07 19:18 - 2012-11-13 14:06 - 00528288 _____ () H:\Security\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2013-05-07 19:18 - 2012-11-13 14:06 - 00554400 _____ () H:\Security\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2011-01-19 01:19 - 2010-03-15 13:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2011-12-05 22:10 - 2011-12-05 22:10 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-03-19 18:32 - 2014-03-19 18:32 - 03642480 _____ () H:\Internet\Mozilla\mozjs.dll
2014-04-10 23:30 - 2014-04-10 23:30 - 16351920 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:07BF512B

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: ApnTBMon => "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: uTorrent => "H:\Media\uTorrent.exe" /MINIMIZED

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2014 05:11:36 PM) (Source: Winlogon) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.

Error: (04/14/2014 05:11:36 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
0x8007043C

Error: (04/13/2014 05:25:52 PM) (Source: Windows Search Service) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/13/2014 05:25:52 PM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/13/2014 05:25:52 PM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/13/2014 05:25:51 PM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/13/2014 05:25:51 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (04/13/2014 05:25:47 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/13/2014 05:25:47 PM) (Source: Windows Search Service) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Context: Windows Application, SystemIndex Catalog

Details:
The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (HRESULT : 0x8004117f) (0x8004117f)

Error: (04/13/2014 05:25:46 PM) (Source: Windows Search Service) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=1100} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

System errors:
=============
Error: (04/16/2014 02:53:12 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (04/16/2014 02:53:11 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (04/16/2014 02:53:11 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (04/16/2014 02:53:11 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (04/16/2014 02:40:38 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (04/16/2014 02:40:38 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (04/16/2014 02:40:38 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (04/16/2014 02:40:38 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (04/16/2014 00:51:04 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (04/16/2014 00:51:03 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Microsoft Office Sessions:
=========================
Error: (04/14/2014 05:11:36 PM) (Source: Winlogon)(User: )
Description: 0x000000000x00000001

Error: (04/14/2014 05:11:36 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x8007043C

Error: (04/13/2014 05:25:52 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (04/13/2014 05:25:52 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/13/2014 05:25:52 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/13/2014 05:25:51 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/13/2014 05:25:51 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (04/13/2014 05:25:47 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (04/13/2014 05:25:47 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (HRESULT : 0x8004117f) (0x8004117f)

Error: (04/13/2014 05:25:46 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
1100

==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 2046.8 MB
Available physical RAM: 1041.73 MB
Total Pagefile: 4093.61 MB
Available Pagefile: 2724.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.39 MB

==================== Drives ================================

Drive c: (OS7) (Fixed) (Total:59.48 GB) (Free:20.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (PRIVAT) (Fixed) (Total:298.09 GB) (Free:199.6 GB) NTFS
Drive e: (Ul is dick) (Removable) (Total:14.53 GB) (Free:14.43 GB) NTFS
Drive h: (Programme) (Fixed) (Total:52.3 GB) (Free:43.78 GB) NTFS
Drive i: () (Removable) (Total:3.75 GB) (Free:2.21 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 17BC17BB)
Partition 1: (Active) - (Size=59 GB) - (Type=42)
Partition 2: (Not Active) - (Size=52 GB) - (Type=42)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: A35A1CDD)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 15 GB) (Disk ID: 008C767F)
Partition 1: (Active) - (Size=15 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 4 GB) (Disk ID: 6F20736B)
No partition Table on disk 3.
Disk 3 is a removable device.

==================== End Of Log ============================DE]

schrauber · 18.04.2014, 16:12

Rechner ist sauber. RAM schon gecheckt?

uli54 · 18.04.2014, 17:01

Win7-Check erkennt keinen RAM-Fehler, alles scheint o.k.!?

Gruss
Uli

schrauber · 19.04.2014, 10:26

Der bringt nix. Mach mal mit Memtest oder speziellen Programmen.

uli54 · 19.04.2014, 16:58

Hallo Schrauber,

inzwischen kann ich schon keine Tests mehr abschliessen, denn der PC friert voerher ein, also kurz nach dem Hochfahren. Momentan nutze ich den Laptop meines Sohnes. Da bleibt wohl nur noch der Gang zur Fachwerkstatt, die hoffentlich von "aussen" Zugriff bekommen - oder?

Gruss
Uli

schrauber · 20.04.2014, 18:00

Die haben zumindest mal WErkzeuge zum Testen

uli54 · 20.04.2014, 18:07

Hallo Schrauber,

dann also vielen Dank für die Hilfe, die Empfehlung eines Freundes hat sich als sehr hilfreich herausgestellt - auch ohne "reparierten" PC...

Gruss
Uli

schrauber · 20.04.2014, 18:45

was meinst du?

uli54 · 20.04.2014, 23:51

Hallo Schrauber,

deine vorherige Mail habe ich so verstanden, dass du nun auch denkst, die weitere Problemlösung wäre besser durch eine Werkstatt zu erledigen, oder liege ich da falsch?

Dass ich überhaupt auf Trojaner-Board gekommen bin, kam durch eine Empfehlung. Und ich fand es gut, wie du mich gelotst hast!

Gruss
Uli

15.04.2014, 13:21	#2
schrauber /// the machine /// TB-Ausbilder	PC friert ein - nur noch per Hand auszuschalten Hi, Festplatte defekt. die Datei ist von ATI, kein Virus. __________________ __________________

18.04.2014, 16:12	#8
schrauber /// the machine /// TB-Ausbilder	PC friert ein - nur noch per Hand auszuschalten Rechner ist sauber. RAM schon gecheckt? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

19.04.2014, 10:26	#10
schrauber /// the machine /// TB-Ausbilder	PC friert ein - nur noch per Hand auszuschalten Der bringt nix. Mach mal mit Memtest oder speziellen Programmen. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

20.04.2014, 18:00	#12
schrauber /// the machine /// TB-Ausbilder	PC friert ein - nur noch per Hand auszuschalten Die haben zumindest mal WErkzeuge zum Testen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

20.04.2014, 18:45	#14
schrauber /// the machine /// TB-Ausbilder	PC friert ein - nur noch per Hand auszuschalten was meinst du? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

PC friert ein - nur noch per Hand auszuschalten

Plagegeister aller Art und deren Bekämpfung: PC friert ein - nur noch per Hand auszuschalten