FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
Ran by matte at 2015-02-18 14:04:11
Running from C:\Users\matte\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Free Video Editor version 1.4.10.128 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.10.128 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Nero 2015 (HKLM-x32\...\{763EF8DC-4CC0-47CA-BE1C-BDE731462250}) (Version: 16.0.02900 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
ShotOnline (HKLM-x32\...\ShotOnline) (Version: 1.0 - OnNet)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Vegas Pro 12.0 (64-bit) (HKLM\...\{7A0D09B0-6575-11E2-89D5-F04DA23A5C58}) (Version: 12.0.486 - Sony)
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
28-01-2015 19:24:57 Removed VirtualDJ Home FREE
05-02-2015 14:23:07 Geplanter Prüfpunkt
11-02-2015 10:38:12 Windows Update
18-02-2015 06:03:11 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1C5E0300-E420-4163-9EBE-DF3FE413EB30} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {3168F7BB-7BC7-478D-AF5C-E716081ADC56} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {7849F5AE-7AEC-47E3-AC91-37138AC32EE6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {ACF5A390-D534-4BEA-8BD1-EA7EBE34F286} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B4F43D56-2FA0-4536-A853-CFA1A7866AB7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-11] (Microsoft Corporation)
Task: {BDE9C6B3-2493-423F-ACEB-BE7E3E7C5947} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
==================== Loaded Modules (whitelisted) ==============
2015-01-16 18:13 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2480002966-3945453949-3870356483-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\matte\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
==================== Accounts: =============================
Administrator (S-1-5-21-2480002966-3945453949-3870356483-500 - Administrator - Disabled)
Gast (S-1-5-21-2480002966-3945453949-3870356483-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2480002966-3945453949-3870356483-1003 - Limited - Enabled)
matte (S-1-5-21-2480002966-3945453949-3870356483-1001 - Administrator - Enabled) => C:\Users\matte
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/18/2015 01:25:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: libsid_plugin.dll, Version: 0.0.0.0, Zeitstempel: 0x000ed000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003bc3c
ID des fehlerhaften Prozesses: 0x145c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (02/18/2015 11:44:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.16384, Zeitstempel: 0x5215f944
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001a3b
ID des fehlerhaften Prozesses: 0xb50
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (02/18/2015 11:43:20 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0xC004F074
Befehlszeilenargumente:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent
Error: (02/18/2015 11:32:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.16384, Zeitstempel: 0x5215f944
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001a3b
ID des fehlerhaften Prozesses: 0x12d8
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (02/18/2015 09:06:05 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0xC004F074
Befehlszeilenargumente:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (02/18/2015 09:05:12 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0xC004F074
Befehlszeilenargumente:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (02/18/2015 09:05:11 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0xC004F074
Befehlszeilenargumente:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (02/18/2015 09:01:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.16384, Zeitstempel: 0x5215f944
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001a3b
ID des fehlerhaften Prozesses: 0x2170
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (02/18/2015 09:01:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.16384, Zeitstempel: 0x5215f944
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001a3b
ID des fehlerhaften Prozesses: 0x2320
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (02/18/2015 08:53:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: libsid_plugin.dll, Version: 0.0.0.0, Zeitstempel: 0x000ed000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003bc3c
ID des fehlerhaften Prozesses: 0x934c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
System errors:
=============
Error: (02/18/2015 01:18:33 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (02/18/2015 00:30:12 PM) (Source: DCOM) (EventID: 10010) (User: Matte72)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (02/18/2015 00:27:53 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (02/18/2015 11:57:17 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (02/18/2015 11:36:43 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (02/18/2015 11:34:07 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}
Error: (02/18/2015 11:33:35 AM) (Source: DCOM) (EventID: 10005) (User: Matte72)
Description: 1053TrustedInstallerNicht verfügbar{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (02/18/2015 11:33:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Modules Installer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/18/2015 11:33:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Modules Installer erreicht.
Error: (02/18/2015 10:26:03 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Microsoft Office Sessions:
=========================
Error: (02/18/2015 01:25:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000libsid_plugin.dll0.0.0.0000ed000c0000005000000000003bc3c145c01d04b67f60f83a0C:\Program Files\VideoLAN\VLC\vlc.exeC:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll2f65b3d8-b769-11e4-8265-001966ee1760
Error: (02/18/2015 11:44:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000msvcrt.dll7.0.9600.163845215f944c00000050000000000001a3bb5001d04b67eb85239dC:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\system32\msvcrt.dll2b1f1375-b75b-11e4-8265-001966ee1760
Error: (02/18/2015 11:43:20 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent
Error: (02/18/2015 11:32:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000msvcrt.dll7.0.9600.163845215f944c00000050000000000001a3b12d801d04b6642660a3dC:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\system32\msvcrt.dll81be6938-b759-11e4-8265-001966ee1760
Error: (02/18/2015 09:06:05 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (02/18/2015 09:05:12 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (02/18/2015 09:05:11 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (02/18/2015 09:01:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000msvcrt.dll7.0.9600.163845215f944c00000050000000000001a3b217001d04b511911cb17C:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\system32\msvcrt.dll576516a5-b744-11e4-8264-001966ee1760
Error: (02/18/2015 09:01:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000msvcrt.dll7.0.9600.163845215f944c00000050000000000001a3b232001d04b51150ec68dC:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\system32\msvcrt.dll53826835-b744-11e4-8264-001966ee1760
Error: (02/18/2015 08:53:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000libsid_plugin.dll0.0.0.0000ed000c0000005000000000003bc3c934c01d04b467b87d345C:\Program Files\VideoLAN\VLC\vlc.exeC:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll37d64ed0-b743-11e4-8264-001966ee1760
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E6500 @ 2.93GHz
Percentage of memory in use: 34%
Total physical RAM: 3007.09 MB
Available physical RAM: 1980.9 MB
Total Pagefile: 4799.09 MB
Available Pagefile: 3166.68 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.42 GB) (Free:403.85 GB) NTFS
Drive f: (Filme & Daten) (Fixed) (Total:1863.01 GB) (Free:1077.33 GB) NTFS
Drive g: (Musik) (Fixed) (Total:596.17 GB) (Free:147.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C1E72062)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: FC2DAC7F)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 0A2E48B2)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End Of Log ============================
--- --- ---
GMER 2.1.19357 - GMER - Rootkit Detector and Remover
Rootkit scan 2015-02-18 14:16:21
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 WDC_WD5000AAKS-00V1A0 rev.05.01D05 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\matte\AppData\Local\Temp\uwldypow.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff96000108200 15 bytes [00, 65, F4, 01, 80, 7D, 6A, ...]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 17 fffff96000108211 10 bytes [F3, FB, FF, 00, 17, C7, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\dwm.exe[780] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffea26b169a 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\system32\dwm.exe[780] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffea26b16a2 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\system32\dwm.exe[780] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffea26b181a 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\system32\dwm.exe[780] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffea26b1832 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\system32\nvvsvc.exe[912] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffea26b169a 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\system32\nvvsvc.exe[912] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffea26b16a2 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\system32\nvvsvc.exe[912] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffea26b181a 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\system32\nvvsvc.exe[912] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffea26b1832 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\Explorer.EXE[2464] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffea26b169a 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\Explorer.EXE[2464] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffea26b16a2 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\Explorer.EXE[2464] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffea26b181a 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\Explorer.EXE[2464] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffea26b1832 4 bytes [6B, A2, FE, 7F]
.text C:\Program Files\Internet Explorer\iexplore.exe[5820] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffea26b169a 4 bytes [6B, A2, FE, 7F]
.text C:\Program Files\Internet Explorer\iexplore.exe[5820] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffea26b16a2 4 bytes [6B, A2, FE, 7F]
.text C:\Program Files\Internet Explorer\iexplore.exe[5820] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffea26b181a 4 bytes [6B, A2, FE, 7F]
.text C:\Program Files\Internet Explorer\iexplore.exe[5820] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffea26b1832 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\SYSTEM32\ntdll.dll!NtDeviceIoControlFile 00007ffea4aa0e40 5 bytes JMP 00007fffa494f062
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess 00007ffea4aa1030 5 bytes JMP 00007fffa494f01c
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00007ffea4aa1090 5 bytes JMP 00007fffa494f02a
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\SYSTEM32\ntdll.dll!NtQuerySystemInformation 00007ffea4aa1130 5 bytes JMP 00007fffa494f038
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00007ffea4aa1170 5 bytes JMP 00007fffa494f07e
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\SYSTEM32\ntdll.dll!NtReadVirtualMemory 00007ffea4aa11c0 5 bytes JMP 00007fffa494f070
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00007ffea4aa12d0 5 bytes JMP 00007fffa494f054
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 00007ffea4aa1300 5 bytes JMP 00007fffa494f00e
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 00007ffea4aa1cf0 5 bytes JMP 00007fffa494f08c
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\SYSTEM32\ntdll.dll!NtSetSecurityObject 00007ffea4aa2610 5 bytes JMP 00007fffa494f09a
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\SYSTEM32\ntdll.dll!NtSuspendProcess 00007ffea4aa2750 5 bytes JMP 00007fffa494f046
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\SYSTEM32\ntdll.dll!NtSuspendThread 00007ffea4aa2760 5 bytes JMP 00007fffa494f000
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\system32\KERNEL32.DLL!MoveFileW 00007ffea410f808 5 bytes JMP 00007fffa29bf000
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\system32\ADVAPI32.dll!CreateProcessWithLogonW 00007ffea49bdde8 5 bytes JMP 00007fffa495f000
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\system32\GDI32.dll!GetPixel 00007ffea44ae8e0 5 bytes JMP 00007fffa447f000
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffea26b169a 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffea26b16a2 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffea26b181a 4 bytes [6B, A2, FE, 7F]
.text C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6792] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffea26b1832 4 bytes [6B, A2, FE, 7F]
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [476:500] fffff9600092bb90
Thread C:\Windows\ImmersiveControlPanel\SystemSettings.exe [6792:30796] 00000056555f0000
Thread C:\Windows\ImmersiveControlPanel\SystemSettings.exe [6792:29856] 0000005655600000
Thread C:\Windows\ImmersiveControlPanel\SystemSettings.exe [6792:30804] 0000005655610000
Thread C:\Windows\ImmersiveControlPanel\SystemSettings.exe [6792:31060] 0000005655e70000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed 2081403696
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
