Windows 8.1: Seltsamer Tab öffnet sich im Browser automatisch während Videospiel

laubori · 03.08.2014, 16:24

Hallo, ich habe meinen PC vor ein paar Tagen komplett neu aufgesetzt und Windows 8.1 installiert. Nun hab ich ihn heute gestartet, war nicht wirklich im Internet unterwegs sondern habe lediglich den Browser geöffnet und habe dann angefangen das Spiel Dark Souls zu spielen. Als ich es neu gestartet habe gab es dort einen Speicherfehler mit Windows Live und meine Spielstände konnten nicht geladen werden und etwa zu selben Zeit muss sich ein Tab in meinem Browser automatisch geöffnet haben. Der Link hier: (ACHTUNG am besten NICHT ÖFFNEN) hxxp://notretseverskuilde.eat-everything.com:2578/bboq8efjoe.php Die Seite war komplett weiß bis auf eine Suchleiste und einen Link namens "Products", mehr weiß ich nicht mehr. Ich hab mir den Quellcode angeschaut und dort war ziemlich viel zu sehen (womöglich auch ein script), leider hab ich ihn nicht kopiert und das geht auch nicht mehr weil die Seite inkl. Quellcode jetzt komplett leer ist (Edit: Nach erneutem Besuchen ist die Seite nun komplett verschwunden (Fehler: Verbindung unterbrochen)). Ich bitte um Aufklärung, falls sich jemand damit auskennt. War das evtl. eine Seite der Entwickler oder von Windows Live die für irgendwelche Server gedacht war? Im Internet findet man auch nichts über die Seite und ich kann mir nicht vorstellen woher ich einen Virus haben könnte oder wieso sich diese Seite geöffnet hat?! Windows Defender und Malwarebytes haben beide nichts gefunden.

Hier ein Screenshot der Seite im Preview von Firefox: hxxp://i.imgur.com/jmkVGK1.png

Hier noch der Quellcode von dem iframe auf eat-everything.com (also nicht die seite die sich bei mir geöffnet hat sondern die startseite - eher unwichtig):
hxxp://pastebin.com/mQ2dkMk6 (Der Beitrag hatte zu viele Zeichen, deshalb Pastebin)

FRST:
hxxp://pastebin.com/Z5X5Tidi (Der Beitrag hatte zu viele Zeichen, deshalb Pastebin)

FRST Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-08-2014
Ran by ***** at 2014-08-03 16:53:38
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Muse CC 2014 (HKLM\...\{EC6FE191-AC85-4647-AE1E-8DE98D1E9737}) (Version: 2014.0.1.30 - Adobe Systems, Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Capsized (HKLM-x32\...\Steam App 95300) (Version:  - Alientrap Games Inc)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version:  - Brace Yourself Games)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Delver (HKLM-x32\...\Steam App 249630) (Version:  - Chad Alan Cuddigan)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
FileZilla Client 3.9.0 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0 - Tim Kosse)
Folk Tale (HKLM-x32\...\Steam App 224440) (Version:  - Games Foundry)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
GameMaker-Studio 1.3 (HKCU\...\GameMaker-Studio13) (Version:  - YoYo Games Ltd.)
GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version:  - Robotronic Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Gothic (HKLM-x32\...\Gothic) (Version: 1.32 - JoWooD Software Productions AG)
Gothic II (HKLM-x32\...\Gothic II) (Version:  - JoWooD Productions Software AG)
Gothic_Patch (HKLM-x32\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version:  - )
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - )
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.11.12 - Oracle, Inc.) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
King Arthur's Gold (HKLM-x32\...\Steam App 219830) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Nether (HKLM-x32\...\Steam App 247730) (Version:  - Phosphor Games)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Nuclear Throne (HKLM-x32\...\Steam App 242680) (Version:  - Vlambeer)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Opera Stable 23.0.1522.60 (HKLM-x32\...\Opera 23.0.1522.60) (Version: 23.0.1522.60 - Opera Software ASA)
Plantronics® GameCom 780 Software for Dolby® Headphone (HKLM-x32\...\{EB3C9064-9140-4279-9E51-965119402151}) (Version: 1.00.0001 - Plantronics)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
Stronghold HD (HKLM-x32\...\Steam App 40950) (Version:  - FireFly Studios)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-4 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

22-07-2014 19:19:04 DirectX wurde installiert
26-07-2014 21:48:17 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
29-07-2014 18:34:52 DirectX wurde installiert
02-08-2014 18:02:16 Installiert The Sims 3

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1CE5B460-A06A-4C57-A405-B51FB124C3EF} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-laubori@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3F679A40-C5B2-4747-BE3F-0FFA402F6B5B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-26] (Microsoft Corporation)
Task: {42981121-0F14-45A5-AFD5-9CB92D8A7710} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {43B43204-37D9-4985-B024-B788A1F3C665} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5D44E3F2-92EC-46C8-A4B1-A87EF1F79C0A} - System32\Tasks\Opera scheduled Autoupdate 1406232508 => C:\Program Files (x86)\Opera\launcher.exe [2014-07-18] (Opera Software)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8C4D147A-3539-4871-B1DA-7117AD926889} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23] (Google Inc.)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B933E5D2-FD5D-4F8A-B8CF-7E61A7C49E66} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-22] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E9D8CC79-9C45-44AD-81B4-9642160734A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-21 20:09 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-16 11:06 - 2014-07-16 11:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-07-29 16:32 - 2014-04-22 00:30 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-07-21 21:26 - 2011-12-01 21:15 - 00777448 ____N () C:\Program Files\Plantronics\GameCom780\GameCom780.exe
2014-07-22 21:44 - 2014-07-22 21:45 - 01849856 _____ () C:\Program Files\WindowsApps\Microsoft.BingMaps_2.1.2922.2139_x64__8wekyb3d8bbwe\Map.exe
2014-07-24 04:28 - 2014-07-24 04:28 - 07766016 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Map\3ca95742e2c5e8883f67b2f949e56ecb\Map.ni.exe
2014-07-22 17:35 - 2014-07-22 17:35 - 05185024 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\58afb3c922fe504503f07ade2e88ccfb\Windows.UI.Xaml.ni.dll
2014-07-22 17:35 - 2014-07-22 17:35 - 01782784 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\43b92b6dbc9eb61983817ea32346d510\Windows.ApplicationModel.ni.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 01124352 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\DataTypes\fa486a70ed97d59941527d9a47aa2a1a\DataTypes.ni.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 01495040 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Bing.Maps\0ae84f5d2d44afba35157d6396e4a277\Bing.Maps.ni.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 00445440 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Utilities\d4e2aca8cd4c052f8ba49069ca70aaca\Utilities.ni.dll
2014-07-22 17:35 - 2014-07-22 17:35 - 02019840 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Devices\0b4b3f23bdebd1d056b32b31e2f746bb\Windows.Devices.ni.dll
2014-07-22 17:35 - 2014-07-22 17:35 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\057b7043f4868b76c209d9c426b80743\Windows.Foundation.ni.dll
2014-07-22 17:35 - 2014-07-22 17:35 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\d1c5274ccd6fb2b4b5dbddd0f0ca6c6e\Windows.System.ni.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 01092096 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.Bc95a2f00#\66d187ea5fef2024c3adc4e8960730f2\Microsoft.Bing.Platform.Logging.ClientWinRT.ni.dll
2014-07-22 17:35 - 2014-07-22 17:35 - 01278464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\ba65f033632f4fc480cc45bc72bf25e4\Windows.Storage.ni.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 00616960 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Requests\ca03e68dd9b03edf8926f14b5ded96a4\Requests.ni.dll
2014-07-22 17:35 - 2014-07-22 17:35 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\926020eb508f6968545d6a51fb661fad\Windows.UI.ni.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 00086016 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\ConfigModels\b5ea1859fb928f72186b9c1305f0ed65\ConfigModels.ni.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 00212992 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\ConfigManager\acf641dddec500f05d6fad5242a56c3d\ConfigManager.ni.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 00066048 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Search\fa9b388d7847f1ad3e06b69246a7aeca\Search.ni.dll
2014-07-22 17:35 - 2014-07-22 17:35 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f6e236cd6041c81411f85852722670b\Windows.Networking.ni.dll
2014-07-22 17:35 - 2014-07-22 17:35 - 00347136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\94e2bc13589233f9d2cc54292717b8cf\Windows.Globalization.ni.dll
2014-07-22 17:35 - 2014-07-22 17:35 - 00632320 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Security\00ce12e0481a881d419350afd79395ef\Windows.Security.ni.dll
2014-07-22 17:35 - 2014-07-22 17:35 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\d07f690ce5d3a2de7c9089a6200d64db\Windows.Data.ni.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 00247808 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Authentication\6b2c72622abd25077a73502ba4c074e1\Authentication.ni.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 00193024 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Autosuggest\d782aec09331f963f01f3c46a936255f\Autosuggest.ni.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 00269312 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\MapClientGraph\16220c0e8221199aab5163f3af00787c\MapClientGraph.ni.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 00496640 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.B2384b708#\db55843d9e2ec1f1bd517bec4fcfdb54\Microsoft.Bing.Client.Graph.ni.dll
2014-07-22 17:35 - 2014-07-22 17:35 - 00467456 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\ea818a24554fc2db9a73de1e79afb286\Windows.Graphics.ni.dll
2014-07-22 21:44 - 2014-07-22 21:45 - 02364928 _____ () C:\Program Files\WindowsApps\Microsoft.BingMaps_2.1.2922.2139_x64__8wekyb3d8bbwe\Microsoft.Bing.Client.Graph.dll
2014-07-24 04:28 - 2014-07-24 04:28 - 00163840 _____ () C:\Users\*****\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\ActivationUrl\ac228f164c42fd238594ae59fc889c18\ActivationUrl.ni.dll
2014-05-08 03:35 - 2014-05-08 03:35 - 00470728 _____ () C:\Program Files\Adobe\Adobe Photoshop CC 2014\aif_core.dll
2014-05-08 03:36 - 2014-05-08 03:36 - 02605256 _____ () C:\Program Files\Adobe\Adobe Photoshop CC 2014\aif_ogl.dll
2014-05-08 03:35 - 2014-05-08 03:35 - 00170184 _____ () C:\Program Files\Adobe\Adobe Photoshop CC 2014\aif_ocl.dll
2014-07-21 21:26 - 2011-12-01 21:16 - 00150760 ____N () C:\Program Files\Plantronics\GameCom780\VmixPLGC.dll
2014-07-21 20:44 - 2014-07-12 02:53 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-07-21 20:44 - 2014-07-12 02:53 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-07-21 20:44 - 2014-07-12 02:53 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-07-21 20:44 - 2014-07-12 02:53 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-07-21 20:44 - 2014-06-27 00:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-07-21 20:44 - 2014-07-16 04:28 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-07-21 20:44 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-07-21 20:44 - 2014-07-16 04:28 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-07-21 20:44 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-07-23 00:48 - 2014-07-23 00:48 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\*****\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/02/2014 08:00:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.18.0.105, Zeitstempel: 0x53b3f36a
Name des fehlerhaften Moduls: Skype.exe, Version: 6.18.0.105, Zeitstempel: 0x53b3f36a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00940b70
ID des fehlerhaften Prozesses: 0xe5c
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Vollständiger Name des fehlerhaften Pakets: Skype.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Skype.exe5

Error: (08/01/2014 02:02:16 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (08/01/2014 01:18:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20498 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13f8

Startzeit: 01cfad79a0c0dc06

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 9503d75e-196d-11e4-825c-00270e06e4f2

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (08/01/2014 01:15:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CoreSync.exe, Version: 1.3.0.342, Zeitstempel: 0x53c64280
Name des fehlerhaften Moduls: CoreSync.exe, Version: 1.3.0.342, Zeitstempel: 0x53c64280
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003e4ce
ID des fehlerhaften Prozesses: 0x233c
Startzeit der fehlerhaften Anwendung: 0xCoreSync.exe0
Pfad der fehlerhaften Anwendung: CoreSync.exe1
Pfad des fehlerhaften Moduls: CoreSync.exe2
Berichtskennung: CoreSync.exe3
Vollständiger Name des fehlerhaften Pakets: CoreSync.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CoreSync.exe5

Error: (07/29/2014 09:37:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (07/29/2014 09:37:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (07/29/2014 09:37:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (07/29/2014 09:37:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (07/29/2014 09:37:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (07/29/2014 09:37:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.


System errors:
=============
Error: (08/02/2014 07:58:40 PM) (Source: e1iexpress) (EventID: 24) (User: )
Description: Gigabit-Netzwerkverbindung Intel(R) 82578DC

Error: (08/02/2014 07:58:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎02.‎08.‎2014 um 16:32:46 unerwartet heruntergefahren.

Error: (08/02/2014 03:50:17 AM) (Source: DCOM) (EventID: 10010) (User: WUPTO-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (08/02/2014 03:50:17 AM) (Source: DCOM) (EventID: 10010) (User: WUPTO-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (08/02/2014 03:50:17 AM) (Source: DCOM) (EventID: 10010) (User: WUPTO-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (08/02/2014 03:50:17 AM) (Source: DCOM) (EventID: 10010) (User: WUPTO-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (07/31/2014 03:34:32 AM) (Source: DCOM) (EventID: 10010) (User: WUPTO-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (07/31/2014 03:34:32 AM) (Source: DCOM) (EventID: 10010) (User: WUPTO-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (07/29/2014 11:13:21 PM) (Source: DCOM) (EventID: 10010) (User: WUPTO-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (07/29/2014 11:13:21 PM) (Source: DCOM) (EventID: 10010) (User: WUPTO-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office Sessions:
=========================
Error: (08/02/2014 08:00:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe6.18.0.10553b3f36aSkype.exe6.18.0.10553b3f36ac000000500940b70e5c01cfae7ba8fcaacdC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exee93b3452-1a6e-11e4-825d-9d086d4c752d

Error: (08/01/2014 02:02:16 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883

Error: (08/01/2014 01:18:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2049813f801cfad79a0c0dc064294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe9503d75e-196d-11e4-825c-00270e06e4f2microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (08/01/2014 01:15:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CoreSync.exe1.3.0.34253c64280CoreSync.exe1.3.0.34253c64280c00000050003e4ce233c01cfad79b63a978cC:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exeC:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe13db0b60-196d-11e4-825c-00270e06e4f2

Error: (07/29/2014 09:37:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d

Error: (07/29/2014 09:37:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d

Error: (07/29/2014 09:37:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d

Error: (07/29/2014 09:37:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d

Error: (07/29/2014 09:37:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d

Error: (07/29/2014 09:37:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d


==================== Memory info =========================== 

Percentage of memory in use: 25%
Total physical RAM: 12278.45 MB
Available physical RAM: 9114.62 MB
Total Pagefile: 14134.45 MB
Available Pagefile: 8793.77 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:725.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 0004F85C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Gmer scheint bei mir nicht zu funktionieren. (Fehler: Gmer.exe funktioniert nicht mehr - auch nicht im Kompatiblitätsmodus von Windows 7)

schrauber · 03.08.2014, 16:27

hi,

FRST.txt fehlt noch.

laubori · 03.08.2014, 16:35

Hi, den hab ich auf Pastebin hochgeladen, da mein Beitrag zu viele Zeichen hatte, falls das so in Ordnung ist?

schrauber · 04.08.2014, 10:15

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

03.08.2014, 16:27	#2
schrauber /// the machine /// TB-Ausbilder	Windows 8.1: Seltsamer Tab öffnet sich im Browser automatisch während Videospiel hi, FRST.txt fehlt noch. __________________ __________________

Windows 8.1: Seltsamer Tab öffnet sich im Browser automatisch während Videospiel

Plagegeister aller Art und deren Bekämpfung: Windows 8.1: Seltsamer Tab öffnet sich im Browser automatisch während Videospiel