| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PUP.optional.startfenster entfernen - vlc.deWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
15.09.2022, 08:36
| #1 |
| |  PUP.optional.startfenster entfernen - vlc.de Guten Morgen zusammen, gestern Abend bin ich tatsächlich auf vlc.de reingefallen. Seit 15 Jahren bin ich clean unterwegs, aber gestern habe ich leider erst nach der Installation verstanden, dass VLC nicht ihr prägnantes Logo geändert haben, sondern dass ich auf eine Fakeseite reingefallen bin. Naja passiert, habe dann auch direkt diesen Thread hier im Forum gefunden: PUP Optional Startfenster Ich habe gestern nach der Installation komplett den VLC-Player + Updater deinstalliert. Danach habe ich den Adwcleaner drüber laufen lassen und er hat "pup.optional.startfenster" gefunden und als Unerpunkt steht "Chrome-Suchanbieter - Websuche". Daraufhin habe ich den oben genannten Thread genutzt, um die Schritte abzuarbeiten. Ich muss aber dazu sagen, dass ich, als ich mir FRST nach diesem Thread runtergeladen habe, eine Meldung vom Windows Defender bekommen habe, das ein Trojaner drauf ist und HitmanPro hatte dann auch einen CoinMiner gefunden, der vorher nicht da war. Konnte aber beides direkt gelöscht werden. Und bei FRST hatte ich nicht die Möglichkeit auf den Entfernen-Button zu klicken, wie im Thread erwähnt, da ich keinen Entfernen-Button hab. Nun gut, jetzt die Logdateien: Adwcleanerlog: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-08-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-15-2022
# Duration: 00:00:10
# OS: Windows 10 Pro
# Scanned: 32100
# Detected: 1
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
PUP.Optional.StartFenster Websuche
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [2211 octets] - [28/09/2020 09:41:06]
AdwCleaner[C00].txt - [2235 octets] - [28/09/2020 09:41:59]
AdwCleaner[S01].txt - [1527 octets] - [08/10/2020 07:43:27]
AdwCleaner[C01].txt - [1717 octets] - [08/10/2020 07:43:58]
AdwCleaner[S02].txt - [1649 octets] - [14/10/2020 08:39:11]
AdwCleaner[S03].txt - [1753 octets] - [11/11/2020 20:03:05]
AdwCleaner[C03].txt - [1923 octets] - [11/11/2020 20:05:57]
AdwCleaner[S04].txt - [1832 octets] - [13/11/2020 16:45:15]
AdwCleaner[S05].txt - [1893 octets] - [13/11/2020 17:37:01]
AdwCleaner[C05].txt - [2083 octets] - [13/11/2020 17:37:10]
AdwCleaner[S06].txt - [2077 octets] - [17/12/2020 13:23:45]
AdwCleaner[C06].txt - [2247 octets] - [17/12/2020 13:26:49]
AdwCleaner[S07].txt - [2137 octets] - [17/12/2020 14:45:15]
AdwCleaner[S08].txt - [2198 octets] - [16/06/2021 07:51:22]
AdwCleaner[C08].txt - [2388 octets] - [16/06/2021 07:51:34]
AdwCleaner[S09].txt - [2320 octets] - [09/07/2021 15:38:21]
AdwCleaner[S10].txt - [2381 octets] - [02/08/2021 12:05:55]
AdwCleaner[S11].txt - [2442 octets] - [25/08/2021 14:03:28]
AdwCleaner[C11].txt - [2632 octets] - [25/08/2021 14:03:44]
AdwCleaner[S12].txt - [2564 octets] - [01/10/2021 14:00:17]
AdwCleaner[S13].txt - [2625 octets] - [02/11/2021 07:13:24]
AdwCleaner[S14].txt - [2686 octets] - [27/11/2021 17:48:05]
AdwCleaner[C14].txt - [2876 octets] - [27/11/2021 17:48:34]
AdwCleaner[S15].txt - [2808 octets] - [19/12/2021 15:12:30]
AdwCleaner[S16].txt - [2869 octets] - [28/12/2021 11:41:21]
AdwCleaner[S17].txt - [2930 octets] - [04/01/2022 09:55:57]
AdwCleaner[S18].txt - [2991 octets] - [04/05/2022 18:24:59]
AdwCleaner[S19].txt - [3052 octets] - [22/05/2022 00:19:47]
AdwCleaner[S20].txt - [3113 octets] - [24/05/2022 11:09:15]
AdwCleaner[S21].txt - [3174 octets] - [07/08/2022 01:14:02]
AdwCleaner[S22].txt - [3235 octets] - [09/08/2022 13:40:52]
AdwCleaner[S23].txt - [3296 octets] - [26/08/2022 09:37:11]
AdwCleaner[S24].txt - [3568 octets] - [14/09/2022 22:04:14]
AdwCleaner[S25].txt - [3425 octets] - [14/09/2022 22:07:36]
AdwCleaner[S26].txt - [3486 octets] - [14/09/2022 22:10:29]
AdwCleaner[C26].txt - [3656 octets] - [14/09/2022 22:11:17]
AdwCleaner[S27].txt - [3608 octets] - [14/09/2022 22:12:32]
AdwCleaner[C27].txt - [3828 octets] - [14/09/2022 22:14:21]
AdwCleaner[S28].txt - [3730 octets] - [14/09/2022 22:15:14]
AdwCleaner[C28].txt - [3950 octets] - [14/09/2022 22:22:03]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S29].txt ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
durchgeführt von deniz (Administrator) auf DESKTOP-257JBJM (Micro-Star International Co., Ltd MS-7C02) (15-09-2022 07:23:11)
Gestartet von C:\Users\deniz\Downloads
Geladene Profile: deniz
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.2006 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCopyAccelerator.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.101.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(explorer.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.2.0\ABService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18630280 2018-05-07] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH) [Datei ist nicht signiert]
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2021-07-26] (Adobe Inc. -> )
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [126328160 2021-11-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234600 2022-08-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2021-07-26] (Adobe Inc. -> )
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\deniz\AppData\Local\Microsoft\Teams\Update.exe [2576128 2022-09-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [E-MU USB Audio Control Panel] => C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe [319488 2010-11-11] (E-MU Systems) [Datei ist nicht signiert]
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [819888 2022-03-16] (OpenVPN Inc. -> )
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [GoogleChromeAutoLaunch_2BA8F60ECFBFE87EA407B9C5C6AAA578] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2860320 2022-09-02] (Google LLC -> Google LLC)
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\Run: [VLC Plus Player Updater] => C:\Users\deniz\AppData\Local\VLC Plus Player Updater\Updater.exe [208336 2022-09-14] (Aller Media e.K. -> ) <==== ACHTUNG
HKU\S-1-5-21-1798280388-614632519-694548969-1001\...\RunOnce: [FinalSetup] => C:\Windows\system32\url.dll [236032 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\105.0.5195.102\Installer\chrmstp.exe [2022-09-03] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{F69213F0-C729-C1BC-6234-7B824B6A4267}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2019-09-04]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.) [Datei ist nicht signiert]
Startup: C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-04-27]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logseq.lnk [2022-02-28]
ShortcutTarget: Logseq.lnk -> C:\Users\deniz\AppData\Local\Logseq\Logseq.exe (Logseq) [Datei ist nicht signiert]
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {16D4A853-C52A-440C-AC51-39D6932133BA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113560 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B180D2D-4F66-43A2-9B09-A611E2E2AC71} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CF365FB-CC13-4E77-B15F-2474D77210AC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23706576 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {218E9418-E25B-469D-8DEE-C795DF124810} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D937FA0-5217-430E-8E42-C5164B413063} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1798280388-614632519-694548969-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4154248 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {2EAEF139-D504-49DC-9316-40D6F0339274} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1555696 2022-08-03] (Adobe Inc. -> Adobe Inc.)
Task: {3406F6AA-5FE9-4F0B-8BF6-A9A6D2B591BB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {389F1C54-917C-44F9-8025-13E240EA66D1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113560 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {3ABC01A0-9F75-48F5-9DD5-E3B197D30294} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3853976 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {3FC53220-4F66-467D-8896-F9339FDB6AFA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {463D1D97-7B93-45C3-A249-276CD7D06FF0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {50BCB29F-37DA-48DD-84E1-C263CE26D5D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-01] (Google LLC -> Google LLC)
Task: {50CE9C55-D5F9-4596-8168-BC1F83CC4EA7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23706576 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {54797F91-E73A-4F72-8238-6C0BF146B2DD} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {5AC70C13-3847-4383-9B61-AD20082905BD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1 (Keine Datei)
Task: {5C0ADAB3-1D11-4A86-8EBF-642C23243D8E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Keine Datei)
Task: {725E0E1E-7415-451E-ACC3-7B314A7606CE} - System32\Tasks\RemoteDesktop\deniz\Remote Desktop Feed Refresh Task => C:\Users\deniz\AppData\Local\Apps\Remote Desktop\msrdcw.exe [9391536 2022-09-08] (Microsoft Corporation -> Microsoft)
Task: {802BA2E5-546E-422A-B1FF-D4B5F6426BE1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81DCB042-4368-43F8-A23C-D4372DE33FCC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Keine Datei)
Task: {8A87E267-9FEE-4D9C-87CA-537D22A07976} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92AF700C-FF02-4DDD-AE8D-25D7A0D7764F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A04C0A57-714B-458A-B61D-CF541760C52F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6B0D587-2D7D-424C-96CA-5DA37E917548} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {C563400F-AEB2-4364-85D4-642D3B4504B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {C94C309D-9961-411C-A983-6B8E337E62F4} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-06-22] (Microsoft Corporation -> Microsoft)
Task: {C9D8C7CB-7EEC-4A00-9C6C-7B62B6FC7754} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6601184 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD08136B-6E4C-4383-88B4-8DE5D84C1F1B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4154248 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D382437B-210B-4F1B-B705-3980C138172B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF15420D-E162-4D2C-B0B4-E35FD8D3D860} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {E0BD7ABC-3E5F-4E6C-ACA6-0CFE3930B46D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EA3FD7C6-53DC-4068-9803-FA01EA71B37F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB3FC06E-C806-4CB2-A19A-46B4469EF8D4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6601184 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBB99C66-5489-4B93-B087-C94F68EC8EFD} - System32\Tasks\VLC Plus Player Updater => C:\Users\deniz\AppData\Local\VLC [Argument = Plus Player Updater\Updater.exe]
Task: {ECC262FC-EDC8-4102-9637-C011A2D33F45} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ECD56C44-27C3-4782-A016-77ADB0BBF15E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F97E8D4E-86DD-4C10-B0BE-4E8F952FB7F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-01] (Google LLC -> Google LLC)
Task: {FB3278B7-EC3E-451D-BF16-02E7AC2DB876} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{15ef4eb5-d39b-4e25-a3ff-9ebc0d8dc8e4}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5001967f-b754-4f3d-9ad2-4557837ef19e}: [DhcpNameServer] 172.25.0.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\deniz\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-30]
FireFox:
========
FF DefaultProfile: 8lgqry44.default
FF ProfilePath: C:\Users\deniz\AppData\Roaming\Mozilla\Firefox\Profiles\8lgqry44.default [2019-09-04]
FF ProfilePath: C:\Users\deniz\AppData\Roaming\Mozilla\Firefox\Profiles\j1rv7zsk.default-release-1571035822549 [2022-09-14]
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\deniz\AppData\Roaming\Mozilla\Firefox\Profiles\j1rv7zsk.default-release-1571035822549\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-06-25] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (Bitwarden - Kostenloser Passwortmanager) - C:\Users\deniz\AppData\Roaming\Mozilla\Firefox\Profiles\j1rv7zsk.default-release-1571035822549\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2022-08-10]
FF Extension: (ColorZilla) - C:\Users\deniz\AppData\Roaming\Mozilla\Firefox\Profiles\j1rv7zsk.default-release-1571035822549\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2020-08-02]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-09-08] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-04-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default [2022-09-15]
CHR Extension: (Rabby) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmacodkjbdgmoleebolmdjonilkdbch [2022-09-14]
CHR Extension: (Productor for Merch by Amazon) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\almiakmbepejhcjnfhhjkcfabeepefno [2022-09-14]
CHR Extension: (AMZ Suggestion Expander) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpeaihkccbeemkfefcapijechkbfjlhb [2022-08-31]
CHR Extension: (Productor for Merch by Amazon Autopilot) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\egacpbbnghmjilffefkeeeiodlijbbej [2022-08-09]
CHR Extension: (AMZSprout) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnhnioaedoaejmjcpjlniaonmiinnphh [2020-12-02]
CHR Extension: (Google Docs Offline) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
CHR Extension: (SeoStack Keyword Tool) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\labjajhkfjfncpiddbgdimcaldgeognn [2020-10-12]
CHR Extension: (Save to Notion) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmmifpegigmeammaeckplhnjbbpccmm [2022-09-13]
CHR Extension: (MetaMask) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-09-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Bitwarden - Kostenloser Passwortmanager) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-08-06]
CHR Extension: (Productor for Spreadshirt) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcleedpkdpfooafagigglockmighelee [2022-06-29]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172264 2022-08-03] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.2.0\ABService.exe [898216 2020-11-17] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12126112 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-05-30] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [25514952 2021-08-22] (FACE IT LIMITED -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncHelper.exe [3380624 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [224320 2022-08-19] (HP Inc. -> HP Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-05-07] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-09-14] (Malwarebytes Inc. -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.166.0807.0002\OneDriveUpdaterService.exe [3800976 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64176 2022-03-16] (OpenVPN Inc. -> The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2022-09-13] () [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13086224 2020-07-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1001736 2020-10-25] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [31248 2020-12-22] (AOMEI International Network Limited -> )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [12278776 2021-08-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-05-07] (Logitech Inc -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2018-05-07] (Logitech Inc -> Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-09-14] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2022-04-10] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2022-04-10] (WireGuard LLC -> WireGuard LLC)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-09-15 07:23 - 2022-09-15 07:23 - 000031163 _____ C:\Users\deniz\Downloads\FRST.txt
2022-09-15 07:23 - 2022-09-15 07:23 - 000000000 ____D C:\Users\deniz\Downloads\FRST-OlderVersion
2022-09-15 07:22 - 2022-09-15 07:23 - 002371072 _____ (Farbar) C:\Users\deniz\Downloads\FRST64.exe
2022-09-15 07:22 - 2022-09-15 07:23 - 000000000 ____D C:\FRST
2022-09-15 07:16 - 2022-09-15 07:21 - 000000000 ____D C:\Users\deniz\Desktop\vlc de problem
2022-09-15 07:16 - 2022-09-15 07:16 - 000000000 ____D C:\Users\deniz\AppData\Local\VLC Plus Player Updater
2022-09-15 07:15 - 2022-09-15 07:15 - 008551608 _____ (Malwarebytes) C:\Users\deniz\Desktop\adwcleaner.exe
2022-09-15 07:09 - 2022-09-15 07:09 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-09-14 22:21 - 2022-09-14 22:21 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-09-14 22:21 - 2022-09-14 22:21 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-09-14 22:21 - 2022-09-14 22:21 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-09-14 22:21 - 2022-09-14 22:21 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-09-14 22:21 - 2022-09-14 22:21 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-09-14 22:20 - 2022-09-14 22:20 - 002638472 _____ (Malwarebytes) C:\Users\deniz\Downloads\MBSetup.exe
2022-09-14 22:20 - 2022-09-14 22:20 - 000000000 ____D C:\Program Files\Malwarebytes
2022-09-14 18:43 - 2022-09-14 18:43 - 000003446 _____ C:\WINDOWS\system32\Tasks\VLC Plus Player Updater
2022-09-14 18:41 - 2022-09-14 18:41 - 000208336 _____ C:\Users\deniz\Desktop\vlc-setup-win64.exe
2022-09-14 15:50 - 2022-09-14 15:50 - 000108100 _____ C:\Users\deniz\Downloads\ZusammenfassungModul4PDF.pdf
2022-09-14 15:30 - 2022-09-14 15:30 - 000065901 _____ C:\Users\deniz\Downloads\aufgaben-python-modul-4.pdf
2022-09-14 14:48 - 2022-09-14 14:48 - 004038961 _____ C:\Users\deniz\Downloads\Der_schnelle_Einstieg_in_Python.pdf
2022-09-14 08:57 - 2022-09-14 08:57 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-14 08:57 - 2022-09-14 08:57 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-14 08:57 - 2022-09-14 08:57 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-14 08:57 - 2022-09-14 08:57 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-09-14 08:57 - 2022-09-14 08:57 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-14 08:53 - 2022-09-14 08:53 - 000000000 ___HD C:\$WinREAgent
2022-09-12 18:35 - 2022-09-12 18:35 - 000000000 ____D C:\Users\deniz\AppData\Roaming\com.adobe.dunamis
2022-09-12 18:19 - 2022-09-12 18:19 - 000000222 _____ C:\Users\deniz\Desktop\They Bleed Pixels.url
2022-09-12 16:58 - 2022-09-12 16:58 - 000051670 _____ C:\Users\deniz\Downloads\aufgaben-python-modul-3.pdf
2022-09-12 16:07 - 2022-09-12 16:07 - 003341960 _____ C:\Users\deniz\Downloads\Mr. President - Simbaleo (1999)-MP4.m4a
2022-09-11 11:33 - 2022-09-11 12:07 - 100394708 _____ C:\Users\deniz\Desktop\CarlaFlyer.psd
2022-09-11 10:38 - 2022-09-11 10:38 - 025833863 _____ C:\Users\deniz\Downloads\Pizza Flyer Images-20220911T083805Z-001.zip
2022-09-11 10:38 - 2022-09-11 10:38 - 000000000 ____D C:\Users\deniz\Downloads\Pizza Flyer Images-20220911T083805Z-001
2022-09-10 11:00 - 2022-09-10 11:00 - 000000000 ____D C:\Users\deniz\AppData\Local\pip
2022-09-10 10:59 - 2022-09-10 10:59 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.10
2022-09-10 10:59 - 2022-09-10 10:59 - 000000000 ____D C:\Users\deniz\AppData\Local\Package Cache
2022-09-10 10:58 - 2022-09-10 10:58 - 000000101 _____ C:\Users\deniz\.gitconfig
2022-09-10 10:58 - 2022-09-10 10:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2022-09-10 10:58 - 2022-09-10 10:58 - 000000000 ____D C:\Program Files\Git
2022-09-10 10:49 - 2022-09-14 16:27 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Code
2022-09-10 10:49 - 2022-09-13 19:25 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2022-09-10 10:49 - 2022-09-10 10:49 - 028953568 _____ (Python Software Foundation) C:\Users\deniz\Downloads\python-3.10.7-amd64.exe
2022-09-10 10:49 - 2022-09-10 10:49 - 000001400 _____ C:\Users\deniz\Desktop\Visual Studio Code.lnk
2022-09-10 10:49 - 2022-09-10 10:49 - 000000000 ____D C:\Users\deniz\.vscode
2022-09-10 10:48 - 2022-09-10 10:48 - 049375864 _____ (The Git Development Community ) C:\Users\deniz\Downloads\Git-2.37.3-64-bit.exe
2022-09-08 13:19 - 2022-09-08 13:19 - 000000000 ____D C:\Users\deniz\AppData\LocalLow\StoneLantern
2022-09-08 09:37 - 2022-09-08 09:37 - 000000223 _____ C:\Users\deniz\Desktop\Evergate Ki's Awakening.url
2022-09-07 14:21 - 2022-09-07 19:50 - 000000000 ____D C:\Users\deniz\Desktop\LauraArmandoFotos
2022-09-07 14:07 - 2022-09-07 16:31 - 000000000 ___RD C:\Users\deniz\Dropbox
2022-09-07 14:06 - 2022-09-07 14:07 - 000000000 ____D C:\Users\deniz\AppData\Roaming\DropboxElectron
2022-09-07 14:04 - 2022-09-07 14:04 - 000655232 _____ (Dropbox, Inc.) C:\Users\deniz\Downloads\DropboxInstaller.exe
2022-09-07 10:46 - 2022-09-07 19:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-09-07 08:16 - 2022-09-07 08:16 - 000000000 ____D C:\Users\deniz\Downloads\vecteezy_world-diabetes-day-logo-or-banner-with-blood-on-finger-and-glucosure-autocode-illustration_1520184
2022-09-07 08:16 - 2022-09-07 08:16 - 000000000 ____D C:\Users\deniz\Downloads\vecteezy_world-diabetes-day-logo-or-banner-with-blood-drop-on-finger-illustration_1778011
2022-09-07 08:16 - 2022-09-07 08:16 - 000000000 ____D C:\Users\deniz\Downloads\vecteezy_world-diabetes-day-concept-in-flat-design_3316765
2022-09-05 14:18 - 2022-09-05 14:18 - 000049536 _____ (Python Software Foundation) C:\WINDOWS\pyshellext.amd64.dll
2022-09-05 14:17 - 2022-09-05 14:17 - 000736640 _____ (Python Software Foundation) C:\WINDOWS\pyw.exe
2022-09-05 14:17 - 2022-09-05 14:17 - 000736128 _____ (Python Software Foundation) C:\WINDOWS\py.exe
2022-08-31 08:39 - 2022-08-31 08:39 - 000000223 _____ C:\Users\deniz\Desktop\Greak Memories of Azur.url
2022-08-30 13:59 - 2022-08-30 13:59 - 000000000 ____D C:\Users\deniz\AppData\Local\Unbound
2022-08-30 12:59 - 2022-08-30 12:59 - 000000222 _____ C:\Users\deniz\Desktop\Unbound Worlds Apart.url
2022-08-23 18:08 - 2022-08-23 18:08 - 000020458 _____ C:\Users\deniz\Downloads\abmeldung_bmg.pdf
2022-08-22 14:20 - 2022-08-22 14:20 - 000000896 _____ C:\Users\deniz\Desktop\WiseTransaktionen8.csv
2022-08-22 14:16 - 2022-08-22 14:19 - 000010401 _____ C:\Users\deniz\Desktop\WiseTransaktionen8.xlsx
2022-08-18 20:46 - 2022-08-18 20:46 - 000000000 ____D C:\ESD
2022-08-18 20:45 - 2022-08-18 20:45 - 000000000 ___HD C:\$Windows.~WS
2022-08-18 20:45 - 2022-08-18 20:45 - 000000000 ____D C:\$WINDOWS.~BT
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-09-15 07:20 - 2020-12-22 13:08 - 000000104 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2022-09-15 07:20 - 2020-12-22 13:06 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2022-09-15 07:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-15 07:20 - 2019-09-03 22:38 - 000000000 ____D C:\ProgramData\NVIDIA
2022-09-15 07:17 - 2021-09-08 15:22 - 000000000 ____D C:\Users\deniz\AppData\Local\rdclientwpf
2022-09-15 07:17 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-09-15 07:17 - 2019-09-04 06:53 - 000000000 ____D C:\Users\deniz\AppData\LocalLow\Mozilla
2022-09-15 07:16 - 2020-12-18 18:29 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-15 07:16 - 2019-12-07 16:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat
2022-09-15 07:16 - 2019-12-07 16:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat
2022-09-15 07:15 - 2022-02-28 10:15 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Logseq
2022-09-15 07:11 - 2020-06-06 23:28 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-15 07:10 - 2020-12-15 10:55 - 000000000 ___RD C:\Users\deniz\iCloudDrive
2022-09-15 07:09 - 2020-09-27 09:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-15 07:09 - 2020-08-13 19:29 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-15 07:09 - 2019-10-24 13:00 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-09-14 23:13 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-09-14 23:11 - 2020-09-27 07:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-14 22:21 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-09-14 22:20 - 2020-12-18 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-09-14 22:10 - 2019-09-04 06:52 - 000000000 ____D C:\Program Files (x86)\Steam
2022-09-14 20:23 - 2021-06-14 07:51 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Notion
2022-09-14 19:52 - 2020-10-14 19:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-09-14 17:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-14 17:21 - 2020-09-27 07:33 - 000515040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-14 17:20 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-14 11:44 - 2022-02-09 10:40 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-14 11:36 - 2019-12-07 16:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-09-14 09:06 - 2020-04-30 13:28 - 000000000 ____D C:\ProgramData\Riot Games
2022-09-14 08:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-14 08:57 - 2020-09-27 09:35 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-14 08:57 - 2019-09-03 22:33 - 000000000 ____D C:\Users\deniz\Documents\Outlook-Dateien
2022-09-14 08:49 - 2019-09-04 11:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-14 08:47 - 2019-09-04 11:07 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-14 06:34 - 2019-09-04 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2022-09-13 20:16 - 2021-09-24 07:41 - 000000000 ____D C:\Users\deniz\AppData\Roaming\discord
2022-09-13 20:11 - 2021-09-24 07:40 - 000000000 ____D C:\Users\deniz\AppData\Local\Discord
2022-09-13 18:29 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-13 16:07 - 2022-08-07 10:49 - 000001047 _____ C:\Users\Public\Desktop\Remote Mouse.lnk
2022-09-13 16:07 - 2022-08-07 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2022-09-13 16:07 - 2022-08-07 10:49 - 000000000 ____D C:\Program Files (x86)\Remote Mouse
2022-09-13 16:07 - 2019-09-05 20:47 - 000000000 ____D C:\Users\deniz\AppData\Local\CrashDumps
2022-09-13 00:07 - 2019-12-16 00:49 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Sky Go
2022-09-12 23:08 - 2021-09-13 12:10 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Anki2
2022-09-12 18:33 - 2021-11-23 18:57 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-09-12 18:33 - 2021-11-23 18:57 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-09-12 18:33 - 2020-12-18 18:29 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-09-12 16:22 - 2019-09-03 22:27 - 000000000 ____D C:\Users\deniz\AppData\Local\Packages
2022-09-12 14:37 - 2019-09-03 22:52 - 000000000 ____D C:\Users\deniz\AppData\Local\D3DSCache
2022-09-11 14:07 - 2022-02-09 17:21 - 000000000 ____D C:\Users\deniz\Desktop\bilder
2022-09-11 00:12 - 2022-06-11 00:16 - 000001042 _____ C:\Users\deniz\Desktop\Sky Go.lnk
2022-09-11 00:12 - 2022-06-11 00:16 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sky
2022-09-10 10:59 - 2019-09-03 22:38 - 000000000 ____D C:\ProgramData\Package Cache
2022-09-10 10:58 - 2020-12-18 18:24 - 000000000 ____D C:\Users\deniz
2022-09-10 09:56 - 2020-09-27 09:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-09 20:07 - 2021-09-08 15:22 - 000002464 _____ C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Remote Desktop.lnk
2022-09-09 20:07 - 2021-09-08 15:22 - 000000000 ____D C:\Users\deniz\AppData\Local\Apps\Remote Desktop
2022-09-08 14:50 - 2019-09-04 16:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-09-07 19:43 - 2019-09-04 06:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-09-07 14:04 - 2021-10-09 20:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-09-07 14:04 - 2019-09-04 06:53 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-09-07 09:31 - 2020-08-13 19:01 - 000002364 _____ C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-09-07 09:31 - 2020-08-13 19:01 - 000002356 _____ C:\Users\deniz\Desktop\Microsoft Teams.lnk
2022-09-07 06:51 - 2020-09-27 09:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-09-06 16:13 - 2020-12-18 21:36 - 000149631 ____H C:\Users\deniz\AppData\Local\IconCache.db.backup
2022-09-04 18:24 - 2020-12-17 10:22 - 000000000 ____D C:\Users\deniz\AppData\Roaming\WhatsApp
2022-09-03 21:35 - 2020-09-01 17:33 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-03 21:35 - 2020-09-01 17:33 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-03 00:13 - 2022-04-13 06:56 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-09-02 12:39 - 2022-04-11 16:49 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1798280388-614632519-694548969-1001
2022-09-02 12:39 - 2022-04-10 14:25 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-09-02 12:39 - 2022-04-10 14:25 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-01 14:45 - 2020-12-17 10:22 - 000000000 ____D C:\Users\deniz\AppData\Local\WhatsApp
2022-08-31 08:40 - 2020-08-02 18:55 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Bitwarden
2022-08-30 07:30 - 2020-12-18 18:29 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-30 07:30 - 2020-12-18 18:29 - 000003508 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-08-24 15:59 - 2021-09-24 07:41 - 000002227 _____ C:\Users\deniz\Desktop\Discord.lnk
2022-08-23 20:14 - 2022-03-29 10:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-08-23 20:14 - 2021-09-11 15:50 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-08-23 13:36 - 2020-12-18 18:29 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-08-23 07:41 - 2020-09-27 09:35 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-23 07:41 - 2020-09-27 09:35 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-18 21:34 - 2020-12-18 17:52 - 000000000 ___DC C:\WINDOWS\Panther
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-08-02 13:22 - 2021-08-19 11:16 - 000004294 _____ () C:\Users\deniz\AppData\Roaming\SpeedRunnersLog.txt
2020-10-14 20:26 - 2020-10-14 20:26 - 000000000 _____ () C:\Users\deniz\AppData\Local\oobelibMkey.log
2020-03-19 10:50 - 2020-03-19 10:50 - 000000837 _____ () C:\Users\deniz\AppData\Local\recently-used.xbel
2021-07-26 16:31 - 2021-07-26 16:31 - 000007605 _____ () C:\Users\deniz\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu PUP.optional.startfenster entfernen - vlc.de |
| administrator, avast, defender, dll, entfernen, firefox, geforce, google, installation, internet, microsoft, mozilla, nvcontainer, nvcontainer.exe, nvidia, ordner, prozesse, registry, rundll, software, svchost.exe, system, trojaner, updates, usb, windows, wmi |
Baum-Darstellung