Ergänzung zu meinem Post - siehe weiter unten - "Microsoft Edge öffnet nachts eigenständig Websites" von 17:42 Uhr
Log Datei GMER:
Code:
Alles auswählen Aufklappen ATTFilter
GMER 2.2.19882 - hxxp://www.gmer.net
3rd party scan 2023-12-23 17:30:30
Windows 6.2.9200 x64
Running: gmer.exe
---- Services - GMER 2.2 ----
Service C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Acrobat Update Service/21 CA1 SIGNED)(2023-09-21 03:11:14) [AUTO] AdobeARMservice
Service ADOVMPPackage
Service AMDKMDAG
Service amdkmdap
Service Atierecord
Service C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe (Avira Security/21 CA1 SIGNED)(2023-12-23 12:43:50) [AUTO] AviraFallbackUpdater
Service C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Avira Optimizer Host/21 CA1 SIGNED)(2023-12-23 12:43:58) [AUTO] AviraOptimizerHost
Service C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (VpnService/21 CA1 SIGNED)(2023-09-06 09:25:44) [AUTO] AviraPhantomVPN
Service C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (Avira Security/21 CA1 SIGNED)(2023-12-23 12:43:44) [AUTO] AviraSecurity
Service C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe (Avira Security/21 CA1 SIGNED)(2023-12-23 12:43:46) [AUTO] AviraSecurityUpdater
Service C:\Windows\system32\DRIVERS\BdNet.sys (Avira Network Filter/21 CA1 SIGNED)(2023-12-23 12:44:44) [BOOT] BdNet
Service C:\Windows\system32\DRIVERS\BdSentry.sys (Avira Sentry Driver/21 CA1 SIGNED)(2023-12-23 12:44:44) [SYSTEM] BdSentry
Service C:\Windows\System32\drivers\BthA2dp.sys (Bluetooth A2DP Driver/Microsoft Corporation)(2021-11-04 14:20:49) [MANUAL] BthA2dp
Service C:\Windows\System32\drivers\bthhfenum.sys (Bluetooth Hands-Free Audio and Call Control HID Enumerator/Microsoft Corporation)(2021-11-04 14:20:49) [MANUAL] BthHFEnum
Service C:\Windows\System32\drivers\bthmodem.sys (Bluetooth Communications Driver/Microsoft Corporation)(2021-06-05 12:04:43) [MANUAL] BTHMODEM
Service CoreUI
Service C:\Windows\system32\DRIVERS\ssudbus2.sys (SAMSUNG USB Composite Device Driver/21 CA1 SIGNED)(2023-11-10 17:24:30) [MANUAL] dg_ssudbus
Service C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe (Endpoint Protection Servic/Avira Operations Gmb SIGNED)(2023-12-23 12:44:44) [AUTO] EndpointProtectionService
Service C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe (Endpoint Protection Servic/Avira Operations Gmb SIGNED)(2023-12-23 12:44:44) [MANUAL] EndpointProtectionService2
Service C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe (Foxit PDF Reader Update Service/21 CA1 SIGNED)(2023-08-14 06:04:58) [AUTO] FoxitReaderUpdateService
Service C:\Program Files\Google\Chrome\Application\120.0.6099.129\elevation_service.exe (Google Chrome/21 CA1 SIGNED)(2023-12-21 08:15:48) [MANUAL] GoogleChromeElevationService
Service C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Installer/21 CA1 SIGNED)(2023-06-08 15:22:04) [AUTO] gupdate
Service C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Installer/21 CA1 SIGNED)(2023-06-08 15:22:04) [MANUAL] gupdatem
Service C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (21 CA1 SIGNED)(2023-07-19 01:50:05) [AUTO] HPPrintScanDoctorService
Service iaStorAV
Service napagent
Service NetbiosSmb
Service C:\Windows\System32\drivers\netprotection_network_filter.sys (Avira NetProtectionSDK WFP Driver./Avira Operations GmbH SIGNED)(2023-12-23 12:45:14) [SYSTEM] netprotection_network_filter
Service P9NP
Service RDMANDK
Service RDPUDD
Service Realtek
Service C:\Windows\system32\DRIVERS\rtp_filter.sys (Avira real-time protection filter drive/Avira Operations Gmb SIGNED)(2023-12-23 12:44:44) [SYSTEM] rtp_filter
Service C:\Windows\system32\DRIVERS\rtp_traverse.sys (Avira Driver for Data Travers/Avira Operations Gmb SIGNED)(2023-12-23 12:44:44) [SYSTEM] rtp_traverse
Service C:\Windows\system32\DRIVERS\ssudmdm.sys (SAMSUNG Android Modem Device Driver/21 CA1 SIGNED)(2023-11-10 17:24:30) [MANUAL] ssudmdm
Service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (MSS CS Connectivity Service/DEVGURU Co., LTD. SIGNED)(2023-11-10 17:24:35) [AUTO] ss_conn_service
Service C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (MSS CS Connectivity Service/CA - G2 SIGNED)(2023-11-10 17:24:35) [AUTO] ss_conn_service2
Service C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys (MSS CS Connectivity USB driver/21 CA1 SIGNED)(2023-11-10 17:24:30) [MANUAL] ss_conn_usb_driver2
Service C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (VPN Agent Service/Cisco Systems, Inc. SIGNED)(2023-04-28 21:32:56) [AUTO] vpnagent
Service C:\Windows\System32\drivers\vpnva64-6.sys (Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows/Cisco Systems, Inc. SIGNED)(2023-01-17 21:09:38) [MANUAL] vpnva
Service C:\Program Files\Windscribe\WindscribeService.exe (Manages the firewall and controls the VPN tunnel/Windscribe Limited SIGNED)(2023-08-20 10:35:14) [AUTO] WindscribeService
Service C:\Windows\system32\DRIVERS\WindscribeSplitTunnel.sys (21 CA1 SIGNED)(2023-08-20 10:35:14) [MANUAL] WindscribeSplitTunnel
Service C:\Windows\System32\drivers\WirelessButtonDriver64.sys (HP Wireless Button Driver/21 CA1 SIGNED)(2022-06-17 14:33:52) [MANUAL] WirelessButtonDriver64
Service workerdd
---- Registry - GMER 2.2 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\StillImage\Events\STIProxyEvent\{1EE5A00D-745A-4FBD-9A63-FF42BF5E5012}@Cmdline C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReader.exe (Foxit PDF Reader/21 CA1 SIGNED)(2023-08-14 07:28:06)
Reg HKLM\SYSTEM\CurrentControlSet\Services\AdobeARMservice@ImagePath C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Acrobat Update Service/21 CA1 SIGNED)(2023-09-21 03:11:14)
Reg HKLM\SYSTEM\CurrentControlSet\Services\AviraFallbackUpdater@ImagePath C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe (Avira Security/21 CA1 SIGNED)(2023-12-23 12:43:50)
Reg HKLM\SYSTEM\CurrentControlSet\Services\AviraOptimizerHost@ImagePath C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Avira Optimizer Host/21 CA1 SIGNED)(2023-12-23 12:43:58)
Reg HKLM\SYSTEM\CurrentControlSet\Services\AviraPhantomVPN@ImagePath C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (VpnService/21 CA1 SIGNED)(2023-09-06 09:25:44)
Reg HKLM\SYSTEM\CurrentControlSet\Services\AviraSecurity@ImagePath C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (Avira Security/21 CA1 SIGNED)(2023-12-23 12:43:44)
Reg HKLM\SYSTEM\CurrentControlSet\Services\AviraSecurity@FailureCommand C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe (Avira Security/21 CA1 SIGNED)(2023-12-23 12:43:44)
Reg HKLM\SYSTEM\CurrentControlSet\Services\AviraSecurityUpdater@ImagePath C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe (Avira Security/21 CA1 SIGNED)(2023-12-23 12:43:46)
Reg HKLM\SYSTEM\CurrentControlSet\Services\BdNet@ImagePath C:\Windows\system32\DRIVERS\BdNet.sys (Avira Network Filter/21 CA1 SIGNED)(2023-12-23 12:44:44)
Reg HKLM\SYSTEM\CurrentControlSet\Services\BdSentry@ImagePath C:\Windows\system32\DRIVERS\BdSentry.sys (Avira Sentry Driver/21 CA1 SIGNED)(2023-12-23 12:44:44)
Reg HKLM\SYSTEM\CurrentControlSet\Services\BthA2dp@ImagePath C:\Windows\System32\drivers\BthA2dp.sys (Bluetooth A2DP Driver/Microsoft Corporation)(2021-11-04 14:20:49)
Reg HKLM\SYSTEM\CurrentControlSet\Services\BthHFEnum@ImagePath C:\Windows\System32\drivers\bthhfenum.sys (Bluetooth Hands-Free Audio and Call Control HID Enumerator/Microsoft Corporation)(2021-11-04 14:20:49)
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHMODEM@ImagePath C:\Windows\System32\drivers\bthmodem.sys (Bluetooth Communications Driver/Microsoft Corporation)(2021-06-05 12:04:43)
Reg HKLM\SYSTEM\CurrentControlSet\Services\dg_ssudbus@ImagePath C:\Windows\system32\DRIVERS\ssudbus2.sys (SAMSUNG USB Composite Device Driver/21 CA1 SIGNED)(2023-11-10 17:24:30)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EndpointProtectionService@ImagePath C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe (Endpoint Protection Servic/Avira Operations Gmb SIGNED)(2023-12-23 12:44:44)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Chrome@CategoryMessageFile C:\Program Files\Google\Chrome\Application\120.0.6099.129\eventlog_provider.dll (Google Chrome/21 CA1 SIGNED)(2023-12-21 08:15:48)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acproxycon@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acproxycon@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpnagent@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpnagent@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpnapi@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpnapi@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpncli@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpncli@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpndownloader@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpndownloader@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpndownloader_major@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpndownloader_major@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpndownloader_minor@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpngina@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpngina@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpninstall@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpnmgmttun@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpnmgmttun@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpnplap@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpnplap@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpnui@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpnui@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpnva@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acvpnva@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acwebhelper@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acwebhelper@EventMessageFile C:\Windows\SysWOW64\vpnevents.dll (Cisco AnyConnect Secure Mobility Client Event Messages/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:40)
Reg HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Cisco AnyConnect Secure Mobility Client\acwebhelperplugin@CategoryMessageFile C:\Windows\SysWOW64\vpncategories.dll (Cisco AnyConnect VPN Client Event Categories/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:42)
Reg HKLM\SYSTEM\CurrentControlSet\Services\FoxitReaderUpdateService@ImagePath C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe (Foxit PDF Reader Update Service/21 CA1 SIGNED)(2023-08-14 06:04:58)
Reg HKLM\SYSTEM\CurrentControlSet\Services\GoogleChromeElevationService@ImagePath C:\Program Files\Google\Chrome\Application\120.0.6099.129\elevation_service.exe (Google Chrome/21 CA1 SIGNED)(2023-12-21 08:15:48)
Reg HKLM\SYSTEM\CurrentControlSet\Services\gupdate@ImagePath C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Installer/21 CA1 SIGNED)(2023-06-08 15:22:04)
Reg HKLM\SYSTEM\CurrentControlSet\Services\HPPrintScanDoctorService@ImagePath C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (21 CA1 SIGNED)(2023-07-19 01:50:05)
Reg HKLM\SYSTEM\CurrentControlSet\Services\netprotection_network_filter@ImagePath C:\Windows\System32\drivers\netprotection_network_filter.sys (Avira NetProtectionSDK WFP Driver./Avira Operations GmbH SIGNED)(2023-12-23 12:45:14)
Reg HKLM\SYSTEM\CurrentControlSet\Services\rtp_filter@ImagePath C:\Windows\system32\DRIVERS\rtp_filter.sys (Avira real-time protection filter drive/Avira Operations Gmb SIGNED)(2023-12-23 12:44:44)
Reg HKLM\SYSTEM\CurrentControlSet\Services\rtp_filter@ClientPath C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe (Endpoint Protection Servic/Avira Operations Gmb SIGNED)(2023-12-23 12:44:44)
Reg HKLM\SYSTEM\CurrentControlSet\Services\rtp_traverse@ImagePath C:\Windows\system32\DRIVERS\rtp_traverse.sys (Avira Driver for Data Travers/Avira Operations Gmb SIGNED)(2023-12-23 12:44:44)
Reg HKLM\SYSTEM\CurrentControlSet\Services\ssudmdm@ImagePath C:\Windows\system32\DRIVERS\ssudmdm.sys (SAMSUNG Android Modem Device Driver/21 CA1 SIGNED)(2023-11-10 17:24:30)
Reg HKLM\SYSTEM\CurrentControlSet\Services\ss_conn_service@ImagePath C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (MSS CS Connectivity Service/DEVGURU Co., LTD. SIGNED)(2023-11-10 17:24:35)
Reg HKLM\SYSTEM\CurrentControlSet\Services\ss_conn_service2@ImagePath C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (MSS CS Connectivity Service/CA - G2 SIGNED)(2023-11-10 17:24:35)
Reg HKLM\SYSTEM\CurrentControlSet\Services\ss_conn_usb_driver2@ImagePath C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys (MSS CS Connectivity USB driver/21 CA1 SIGNED)(2023-11-10 17:24:30)
Reg HKLM\SYSTEM\CurrentControlSet\Services\vpnagent@ImagePath C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (VPN Agent Service/Cisco Systems, Inc. SIGNED)(2023-04-28 21:32:56)
Reg HKLM\SYSTEM\CurrentControlSet\Services\vpnva@ImagePath C:\Windows\System32\drivers\vpnva64-6.sys (Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows/Cisco Systems, Inc. SIGNED)(2023-01-17 21:09:38)
Reg HKLM\SYSTEM\CurrentControlSet\Services\WindscribeService@ImagePath C:\Program Files\Windscribe\WindscribeService.exe (Manages the firewall and controls the VPN tunnel/Windscribe Limited SIGNED)(2023-08-20 10:35:14)
Reg HKLM\SYSTEM\CurrentControlSet\Services\WindscribeSplitTunnel@ImagePath C:\Windows\system32\DRIVERS\WindscribeSplitTunnel.sys (21 CA1 SIGNED)(2023-08-20 10:35:14)
Reg HKLM\SYSTEM\CurrentControlSet\Services\WirelessButtonDriver64@ImagePath C:\Windows\System32\drivers\WirelessButtonDriver64.sys (HP Wireless Button Driver/21 CA1 SIGNED)(2022-06-17 14:33:52)
Reg HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}@StubPath C:\Program Files\Google\Chrome\Application\120.0.6099.129\Installer\chrmstp.exe (Google Chrome Installer/21 CA1 SIGNED)(2023-12-21 08:15:48)
Reg HKLM\SOFTWARE\Microsoft\MsixRegistryCompatibility\Package\Microsoft.Paint_11.2310.42.0_x64__8wekyb3d8bbwe\User\SOFTWARE\Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\LocalServer32@ C:\Program Files\WindowsApps\Microsoft.Paint_11.2310.42.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe(2023-12-19 16:37:26)
Reg HKLM\SOFTWARE\Microsoft\Security Center\Provider\Av\{468991AE-F75E-72DE-2142-043C852BE961}@REPORTINGEXE C:\Program Files\Avira\Endpoint Protection SDK\wsc_agent.exe (Avira Real-time Protection SDK Update Agen/Avira Operations Gmb SIGNED)(2023-12-23 12:44:47)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Acrobat.exe@ C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AcrobatInfo.exe@ C:\Program Files\Adobe\Acrobat DC\Acrobat\AcrobatInfo.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe@ C:\Program Files\Google\Chrome\Application\chrome.exe (Google Chrome/21 CA1 SIGNED)(2023-06-08 15:22:35)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\firefox.exe@ C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation SIGNED)(2023-12-19 16:35:59)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FoxitPDFReader.exe@ C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReader.exe (Foxit PDF Reader/21 CA1 SIGNED)(2023-08-14 07:28:06)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\thunderbird.exe@ C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Thunderbird/Mozilla Corporation SIGNED)(2023-12-22 02:49:56)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles\%SystemRoot%/system32/DRIVERS/ssudbus2.sys@Source C:\Windows\System32\DriverStore\FileRepository\ssudbus.inf_amd64_76330fadf036c230\amd64\ssudbus2.sys (SAMSUNG USB Composite Device Driver/21 CA1 SIGNED)(2023-11-10 17:24:30)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles\%SystemRoot%/system32/DRIVERS/ssudmdm.sys@Source C:\Windows\System32\DriverStore\FileRepository\ssudmdm.inf_amd64_85ed24214db389b6\amd64\ssudmdm.sys (SAMSUNG Android Modem Device Driver/21 CA1 SIGNED)(2023-11-10 17:24:30)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles\%SystemRoot%/System32/drivers/ss_conn_usb_driver2.sys@Source C:\Windows\System32\DriverStore\FileRepository\ss_conn_usb_driver2.inf_amd64_2b21a2a8f9f2cfc4\amd64\ss_conn_usb_driver2.sys (MSS CS Connectivity USB driver/21 CA1 SIGNED)(2023-11-10 17:24:30)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles\%SystemRoot%/System32/drivers/vpnva64-6.sys@Source C:\Windows\System32\DriverStore\FileRepository\vpnva-6.inf_amd64_f73c5a339bf7c27d\vpnva64-6.sys (Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows/Cisco Systems, Inc. SIGNED)(2023-04-28 20:50:46)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles\%SystemRoot%/System32/drivers/WirelessButtonDriver64.sys@Source C:\Windows\System32\DriverStore\FileRepository\wirelessbuttondriver.inf_amd64_146ce0bbdaef69c6\WirelessButtonDriver64.sys (HP Wireless Button Driver/21 CA1 SIGNED)(2022-06-17 14:33:52)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CopyTrans HEIC for Windows_is1@UninstallString C:\Program Files\CopyTrans HEIC for Windows\unins000.exe (Setup/Uninstall/Ursa Minor Ltd SIGNED)(2023-12-01 14:20:30)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mein CEWE FOTOBUCH@UninstallString C:\Program Files\CEWE\Mein CEWE FOTOBUCH\uninstall.exe(2023-11-29 17:06:06)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mein CEWE FOTOBUCH@DisplayIcon C:\Program Files\CEWE\Mein CEWE FOTOBUCH\Mein CEWE FOTOBUCH.exe(2023-11-29 17:00:40)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 121.0 (x64 en-US)@DisplayIcon C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation SIGNED)(2023-12-19 16:35:59)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 121.0 (x64 en-US)@UninstallString C:\Program Files\Mozilla Firefox\uninstall\helper.exe (Firefox Helper/Mozilla Corporation SIGNED)(2023-12-19 16:35:59)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Thunderbird 115.6.0 (x64 en-US)@DisplayIcon C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Thunderbird/Mozilla Corporation SIGNED)(2023-12-22 02:49:56)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Thunderbird 115.6.0 (x64 en-US)@UninstallString C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe (Thunderbird Helper/Mozilla Corporation SIGNED)(2023-12-22 02:49:56)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\weh-iss-net.downloadhelper.coapp_is1@UninstallString C:\Program Files\net.downloadhelper.coapp\unins000.exe(2023-11-08 00:06:58)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1@UninstallString C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe (Endpoint Protection Servic/Avira Operations Gmb SIGNED)(2023-12-23 12:44:44)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}@UninstallString C:\Program Files (x86)\Samsung\USB Drivers\Uninstall.exe (SAMSUNG USB Drivers for Mobile Phones(x64)/21 CA1 SIGNED)(2023-11-10 17:24:37)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1@DisplayIcon C:\Program Files\Windscribe\Windscribe.exe (Windscribe/Windscribe Limited SIGNED)(2023-08-20 10:35:14)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1@UninstallString C:\Program Files\Windscribe\uninstall.exe (Setup/Uninstall/Windscribe Limited SIGNED)(2023-08-20 10:35:14)
Reg HKLM\SOFTWARE\Classes\acrobat\shell\open\command@ C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Classes\Applications\firefox.exe\shell\open\command@ C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation SIGNED)(2023-12-19 16:35:59)
Reg HKLM\SOFTWARE\Classes\Avira.Security\shell\open\command@ C:\Program Files (x86)\Avira\Security\Avira.Spotlight.UI.Application.exe (Avira Security/21 CA1 SIGNED)(2023-12-23 12:43:44)
Reg HKLM\SOFTWARE\Classes\bibfile\shell\open\command@ C:\Program Files (x86)\Citavi 6\Bin\Citavi.exe (Citavi/21 CA1 SIGNED)(2023-08-15 07:19:38)
Reg HKLM\SOFTWARE\Classes\ChromeHTML\Application@ApplicationIcon C:\Program Files\Google\Chrome\Application\chrome.exe (Google Chrome/21 CA1 SIGNED)(2023-06-08 15:22:35)
Reg HKLM\SOFTWARE\Classes\Citavi.cdm6\shell\open\command@ C:\Program Files (x86)\Citavi 6\Bin\Citavi DBServer Manager.exe (Citavi 6 DBServer Manager/21 CA1 SIGNED)(2023-08-15 07:19:38)
Reg HKLM\SOFTWARE\Classes\Citavi.ctv6\shell\open\command@ C:\Program Files (x86)\Citavi 6\Bin\Citavi.exe (Citavi/21 CA1 SIGNED)(2023-08-15 07:19:38)
Reg HKLM\SOFTWARE\Classes\CLSID\{00000001-3DCC-4B48-A82E-E2071FE58E05}\InProcServer32@ C:\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll (Avira Antimalware Scan Interface/21 CA1 SIGNED)(2023-12-23 12:44:41)
Reg HKLM\SOFTWARE\Classes\CLSID\{123FCDEB-862C-41BE-A256-19CFF2CA2F44}\LocalServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Classes\CLSID\{12BA069D-0FC6-4577-97C6-5DF634CE6E84}\InProcServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\ViewerPS.dll (Acrobat Viewer ProxyStub Library/21 CA1 SIGNED)(2023-06-14 20:40:30)
Reg HKLM\SOFTWARE\Classes\CLSID\{13C3C803-0CEF-4AE1-AF81-B73DD04BCAB5}\InProcServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\adobeafp.dll (Adobe Acrobat File Preview/21 CA1 SIGNED)(2023-09-06 23:36:42)
Reg HKLM\SOFTWARE\Classes\CLSID\{17F2E344-8227-4AA7-A25A-E89424566BBA}\InProcServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroBroker.exe (Adobe PDF Broker Process for Internet Explorer/21 CA1 SIGNED)(2023-09-06 23:36:46)
Reg HKLM\SOFTWARE\Classes\CLSID\{1814CEEB-49E2-407F-AF99-FA755A7D2607}\InProcServer32@ C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll (Mozilla Foundation SIGNED)(2023-12-19 16:35:59)
Reg HKLM\SOFTWARE\Classes\CLSID\{1BFA8EF7-4C47-4FA8-94AA-3F9DFDBE58C5}\LocalServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Classes\CLSID\{29F458BE-8866-11D5-A3DD-00B0D0F3BAA7}\LocalServer32@ C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Thunderbird/Mozilla Corporation SIGNED)(2023-12-22 02:49:56)
Reg HKLM\SOFTWARE\Classes\CLSID\{2b9aa930-a500-485b-a159-a988e701ed78}\InprocServer32@ C:\Program Files\CopyTrans HEIC for Windows\CopyTransHEICforWindows.dll (Ursa Minor Ltd SIGNED)(2023-12-01 14:17:30)
Reg HKLM\SOFTWARE\Classes\CLSID\{2EAF0840-690A-101B-9CA8-9240CE2738AE}\LocalServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Classes\CLSID\{37FB52DA-F779-408D-B505-3F83CFBBFC20}\InprocHandler32@ C:\Program Files (x86)\Google\Update\1.3.36.352\psmachine_64.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:08)
Reg HKLM\SOFTWARE\Classes\CLSID\{453161A5-1E23-4C83-B41B-1C6F1911F312}\InprocServer32@ C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\FoxitPDFReaderBrowserAx64.dll (21 CA1 SIGNED)(2023-08-14 06:01:02)
Reg HKLM\SOFTWARE\Classes\CLSID\{4A22008F-71EC-4200-ABB0-33F9AA90543F}\InProcServer32@ C:\Program Files\Mozilla Firefox\notificationserver.dll (Mozilla Foundation SIGNED)(2023-12-19 16:35:59)
Reg HKLM\SOFTWARE\Classes\CLSID\{6365D39F-2E73-4837-BC59-2014AAA20FA7}\InProcServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\psmachine_64.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:08)
Reg HKLM\SOFTWARE\Classes\CLSID\{6D12C400-4E34-101B-9CA8-9240CE2738AE}\LocalServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Classes\CLSID\{6EDCD38E-8861-11D5-A3DD-00B0D0F3BAA7}\InProcServer32@ C:\Program Files\Mozilla Thunderbird\MapiProxy_InUse.dll (Mozilla.org SIGNED)(2023-12-22 02:49:56)
Reg HKLM\SOFTWARE\Classes\CLSID\{72498821-3203-101B-B02E-04021C009402}\LocalServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Classes\CLSID\{86E29874-F020-44C8-9E45-D360CC872BBC}\InprocServer32@ C:\Program Files\CopyTrans HEIC for Windows\CopyTransHEICforWindows.dll (Ursa Minor Ltd SIGNED)(2023-12-01 14:17:30)
Reg HKLM\SOFTWARE\Classes\CLSID\{9A9F603B-51A8-4630-AE99-4BBF01675575}\InprocServer32@ C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\FoxitPDFReaderBrowserAx64.dll (21 CA1 SIGNED)(2023-08-14 06:01:02)
Reg HKLM\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\psmachine_64.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:08)
Reg HKLM\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32@ C:\Program Files\Google\Chrome\Application\120.0.6099.129\notification_helper.exe (Google Chrome/21 CA1 SIGNED)(2023-12-21 08:15:48)
Reg HKLM\SOFTWARE\Classes\CLSID\{B801CA65-A1FC-11D0-85AD-444553540000}\LocalServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Classes\CLSID\{B8E661E9-A6D5-463D-9EF3-0434D51AEA3B}@LocalizedString C:\Program Files\Windscribe\ws_com.dll(2023-08-20 10:35:14)
Reg HKLM\SOFTWARE\Classes\CLSID\{B8E661E9-A6D5-463D-9EF3-0434D51AEA3B}\InProcServer32@ C:\Program Files\Windscribe\ws_proxy_stub.dll(2023-08-20 10:35:14)
Reg HKLM\SOFTWARE\Classes\CLSID\{B8E661E9-A6D5-463D-9EF3-0434D51AEA3B}\LocalServer32@ C:\Program Files\Windscribe\ws_com_server.exe(2023-08-20 10:35:14)
Reg HKLM\SOFTWARE\Classes\CLSID\{BD57A9B2-4E7D-4892-9107-9F4106472DA4}\LocalServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroBroker.exe (Adobe PDF Broker Process for Internet Explorer/21 CA1 SIGNED)(2023-09-06 23:36:46)
Reg HKLM\SOFTWARE\Classes\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}\InprocServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\plug_ins\Accessibility.api (Adobe Acrobat Accessibility Plug-in/21 CA1 SIGNED)(2023-10-09 19:50:50)
Reg HKLM\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\psmachine_64.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:08)
Reg HKLM\SOFTWARE\Classes\CLSID\{CA8A9780-280D-11CF-A24D-444553540000}\InprocServer32@ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF64.dll (PDF Browser Control/21 CA1 SIGNED)(2023-08-01 05:57:12)
Reg HKLM\SOFTWARE\Classes\CLSID\{D86D3661-4F11-4a9a-AD85-772A52AE6D69}\InprocServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\adobeafp.dll (Adobe Acrobat File Preview/21 CA1 SIGNED)(2023-09-06 23:36:42)
Reg HKLM\SOFTWARE\Classes\CLSID\{DC6EFB56-9CFA-464D-8880-44885D7DC193}@DisplayName C:\Program Files\Adobe\Acrobat DC\Acrobat\pdfprevhndlr.dll (Adobe PDF Preview Handler/21 CA1 SIGNED)(2023-06-14 20:40:30)
Reg HKLM\SOFTWARE\Classes\CLSID\{F0B4F6AD-5E09-4CB1-B763-EC390CBDE51D}\InprocServer32@ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDFImpl64.dll (PDF Browser Control/21 CA1 SIGNED)(2023-09-06 23:36:46)
Reg HKLM\SOFTWARE\Classes\CLSID\{FD2C8897-2BE8-459c-B8E4-0D2FCFD341F0}\InprocServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\adobeafp.dll (Adobe Acrobat File Preview/21 CA1 SIGNED)(2023-09-06 23:36:42)
Reg HKLM\SOFTWARE\Classes\CLSID\{FF76CB60-2E68-101B-B02E-04021C009402}\LocalServer32@ C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Classes\endnotefile\shell\open\command@ C:\Program Files (x86)\Citavi 6\Bin\Citavi.exe (Citavi/21 CA1 SIGNED)(2023-08-15 07:19:38)
Reg HKLM\SOFTWARE\Classes\FirefoxHTML-308046B0AF4A39CB\shell\open\command@ C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation SIGNED)(2023-12-19 16:35:59)
Reg HKLM\SOFTWARE\Classes\FormsCentral.fcdt\shell\Open\command@ C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Classes\FoxitPDFReader\Shell\Open\Command@ C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReader.exe (Foxit PDF Reader/21 CA1 SIGNED)(2023-08-14 07:28:06)
Reg HKLM\SOFTWARE\Classes\Installer\Products\4135AF478C58A2E409D79DCECC7B077A@ProductIcon C:\Windows\Installer\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\ARPPRODUCTICON.exe (InstallShield/Flexera Software LLC)(2023-11-10 17:23:49)
Reg HKLM\SOFTWARE\Classes\Installer\Products\540133A64FF89CB4C9655E39CAEA822C@ProductIcon C:\Windows\Installer\{6A331045-8FF4-4BC9-9C56-E593ACAE28C2}\ARPPRODUCTICON.exe (InstallShield/Flexera Software, Inc.)(2023-07-11 16:40:20)
Reg HKLM\SOFTWARE\Classes\Installer\Products\68AB67CA330133017706CB5110E47A00@ProductIcon C:\Windows\Installer\{AC76BA86-1033-1033-7760-BC15014EA700}\_SC_Acrobat.ico (InstallShield/Flexera Software LLC)(2023-07-06 15:00:00)
Reg HKLM\SOFTWARE\Classes\launchreader\shell\open\command@ C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Classes\mcf-pbf-file\shell\Mein CEWE FOTOBUCH.exe\command@ C:\Program Files\CEWE\Mein CEWE FOTOBUCH\Mein CEWE FOTOBUCH.exe(2023-11-29 17:00:40)
Reg HKLM\SOFTWARE\Classes\OvidSP File\shell\open\command@ C:\Program Files (x86)\Citavi 6\Bin\Citavi.exe (Citavi/21 CA1 SIGNED)(2023-08-15 07:19:38)
Reg HKLM\SOFTWARE\Classes\SOFTWARE\Adobe\Acrobat\Exe@ C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Acrobat /21 CA1 SIGNED)(2023-11-05 03:48:06)
Reg HKLM\SOFTWARE\Classes\Thunderbird.Url.mailto\shell\open\command@ C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Thunderbird/Mozilla Corporation SIGNED)(2023-12-22 02:49:56)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{00000001-3DCC-4B48-A82E-E2071FE58E05}\InProcServer32@ C:\Program Files\Avira\Endpoint Protection SDK\amsi\Win32\avamsi.dll (Avira Antimalware Scan Interface/21 CA1 SIGNED)(2023-12-23 12:44:41)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{24DA047B-40C0-4018-841B-6B7409F730FC}\InprocServer32@ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll (PDF Browser Control/21 CA1 SIGNED)(2023-08-01 05:57:12)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{25461599-633D-42B1-84FB-7CD68D026E53}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleUpdateOnDemand.exe (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:09)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{2b9aa930-a500-485b-a159-a988e701ed78}\InprocServer32@ C:\Program Files (x86)\CopyTrans HEIC for Windows\CopyTransHEICforWindows.dll (Ursa Minor Ltd SIGNED)(2023-12-01 14:17:30)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{37FB52DA-F779-408D-B505-3F83CFBBFC20}\InprocHandler32@ C:\Program Files (x86)\Google\Update\1.3.36.352\psmachine.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:08)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{453161A5-1E23-4C83-B41B-1C6F1911F312}\InprocServer32@ C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\FoxitPDFReaderBrowserAx.dll (21 CA1 SIGNED)(2023-08-14 05:58:26)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{521FDB42-7130-4806-822A-FC5163FAD983}@LocalizedString C:\Program Files (x86)\Google\Update\1.3.36.352\goopdate.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:56:56)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{521FDB42-7130-4806-822A-FC5163FAD983}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleUpdateBroker.exe (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:09)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{548A1F06-AECE-4506-8ABB-5E3D3A99B67B}\InProcServer32@ C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnapi.dll (AnyConnect Secure Mobility Client VPN API/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:24)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{54D85801-93A9-4057-B56E-FD345BC138B9}\InProcServer32@ C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\pddomproxy.dll (Foxit PDF Library/21 CA1 SIGNED)(2023-08-14 05:57:28)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{598FE0E5-E02D-465D-9A9D-37974A28FD42}@LocalizedString C:\Program Files (x86)\Google\Update\1.3.36.352\goopdate.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:56:56)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{598FE0E5-E02D-465D-9A9D-37974A28FD42}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleUpdateOnDemand.exe (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:09)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{6365D39F-2E73-4837-BC59-2014AAA20FA7}\InProcServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\psmachine.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:08)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}\InProcServer32@ C:\Windows\SysWow64\secman.dll (Security Manager Component for Microsoft Outlook allows to turn off and on Outlook Object Model Security Guard/MAPILab Ltd. & Add-in Express Ltd. SIGNED)(2023-11-10 17:23:51)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{6F8BD55B-E83D-4A47-85BE-81FFA8057A69}@LocalizedString C:\Program Files (x86)\Google\Update\1.3.36.352\goopdate.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:56:56)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{6F8BD55B-E83D-4A47-85BE-81FFA8057A69}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleUpdateBroker.exe (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:09)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{74A13FDD-9BCF-4229-9CAB-0079A5E17A25}\InprocServer32@ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDFImpl.dll (PDF Browser Control/21 CA1 SIGNED)(2023-09-06 23:36:46)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{7DE94008-8AFD-4C70-9728-C6FBFFF6A73E}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleUpdateBroker.exe (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:09)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}\InprocServer32@ C:\Windows\SysWow64\secman.dll (Security Manager Component for Microsoft Outlook allows to turn off and on Outlook Object Model Security Guard/MAPILab Ltd. & Add-in Express Ltd. SIGNED)(2023-11-10 17:23:51)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{86E29874-F020-44C8-9E45-D360CC872BBC}\InprocServer32@ C:\Program Files (x86)\CopyTrans HEIC for Windows\CopyTransHEICforWindows.dll (Ursa Minor Ltd SIGNED)(2023-12-01 14:17:30)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{8A1D4361-2C08-4700-A351-3EAA9CBFF5E4}@LocalizedString C:\Program Files (x86)\Google\Update\1.3.36.352\goopdate.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:56:56)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{8A1D4361-2C08-4700-A351-3EAA9CBFF5E4}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleUpdateBroker.exe (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:09)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{9A9F603B-51A8-4630-AE99-4BBF01675575}\InprocServer32@ C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\FoxitPDFReaderBrowserAx.dll (21 CA1 SIGNED)(2023-08-14 05:58:26)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{9B2340A0-4068-43D6-B404-32E27217859D}@LocalizedString C:\Program Files (x86)\Google\Update\1.3.36.352\goopdate.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:56:56)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{9B2340A0-4068-43D6-B404-32E27217859D}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleUpdateOnDemand.exe (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:09)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\psmachine.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:08)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{ABC01078-F197-4B0B-ADBC-CFE684B39C82}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleUpdateOnDemand.exe (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:09)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{ADDF22CF-3E9B-4CD7-9139-8169EA6636E4}@LocalizedString C:\Program Files (x86)\Google\Update\1.3.36.352\goopdate.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:56:56)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{ADDF22CF-3E9B-4CD7-9139-8169EA6636E4}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleUpdateOnDemand.exe (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:09)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{B3D28DBD-0DFA-40E4-8071-520767BADC7E}@LocalizedString C:\Program Files (x86)\Google\Update\1.3.36.352\goopdate.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:56:56)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{B3D28DBD-0DFA-40E4-8071-520767BADC7E}\LocalServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleUpdateOnDemand.exe (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:09)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{C15C0F4F-DDFB-4591-AD53-C9A71C9C15C0}\InprocServer32@ C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnapi.dll (AnyConnect Secure Mobility Client VPN API/Cisco Systems, Inc. SIGNED)(2023-04-28 21:33:24)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32@ C:\Program Files (x86)\Google\Update\1.3.36.352\psmachine.dll (Google Update/21 CA1 SIGNED)(2023-12-07 09:57:08)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{CA8A9780-280D-11CF-A24D-444553540000}\InprocServer32@ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll (PDF Browser Control/21 CA1 SIGNED)(2023-08-01 05:57:12)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{DC6EFB56-9CFA-464D-8880-44885D7DC193}@DisplayName C:\Program Files\Adobe\Acrobat DC\Acrobat\pdfprevhndlr.dll (Adobe PDF Preview Handler/21 CA1 SIGNED)(2023-06-14 20:40:30)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{EE5A151A-AD2A-4CEE-AD65-228B59F5B4AD}\InProcServer32@ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll (PDF Browser Control/21 CA1 SIGNED)(2023-08-01 05:57:12)
Reg HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{F0B4F6AD-5E09-4CB1-B763-EC390CBDE51D}\InprocServer32@ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDFImpl.dll (PDF Browser Control/21 CA1 SIGNED)(2023-09-06 23:36:46)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\App Paths\mspaint.exe@ C:\Program Files\WindowsApps\Microsoft.Paint_11.2310.42.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe(2023-12-19 16:37:26)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\App Paths\notepad.exe@ C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2310.13.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe(2023-12-02 07:03:25)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\App Paths\SnippingTool.exe@ C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2310.54.0_x64__8wekyb3d8bbwe\SnippingTool\SnippingTool.exe(2023-12-02 07:03:24)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\App Paths\WindowsPackageManagerServer.exe@ C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.21.3482.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe(2023-12-21 19:29:08)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\App Paths\winget.exe@ C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.21.3482.0_x64__8wekyb3d8bbwe\winget.exe(2023-12-21 19:29:08)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Run@org.whispersystems.signal-desktop C:\Users\PC\AppData\Local\Programs\signal-desktop\Signal.exe (Signal/2 SIGNED)(2023-07-10 15:25:35)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Run@Windscribe C:\Program Files\Windscribe\Windscribe.exe (Windscribe/Windscribe Limited SIGNED)(2023-08-20 10:35:14)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\1182e88030ca76f34631fe25fe5c9c71@UninstallString C:\Program Files\Google\Chrome\Application\chrome.exe (Google Chrome/21 CA1 SIGNED)(2023-06-08 15:22:35)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\7d96caee-06e6-597c-9f2f-c7bb2e0948b4@UninstallString C:\Users\PC\AppData\Local\Programs\signal-desktop\Uninstall Signal.exe (Private messaging from your desktop/2 SIGNED)(2023-11-30 02:40:22)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\7d96caee-06e6-597c-9f2f-c7bb2e0948b4@DisplayIcon C:\Users\PC\AppData\Local\Programs\signal-desktop\Signal.exe (Signal/2 SIGNED)(2023-07-10 15:25:35)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\b2a229ee517bba9f648c7093450bc695@UninstallString C:\Program Files\Google\Chrome\Application\chrome.exe (Google Chrome/21 CA1 SIGNED)(2023-06-08 15:22:35)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZoomUMX@DisplayIcon C:\Users\PC\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Meetings/21 CA1 SIGNED)(2023-12-05 15:29:57)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZoomUMX@UninstallString C:\Users\PC\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Installer/21 CA1 SIGNED)(2023-12-05 15:30:03)
---- Files - GMER 2.2 ----
File C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ec0rkfhe.default-release\storage\default\https+++mail.google.com\cache\context_open.marker 0 bytes
---- EOF - GMER 2.2 ----
23.12.2023, 17:39
Baum-Darstellung