WIN_XP X86 Service Pack 3
Running from G:\

HKLM\..\Winlogon; Shell = Explorer.exe [ Microsoft Corporation ]
.
.
.
HKCU\..\Winlogon; Shell not found
.


[System Process]
System
smss.exe
csrss.exe
winlogon.exe
services.exe
lsass.exe
svchost.exe
svchost.exe
svchost.exe
cmd.exe
srep.exe


HKLM\..\Run [Hcontrol] = C:\WINDOWS\ATK0100\Hcontrol.exe
HKLM\..\Run [Apoint] = C:\Programme\Apoint\Apoint.exe
HKLM\..\Run [ATIPTA] = C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
HKLM\..\Run [Mouse Suite 98 Daemon] = ICO.EXE
HKLM\..\Run [Alcmtr] = ALCMTR.EXE
HKLM\..\Run [BluetoothAuthenticationAgent] = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\..\Run [SonyPowerCfg] = C:\Programme\Sony\VAIO Power Management\SPMgr.exe
HKLM\..\Run [ISBMgr.exe] = C:\Programme\Sony\ISB Utility\ISBMgr.exe
HKLM\..\Run [Switcher.exe] = C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe
HKLM\..\Run [PDService.exe] = C:\Programme\Utimaco\SafeGuard PrivateDisk\pdservice.exe
HKLM\..\Run [VAIO Update 3] = "C:\Programme\Sony\VAIO Update 3\VAIOUpdt.exe"  /Stationary
HKLM\..\Run [GrooveMonitor] = "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\..\Run [SSBkgdUpdate] = "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
HKLM\..\Run [PaperPort PTD] = C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
HKLM\..\Run [IndexSearch] = C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
HKLM\..\Run [avast] = "C:\Programme\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\..\Run [DATAMNGR] = C:\PROGRA~1\WI83E4~1\Datamngr\DATAMN~1.EXE

HKCU\..\Run [CTFMON.EXE] = C:\WINDOWS\system32\ctfmon.exe
HKCU\..\Run [Yahoo! Pager] = C:\Programme\Yahoo!\Messenger\ypager.exe -quiet
HKCU\..\Run [H/PC Connection Agent] = "C:\Programme\Microsoft ActiveSync\wcescomm.exe"
HKCU\..\Run [MSMSGS] = "C:\Programme\Messenger\msmsgs.exe" /background
HKCU\..\Run [swg] = "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

HKU\.DEFAULT\..\Winlogon; Shell = 
HKU\S-1-5-20\..\Winlogon; Shell = 
HKU\S-1-5-20_Classes\..\Winlogon; Shell = 
HKU\S-1-5-21-2877037635-212772918-547547808-1005\..\Winlogon; Shell = 
HKU\S-1-5-21-2877037635-212772918-547547808-1005_Classes\..\Winlogon; Shell = 
HKU\S-1-5-18\..\Winlogon; Shell = 

HKU\.DEFAULT\..\Run [CTFMON.EXE] = C:\WINDOWS\system32\CTFMON.EXE
HKU\.DEFAULT\..\Run [DWQueuedReporting] = "C:\PROGRA~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" -t
HKU\S-1-5-20\..\Run [CTFMON.EXE] = C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-21-2877037635-212772918-547547808-1005\..\Run [CTFMON.EXE] = C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-21-2877037635-212772918-547547808-1005\..\Run [Yahoo! Pager] = C:\Programme\Yahoo!\Messenger\ypager.exe -quiet
HKU\S-1-5-21-2877037635-212772918-547547808-1005\..\Run [H/PC Connection Agent] = "C:\Programme\Microsoft ActiveSync\wcescomm.exe"
HKU\S-1-5-21-2877037635-212772918-547547808-1005\..\Run [MSMSGS] = "C:\Programme\Messenger\msmsgs.exe" /background
HKU\S-1-5-21-2877037635-212772918-547547808-1005\..\Run [swg] = "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-18\..\Run [CTFMON.EXE] = C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-18\..\Run [DWQueuedReporting] = "C:\PROGRA~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" -t

==== FINISH 01.12-19.14 ====